CVS commit: pkgsrc/databases/phpmyadmin

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/databases/phpmyadmin
From: Matthias Scheler <tron%netbsd.org@localhost>
Date: Thu, 17 Jul 2008 15:55:16 +0000 (UTC)

Module Name:    pkgsrc
Committed By:   tron
Date:           Thu Jul 17 15:55:16 UTC 2008

Modified Files:
        pkgsrc/databases/phpmyadmin: Makefile distinfo

Log Message:
Updatep "phpmyadmin" package to version 2.11.7.1. Changes since 2.11.7:
- bug #1908719 [interface] New field cannot be auto-increment and
  primary key
- [dbi] Incorrect interpretation for some mysqli field flags
- bug #1910621 [display] part 1: do not display a TEXT utf8_bin
  as BLOB (fixed for mysqli extension only)
- [interface] sanitize the after_field parameter,
  thanks to Norman Hippert
- [structure] do not remove the BINARY attribute in drop-down
- bug #1955386 [session] Overriding session.hash_bits_per_character
- [interface] sanitize the table comments in table print view,
  thanks to Norman Hippert
- bug #1939031 Auto_Increment selected for TimeStamp by Default
- patch #1957998 [display] No tilde for InnoDB row counter when
  we know it for sure, thanks to Vladyslav Bakayev - dandy76
- bug #1955572 [display] alt text causes duplicated strings
- bug #1762029 [interface] Cannot upload BLOB into existing row
- bug #1981043 [export] HTML in exports getting corrupted,
  thanks to Jason Judge - jasonjudge
- bug #1936761 [interface] BINARY not treated as BLOB:
  update/delete issues
- protection against XSS when register_globals is on and .htaccess
  has no effect, thanks to Tim Starling
- bug #1996943 [export] Firefox 3 and .sql.gz (corrupted);
  detect Gecko 1.9, thanks to Juergen Wind
- (2.11.7.1)  [security] XSRF/CSRF by manipulating the db,
  convcharset and collation_connection parameters,
  thanks to YGN Ethical Hacker Group

This update fixes the security vulnerability reported in PMASA-2008-5.


To generate a diff of this commit:
cvs rdiff -r1.72 -r1.73 pkgsrc/databases/phpmyadmin/Makefile
cvs rdiff -r1.35 -r1.36 pkgsrc/databases/phpmyadmin/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/converters/p5-Convert-UUlib
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/converters/p5-Convert-UUlib
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index