pkgsrc/databases/phpmyadmin/distinfo, branch pkgsrc

pkgsrc/databases/phpmyadmin/distinfo, branch pkgsrc_2013Q2 [no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2013Q2 2013-08-04T18:35:06Z Pullup ticket #4191 - requested by tron 2013-08-04T18:35:06Z spz spz 2013-08-04T18:35:06Z urn:sha1:c00f309feaed51434771a4af552decc16d0c82bf databases/phpmyadmin: security update Revisions pulled up: - databases/phpmyadmin/Makefile 1.117 - databases/phpmyadmin/PLIST 1.33 - databases/phpmyadmin/distinfo 1.74 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Mon Jul 29 20:01:02 UTC 2013 Modified Files: pkgsrc/databases/phpmyadmin: Makefile PLIST distinfo Log Message: Update "phpmyadmin" package to version 3.5.8.2. Changes since 3.5.8.1: - [security] Fix self-XSS in "Showing rows", see PMASA-2013-8 - [security] Fix self-XSS in Display chart, see PMASA-2013-9 - [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 - [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 - [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2= 013-9 + [security] JSON content type header for version_check.php, see PMASA-2013= -9 + [security] Backport fix for jQuery issue #9521 from jQuery 1.6.3, see PMA= SA-2013-9 + [security] Fix full path disclosure, see PMASA-2013-12 + [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-= 15 + [security] Fix control user SQL injection in schema_export.php, see PMASA= -2013-15 - [security] Fix self-XSS in schema export, see PMASA-2013-14 - [security] Fix unencoded json object, see PMASA-2013-11 To generate a diff of this commit: cvs rdiff -u -r1.116 -r1.117 pkgsrc/databases/phpmyadmin/Makefile cvs rdiff -u -r1.32 -r1.33 pkgsrc/databases/phpmyadmin/PLIST cvs rdiff -u -r1.73 -r1.74 pkgsrc/databases/phpmyadmin/distinfo Update "phpmyadmin" package to version 3.5.8.1. Changes since 3.5.8: 2013-04-24T20:06:02Z tron tron 2013-04-24T20:06:02Z urn:sha1:41de5d3389b9e741732e971ae5d94233fa0edb56 - [security] Remote code execution (preg_replace), reported by Janek Vind (see PMASA-2013-2) - [security] Locally Saved SQL Dump File Multiple File Extension Remote Code Execution, reported by Janek Vind (see PMASA-2013-3) Update "phpmyadmin" package to version 3.5.8. Changes since 3.5.7: 2013-04-09T07:07:04Z tron tron 2013-04-09T07:07:04Z urn:sha1:e53579f9f8e8d0dbafcdec8bfc2560b15566fab7 - bug #3828 MariaDB reported as MySQL - bug #3854 Incorrect header for Safari 6.0 - bug #3705 Attempt to open trigger for edit gives NULL - Use HTML5 DOCTYPE - [security] Self-XSS on GIS visualisation page, reported by Janek Vind - bug #3800 Incorrect keyhandler behaviour #2 Update "phpmyadmin" package to version 3.5.7. Changes since 3.5.6: 2013-02-18T19:01:37Z tron tron 2013-02-18T19:01:37Z urn:sha1:233336758424426757955c1dbd885fb559a8e6d1 - bug #3779 [core] Problem with backslash in enum fields - bug #3816 Missing server_processlist.php - bug #3821 Safari: white page - Correct detection of the Chrome browser Update "phpmyadmin" package to version 3.5.6. Changes since 3.5.5: 2013-02-13T19:03:56Z tron tron 2013-02-13T19:03:56Z urn:sha1:c0e1ac7a9b4bac7a9fcba8688eeee7c6e7c28b75 - bug #3593604 [status] Erroneous advisor rule - bug #3596070 [status] localStorage broken in server status monitor - bug #3598736 [routines] Editing a procedure with special characters - bug #3600322 [core] Visualize GIS data throws Fatal Error - bug #3599362 [core] Double-escaped error message - bug #3776 [cookies] Login without auth on second server Update "phpmyadmin" package to version 3.5.5. Changes since 3.5.4: 2012-12-22T10:31:31Z tron tron 2012-12-22T10:31:31Z urn:sha1:572b532ba8751084c4bfa5994fe918e463cecb3b - bug #3563824 [export] Support Apache's mod_deflate - bug #3585523 [interface] Inline query editing broken after row update - bug #3586389 [setup] Cannot switch language in /setup - bug #3585695 [CSS] Font size in inline query editor is way too big - bug #3588354 [l10n] Portuguese Language not displaying correctly - bug #3591412 [status] Live charts don't work for non-default server - bug [core] Proxy ajax calls to pma.net to avoid browser notices - bug #3593534 [tracking] Structure Snapshot on tracked view renders invalid SQL - bug #3544366 [events] Event comments not saved Approved by Thomas Klausner. Update "phpmyadmin" package to version 3.5.4. Changes since 3.5.3: 2012-11-18T13:57:59Z tron tron 2012-11-18T13:57:59Z urn:sha1:3ca7bfb6e8bde37844266b9a3309c6927872839a - bug #3570212 [edit] uuid_short() is a no-arguments function - bug #3569577 [edit] Add routine parameter headers not valid for "function" - bug #3575799 [search] Various search operators not working as expected - bug #3576322 [search] Invalid select query generated for tables with ENUM fields - bug #3577468 [display] Incorrect imagejpeg Syntax Breaks Image Transformation - bug #3578776 [search] Editing SQL not possible when no records found - bug #3571970 [interface] Display chart and number of rows to plot - bug #3582631 [core] Wrong redirect url caused cookies error with ForceSSL Update "phpmyadmin" package to version 3.5.3. Changes since 3.5.2.2: 2012-10-17T18:35:06Z tron tron 2012-10-17T18:35:06Z urn:sha1:df66386c56a1bb07eb59c210de278836b2582114 - bug #3539044 [interface] Browse mode "Show" button gives blank page if no results anymore - bug #3534979 [interface] Copy Database Ajax feedback vanishes long before copying is done - bug #3527531 [interface] GC-maxlifetime warning incorrectly displayed - bug #3526916 [interface] Search fails with JS error when tooltips disabled - bug #3544366 [interface] Event comments not saved - bug #3549084 [edit] Can't enter date directly when editing inline - bug #3548491 [interface] Inline query editor doesn't work from search results - bug #3547825 [edit] BLOB download no longer works - bug #3541966 [config] Error in generated configuration arrray - bug #3553551 [GUI] Invalid HTML code in multi submits confirmation form - [interface] Designer sometimes places tables on the top menu - bug #3546277 [core] Call to undefined function __() when config file has wrong permissions - bug #3540922 [edit] Error searching table with many fields - bug #3555104 [edit] Cannot copy a DB with table & views - bug #3559925 [privileges] Incorrect updating of the list of users - bug #3561224 [edit] cell edit date field with empty date fills in current date - bug #3559955 [edit] current_date from function drop down fails on update - bug #3562472 add support for Solaris and FreeBSD system load and memory display in server status - bug #3553068 [import] Table import from XML file fails - replace Highcharts with jqplot for Display chart - bug #3567684 [edit] Pasting value doesn't clear null checkbox - bug #3570786 [edit] Datepicker for date and datetime fields is broken Update checksum of patch-libraries_vendor_config.php for previous commit. 2012-08-29T17:38:39Z dholland dholland 2012-08-29T17:38:39Z urn:sha1:5818afe22e930f1374aed64c266e52fecad9843e Improve setup and configuration file handling: 2012-08-27T17:11:34Z tron tron 2012-08-27T17:11:34Z urn:sha1:afa09af50324e2385b755a0dd73ab52f16326c96 1.) Install PHP script in the "setup" directory. 2.) Use Vendor override to set the location of the configuration file. It is now possible to use phpMyAdmin's setup for configuration. Based on a suggestion by Peter Avalos in private e-mail.