pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/databases/phpmyadmin Update phpmyadmin to 4.6.4.
details: https://anonhg.NetBSD.org/pkgsrc/rev/59a6b33fd115
branches: trunk
changeset: 351615:59a6b33fd115
user: taca <taca%pkgsrc.org@localhost>
date: Tue Aug 23 15:53:14 2016 +0000
description:
Update phpmyadmin to 4.6.4.
pkgsrc changes:
* Overhaul Makefile.
- Remove use of INSTALL_DIRS and simplify install process.
- Utilize pkgsrc SUBST_*.
- Stop other pkglint warninggs.
* Drop some dot files from installation.
Quote from Changes:
4.6.4 (2016-08-16)
- issue [security] Weaknesses with cookie encryption, see PMASA-2016-29
- issue [security] Improve session cookie code for openid.php and signon.php example files
- issue [security] Full path disclosure in openid.php and signon.php example files
- issue [security] Multiple XSS vulnerabilities, see PMASA-2016-30
- issue [security] Multiple XSS vulnerabilities, see PMASA-2016-31
- issue [security] Unsafe generation of BlowfishSecret (when not supplied by the user)
- issue [security] Referrer leak when phpinfo is enabled
- issue [security] PHP code injection, see PMASA-2016-32
- issue [security] Full path disclosure, see PMASA-2016-33
- issue [security] SQL injection attack, see PMASA-2016-34
- issue [security] Local file exposure through LOAD DATA LOCAL INFILE, see PMASA-2016-35
- issue [security] Local file exposure through symlinks with UploadDir, see PMASA-2016-36
- issue [security] Path traversal with SaveDir and UploadDir, see PMASA-2016-37
- issue [security] Multiple XSS vulnerabilities, see PMASA-2016-38
- issue [security] SQL injection vulnerability as control user, see PMASA-2016-39
- issue [security] SQL injection vulnerability, see PMASA-2016-40
- issue [security] Denial-of-service attack through transformation feature, see PMASA-2016-41
- issue [security] SQL injection vulnerability as control user, see PMASA-2016-42
- issue [security] Verify data before unserializing, see PMASA-2016-43
- issue [security] Use HTTPS for wiki links
- issue Remove Swekey support
- issue [security] SSRF in setup script, see PMASA-2016-44
- issue [security] Denial-of-service attack with $cfg['AllowArbitraryServer'] = true and persistent connections, see PMASA-2016-45
- issue [security] Improve SSL certificate handling
- issue [security] Fix full path disclosure in debugging code
- issue [security] Possible circumvention of IP-based allow/deny rules with IPv6 and proxy server, see PMASA-2016-47
- issue [security] Detect if user is logged in, see PMASA-2016-48
- issue [security] Bypass URL redirection protection, see PMASA-2016-49
- issue [security] Referrer leak, see PMASA-2016-50
- issue [security] Reflected File Download, see PMASA-2016-51
- issue [security] ArbitraryServerRegexp bypass, see PMASA-2016-52
- issue [security] Denial-of-service attack by entering long password, see PMASA-2016-53
- issue [security] Remote code execution vulnerability when running as CGI, see PMASA-2016-054
- issue [security] Administrators could trigger SQL injection attack against users
- issue [security] Denial-of-service attack when PHP uses dbase extension, see PMASA-2016-55
- issue [security] Remove tode execution vulnerability when PHP uses dbase extension, see PMASA-2016-56
- issue [security] Denial-of-service attack by using for loops, see PMASA-2016-46
- issue Include X-Robots-Tag header in responses
- issue Enforce numeric field length when creating table
- issue Fixed invalid Content-Length in some HTTP responses
- issue #12394 Create view should require a view name
- issue #12391 Message with 'Change password successfully' displayed, but does not take effect
- issue Tighten control on PHP sessions and session cookies
- issue #12409 Re-enable overhead on server databases view
- issue #12414 Fixed rendering of Original theme
- issue #12413 Fixed deleting users in non English locales
- issue #12416 Fixed replication status output in Databases listing
- issue #12303 Avoid typecasting to float when not needed
- issue #12425 Duplicate message variable names in messages.inc.php
- issue #12399 Adding index to table shows wrong top navigation
- issue #12424 Fixed password change on MariaDB without auth plugin
- issue #12339 Do not error on unset server port
- issue #12422 Improvements to the original theme
- issue #12395 Do not try to load old transformation plugins
- issue #12423 Fixed replication status in database listing
- issue #12433 Copy table with prefix does not copy the indexes
- issue #12375 Search in database: Window content is not scrolling down when clicking first time on Browse link
- issue #12346 SQL Editor textareas can have their size increased from the top, distorting the page view
diffstat:
databases/phpmyadmin/MESSAGE | 6 +-
databases/phpmyadmin/Makefile | 103 +++-----
databases/phpmyadmin/PLIST | 327 +++++++++++++++++++++++++++-
databases/phpmyadmin/distinfo | 10 +-
databases/phpmyadmin/files/phpmyadmin.conf | 12 +-
5 files changed, 376 insertions(+), 82 deletions(-)
diffs (truncated from 640 to 300 lines):
diff -r a51ae966c969 -r 59a6b33fd115 databases/phpmyadmin/MESSAGE
--- a/databases/phpmyadmin/MESSAGE Tue Aug 23 14:49:23 2016 +0000
+++ b/databases/phpmyadmin/MESSAGE Tue Aug 23 15:53:14 2016 +0000
@@ -1,5 +1,5 @@
===========================================================================
-$NetBSD: MESSAGE,v 1.13 2011/12/26 16:38:29 tron Exp $
+$NetBSD: MESSAGE,v 1.14 2016/08/23 15:53:14 taca Exp $
Do *not* edit "${CONF_INC_PHP}" to customize
this package because it is a link which will removed during upgrades.
@@ -9,11 +9,11 @@
If you are running Apache and ap-php, then you can add the following line
to httpd.conf:
- Include ${EXDIR}/apache.conf
+ Include ${PKG_SYSCONFDIR}/apache.conf
to make phpMyAdmin accessible through:
- http://www.domain.com/phpmyadmin/
+ http://www.example.com/phpmyadmin/
If you are setting up phpmyadmin for the first time you will need to
comment out the configuration block in your apache.conf which denies
diff -r a51ae966c969 -r 59a6b33fd115 databases/phpmyadmin/Makefile
--- a/databases/phpmyadmin/Makefile Tue Aug 23 14:49:23 2016 +0000
+++ b/databases/phpmyadmin/Makefile Tue Aug 23 15:53:14 2016 +0000
@@ -1,21 +1,16 @@
-# $NetBSD: Makefile,v 1.149 2016/08/08 09:04:26 nils Exp $
-
-# When updating this package, please check there is no
-# new INSTALL_DIRS to add. Remember pkg/51364 ;)
+# $NetBSD: Makefile,v 1.150 2016/08/23 15:53:14 taca Exp $
-DISTNAME= phpMyAdmin-${DIST_VERSION}-all-languages
-PKGNAME= phpmyadmin-${DIST_VERSION:S/-//}
+DISTNAME= phpMyAdmin-4.6.4-all-languages
+PKGNAME= ${DISTNAME:S/-all-languages//:tl}
CATEGORIES= databases www
-MASTER_SITES= https://files.phpmyadmin.net/phpMyAdmin/${DIST_VERSION}/
+MASTER_SITES= https://files.phpmyadmin.net/phpMyAdmin/${PKGVERSION_NOREV}/
EXTRACT_SUFX= .tar.xz
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
HOMEPAGE= http://www.phpmyadmin.net/
COMMENT= Set of PHP-scripts to adminstrate MySQL over the WWW
LICENSE= gnu-gpl-v2
-PKGREVISION= 1
-USE_TOOLS+= pax bash
DEPENDS+= ${PHP_PKG_PREFIX}-bz2>=5.3.0:../../archivers/php-bz2
DEPENDS+= ${PHP_PKG_PREFIX}-zip>=5.3.0:../../archivers/php-zip
DEPENDS+= ${PHP_PKG_PREFIX}-zlib>=5.3.0:../../archivers/php-zlib
@@ -26,25 +21,27 @@
DEPENDS+= ${PHP_PKG_PREFIX}-mcrypt>=5.3.0:../../security/php-mcrypt
DEPENDS+= ${PHP_PKG_PREFIX}-json>=5.3.0:../../textproc/php-json
+USE_TOOLS+= pax
+
FILES_SUBST+= APACHE_GROUP=${APACHE_GROUP} APACHE_USER=${APACHE_USER}
FILES_SUBST+= PMSETUPDIR=${PMSETUPDIR} PMSETUPFILE=${PMSETUPFILE}
-PLIST_SUBST+= DIST_VERSION=${DIST_VERSION:Q}
-MESSAGE_SUBST+= CONF_INC_PHP=${CONF_INC_PHP} PMCONFFILE=${PMCONFFILE:Q} \
- EXDIR=${EXDIR:Q}
+MESSAGE_SUBST+= CONF_INC_PHP=${CONF_INC_PHP} PMCONFFILE=${PMCONFFILE}
CONF_INC_PHP= ${PREFIX}/share/phpmyadmin/config.inc.php
-DIST_VERSION= 4.6.3
-DOC_FILES= ChangeLog LICENSE README RELEASE-DATE-${DIST_VERSION} \
- CONTRIBUTING.md DCO
+DOC_FILES= CONTRIBUTING.md ChangeLog DCO LICENSE README \
+ RELEASE-DATE-${PKGVERSION_NOREV}
+
+.include "../../mk/bsd.prefs.mk"
APACHE_USER?= www
APACHE_GROUP?= www
+
PKG_GROUPS= ${APACHE_GROUP}
PKG_USERS= ${APACHE_USER}:${APACHE_GROUP}
-BUILD_DEFS+= APACHE_USER APACHE_GROUP
+BUILD_DEFS+= APACHE_USER APACHE_GROUP VARBASE
-PKG_USERS_VARS+= APACHE_USER
-PKG_GROUPS_VARS+= APACHE_GROUP
+PKG_USERS_VARS= APACHE_USER
+PKG_GROUPS_VARS= APACHE_GROUP
EXDIR= ${PREFIX}/share/examples/phpmyadmin
PMCONFFILE= ${PKG_SYSCONFDIR}/config.inc.php
@@ -52,63 +49,49 @@
PMSETUPFILE= ${PMSETUPDIR}/config.inc.php
PMDIR= ${PREFIX}/share/phpmyadmin
-PKG_SYSCONFSUBDIR?= phpmyadmin
+CONF_FILES+= ${EXDIR}/apache.conf ${PKG_SYSCONFDIR}/apache.conf
+
+SRCS= *.css *.ico *.php *.txt doc/html js libraries locale setup \
+ sql templates test themes
+
+PKG_SYSCONFSUBDIR= phpmyadmin
NO_BUILD= yes
-CHECK_INTERPRETER_SKIP+= share/phpmyadmin/config.inc.php
+CHECK_INTERPRETER_SKIP= share/phpmyadmin/test/install-runkit
+
+SUBST_CLASSES+= paths
+SUBST_FILES.paths+= ${WRKDIR}/phpmyadmin.conf
+SUBST_FILES.paths+= ${WRKSRC}/libraries/vendor_config.php
+SUBST_SED.paths+= -e "s|@PMDIR@|${PMDIR}|g"
+SUBST_SED.paths+= -e 's|@@PMSETUPFILE@@|${PMSETUPFILE}|g'
+SUBST_STAGE.paths= post-configure
INSTALLATION_DIRS+= ${PREFIX}/share/doc/phpmyadmin \
${PREFIX}/share/examples/phpmyadmin \
- ${PMDIR} ${PMDIR}/scripts
+ ${PMDIR}/doc ${PMDIR}/scripts
-INSTALL_DIRS= doc/html
-INSTALL_DIRS+= js
-INSTALL_DIRS+= libraries
-INSTALL_DIRS+= locale
-INSTALL_DIRS+= setup
-INSTALL_DIRS+= templates
-INSTALL_DIRS+= themes
-
-.for dir in $(INSTALL_DIRS)
-INSTALLATION_DIRS+= ${PMDIR}/${dir}
-.endfor
-
-REPLACE_INTERPRETER+= bash
-REPLACE.bash.old= .*sh[^ ]*
-REPLACE.bash.new= ${TOOLS_PATH.bash}
-REPLACE_FILES.bash= ${WRKSRC}/libraries/plugins/transformations/*.sh
+post-extract:
+ ${CP} ${FILESDIR}/phpmyadmin.conf ${WRKDIR}
do-configure:
- ${SED} -e "s|@PMDIR@|${PMDIR}|g" ${FILESDIR}/phpmyadmin.conf \
- >${WRKDIR}/phpmyadmin.conf
- cd ${WRKSRC}/libraries; \
- ${SED} -e "s#@@PMSETUPFILE@@#${PMSETUPFILE}#" vendor_config.php \
- >vendor_config.php.pkgsrc
+ cd ${WRKSRC}/libraries; \
+ ${MV} ${WRKSRC}/config.sample.inc.php ${WRKDIR}/config.inc.php
+
+pre-install:
+ cd ${WRKSRC}; \
+ ${FIND} . -type f \( -name .buildinfo -o -name .jshintrc -o -name '*.orig' \) -exec ${RM} -f -- {} \;
do-install:
- ${INSTALL_DATA} ${WRKSRC}/*.css ${DESTDIR}${PMDIR}
- ${INSTALL_DATA} ${WRKSRC}/*.ico ${DESTDIR}${PMDIR}
- ${INSTALL_DATA} ${WRKSRC}/*.php ${DESTDIR}${PMDIR}
- ${INSTALL_DATA} ${WRKSRC}/*.txt ${DESTDIR}${PMDIR}
-
- ${MV} ${DESTDIR}${PREFIX}/share/phpmyadmin/config.sample.inc.php \
- ${DESTDIR}${EXDIR}/config.inc.php
+ cd ${WRKSRC} && pax -rw ${SRCS} ${DESTDIR}${PMDIR}
+ ${INSTALL_DATA} ${WRKDIR}/config.inc.php ${DESTDIR}${EXDIR}
${INSTALL_DATA} ${WRKSRC}/examples/* ${DESTDIR}${EXDIR}
${LN} -fs ${EXDIR} ${DESTDIR}${PREFIX}/share/phpmyadmin/examples
- ${RM} -f ${WRKSRC}/libraries/vendor_config.php.orig
-
- for dir in ${INSTALL_DIRS}; do \
- cd ${WRKSRC}/$$dir && \
- pax -rw -pmp . ${DESTDIR}${PMDIR}/$$dir; \
- done
-
cd ${WRKSRC} && \
- ${INSTALL_DATA} ${DOC_FILES} ${DESTDIR}${PREFIX}/share/doc/phpmyadmin
+ ${INSTALL_DATA} ${DOC_FILES} \
+ ${DESTDIR}${PREFIX}/share/doc/phpmyadmin
${INSTALL_DATA} ${WRKDIR}/phpmyadmin.conf ${DESTDIR}${EXDIR}/apache.conf
- ${LN} -s ${PMCONFFILE} ${DESTDIR}${CONF_INC_PHP}
- cd ${DESTDIR}${PREFIX}/share/phpmyadmin/libraries; \
- ${MV} -f vendor_config.php.pkgsrc vendor_config.php
+ ${LN} -fs ${PMCONFFILE} ${DESTDIR}${CONF_INC_PHP}
.include "../../lang/php/phpversion.mk"
.include "../../mk/bsd.pkg.mk"
diff -r a51ae966c969 -r 59a6b33fd115 databases/phpmyadmin/PLIST
--- a/databases/phpmyadmin/PLIST Tue Aug 23 14:49:23 2016 +0000
+++ b/databases/phpmyadmin/PLIST Tue Aug 23 15:53:14 2016 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.43 2016/08/08 09:04:26 nils Exp $
+@comment $NetBSD: PLIST,v 1.44 2016/08/23 15:53:14 taca Exp $
share/doc/phpmyadmin/CONTRIBUTING.md
share/doc/phpmyadmin/ChangeLog
share/doc/phpmyadmin/DCO
@@ -11,7 +11,6 @@
share/examples/phpmyadmin/openid.php
share/examples/phpmyadmin/signon-script.php
share/examples/phpmyadmin/signon.php
-share/examples/phpmyadmin/swekey.sample.conf
share/phpmyadmin/browse_foreigners.php
share/phpmyadmin/changelog.php
share/phpmyadmin/chk_rel.php
@@ -32,7 +31,7 @@
share/phpmyadmin/db_structure.php
share/phpmyadmin/db_tracking.php
share/phpmyadmin/db_triggers.php
-share/phpmyadmin/doc/html/.buildinfo
+share/phpmyadmin/doc/html/_images/usergroups.png
share/phpmyadmin/doc/html/_sources/config.txt
share/phpmyadmin/doc/html/_sources/copyright.txt
share/phpmyadmin/doc/html/_sources/credits.txt
@@ -161,7 +160,6 @@
share/phpmyadmin/js/jquery/jquery.uitablefilter.js
share/phpmyadmin/js/jquery/jquery.validate.js
share/phpmyadmin/js/jquery/src/README
-share/phpmyadmin/js/jquery/src/jquery-ui/.jshintrc
share/phpmyadmin/js/jquery/src/jquery-ui/accordion.js
share/phpmyadmin/js/jquery/src/jquery-ui/autocomplete.js
share/phpmyadmin/js/jquery/src/jquery-ui/button.js
@@ -199,7 +197,6 @@
share/phpmyadmin/js/jquery/src/jquery-ui/tabs.js
share/phpmyadmin/js/jquery/src/jquery-ui/tooltip.js
share/phpmyadmin/js/jquery/src/jquery-ui/widget.js
-share/phpmyadmin/js/jquery/src/jquery/.jshintrc
share/phpmyadmin/js/jquery/src/jquery/ajax.js
share/phpmyadmin/js/jquery/src/jquery/ajax/jsonp.js
share/phpmyadmin/js/jquery/src/jquery/ajax/load.js
@@ -945,16 +942,14 @@
share/phpmyadmin/libraries/plugins/auth/recaptcha/LICENSE
share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/ReCaptcha.php
share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod.php
+share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/Curl.php
+share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/CurlPost.php
share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/Post.php
share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/Socket.php
share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/RequestMethod/SocketPost.php
share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/RequestParameters.php
share/phpmyadmin/libraries/plugins/auth/recaptcha/ReCaptcha/Response.php
share/phpmyadmin/libraries/plugins/auth/recaptcha/autoload.php
-share/phpmyadmin/libraries/plugins/auth/swekey/authentication.inc.php
-share/phpmyadmin/libraries/plugins/auth/swekey/musbe-ca.crt
-share/phpmyadmin/libraries/plugins/auth/swekey/swekey.auth.lib.php
-share/phpmyadmin/libraries/plugins/auth/swekey/swekey.php
share/phpmyadmin/libraries/plugins/export/ExportCodegen.php
share/phpmyadmin/libraries/plugins/export/ExportCsv.php
share/phpmyadmin/libraries/plugins/export/ExportExcel.php
@@ -1036,8 +1031,6 @@
share/phpmyadmin/libraries/plugins/transformations/abs/TextFileUploadTransformationsPlugin.php
share/phpmyadmin/libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
share/phpmyadmin/libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
-share/phpmyadmin/libraries/plugins/transformations/generator_main_class.sh
-share/phpmyadmin/libraries/plugins/transformations/generator_plugin.sh
share/phpmyadmin/libraries/plugins/transformations/input/Image_JPEG_Upload.php
share/phpmyadmin/libraries/plugins/transformations/input/Text_Plain_FileUpload.php
share/phpmyadmin/libraries/plugins/transformations/input/Text_Plain_Iptobinary.php
@@ -1263,7 +1256,6 @@
share/phpmyadmin/logout.php
share/phpmyadmin/navigation.php
share/phpmyadmin/normalization.php
-share/phpmyadmin/phpinfo.php
share/phpmyadmin/phpmyadmin.css.php
share/phpmyadmin/prefs_forms.php
share/phpmyadmin/prefs_manage.php
@@ -1305,6 +1297,9 @@
share/phpmyadmin/setup/validate.php
share/phpmyadmin/show_config_errors.php
share/phpmyadmin/sql.php
+share/phpmyadmin/sql/create_tables.sql
+share/phpmyadmin/sql/upgrade_column_info_4_3_0+.sql
+share/phpmyadmin/sql/upgrade_tables_mysql_4_1_2+.sql
share/phpmyadmin/tbl_addfield.php
share/phpmyadmin/tbl_change.php
share/phpmyadmin/tbl_chart.php
@@ -1452,6 +1447,313 @@
share/phpmyadmin/templates/test/set_helper.phtml
share/phpmyadmin/templates/test/static.phtml
share/phpmyadmin/templates/test/trim.phtml
+share/phpmyadmin/test/.htaccess
+share/phpmyadmin/test/AllSeleniumTests.php
+share/phpmyadmin/test/Environment_test.php
+share/phpmyadmin/test/PMATestCase.php
+share/phpmyadmin/test/README.rst
+share/phpmyadmin/test/bootstrap-dist.php
+share/phpmyadmin/test/classes/AdvisorTest.php
+share/phpmyadmin/test/classes/ConfigGeneratorTest.php
+share/phpmyadmin/test/classes/ConfigTest.php
+share/phpmyadmin/test/classes/DatabaseInterfaceTest.php
+share/phpmyadmin/test/classes/DbQbeTest.php
+share/phpmyadmin/test/classes/DbSearchTest.php
+share/phpmyadmin/test/classes/DisplayResultsTest.php
+share/phpmyadmin/test/classes/ErrorHandlerTest.php
+share/phpmyadmin/test/classes/ErrorTest.php
+share/phpmyadmin/test/classes/FileTest.php
+share/phpmyadmin/test/classes/FontTest.php
+share/phpmyadmin/test/classes/FooterTest.php
+share/phpmyadmin/test/classes/HeaderTest.php
+share/phpmyadmin/test/classes/IndexTest.php
+share/phpmyadmin/test/classes/LanguageTest.php
+share/phpmyadmin/test/classes/LinterTest.php
+share/phpmyadmin/test/classes/ListDatabaseTest.php
+share/phpmyadmin/test/classes/MenuTest.php
+share/phpmyadmin/test/classes/MessageTest.php
+share/phpmyadmin/test/classes/PDFTest.php
Home |
Main Index |
Thread Index |
Old Index