[SECURITY] Fedora 9 Update: phpMyAdmin-3.2.0.1-1.fc9
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jul 3 19:42:36 UTC 2009
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-7337
2009-07-03 18:38:28
--------------------------------------------------------------------------------
Name : phpMyAdmin
Product : Fedora 9
Version : 3.2.0.1
Release : 1.fc9
URL : http://www.phpmyadmin.net/
Summary : Web based MySQL browser written in php
Description :
phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the Web. Currently it can create and drop databases,
create/drop/alter tables, delete/edit/add fields, execute any SQL statement,
manage keys on fields, manage privileges,export data into various formats and
is available in 50 languages
--------------------------------------------------------------------------------
Update Information:
The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient
output sanitizing in bookmarks This version contains a number of small new
features and some bug fixes: - [core] better support for vendor customisation
(based on what Debian needs) - [rfe] warn when session.gc_maxlifetime is less
than cookie validity - [rfe] configurable default charset for import - [rfe]
link to InnoDB status when error 150 occurs - [rfe] strip ` from column names
on import - [rfe] LeftFrameDBSeparator can be an array - [privileges] Extra
back reference when editing table-specific privileges - [display] Sortable
database columns - [lang] Wrong string in setup script hints - [cleanup] XHTML
cleanup, - [display] Possibility of disabling the sliders - [privileges]
Create user for existing database - [privileges] Cleanup - [auth]
AllowNoPasswordRoot error message is too vague - [XHTML] View table
headers/footers completely - [core] support column name having square brackets
- [lang] Lithuanian update - [auth] New setting AllowNoPassword (supercedes
AllowNoPasswordRoot) that applies to all accounts (even the anonymous user) -
[relation] Missing code with hashing for relationship editing - [rfe] Added
option to disable mcrypt warning. - [bug] Request-URI Too Large error from
Location header - [rfe] Check for relations support on main page. - [rfe]
Explanation for using Host table. - [rfe] Link to download more themes. -
[rfe] Add option to generate password on change password page. - [rfe] Allow
logging of user status with Apache. - [patch] None default is different than
other None in some languages. - [lang] Chinese Simplified update - [display]
Sort arrows problem - [security] warn about existence of config directory on
main page - [lang] Polish update - [export] Escape new line in CSV export -
[patch] Optimizations for PHP loops - [import] SQL_MODE not saved during
Partial Import - [auth] cache control missing (PHP-CGI) - [parser] Incorrect
parsing of constraints in ALTER TABLE - [status] Server status - replication -
[edit] Multi-row change with "]" improved - [rfe] Automatically copy generated
password - [interface] Table with name 'log_views' is incorrectly displayed as
a view - [patch] Detect mcrypt initialization failure - [lang] Galician update
- [lang] Swedish update - [lang] Norwegian update - [lang] Catalan update -
[lang] Finnish update - [lang] Hungarian update
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 30 2009 Robert Scheck <robert at fedoraproject.org> 3.2.0.1-1
- Upstream released 3.2.0.1 (#508879)
* Tue Jun 30 2009 Robert Scheck <robert at fedoraproject.org> 3.2.0-1
- Upstream released 3.2.0
* Fri May 15 2009 Robert Scheck <robert at fedoraproject.org> 3.1.5-1
- Upstream released 3.1.5
* Sat Apr 25 2009 Robert Scheck <robert at fedoraproject.org> 3.1.4-1
- Upstream released 3.1.4
* Tue Apr 14 2009 Robert Scheck <robert at fedoraproject.org> 3.1.3.2-1
- Upstream released 3.1.3.2 (#495768)
* Wed Mar 25 2009 Robert Scheck <robert at fedoraproject.org> 3.1.3.1-1
- Upstream released 3.1.3.1 (#492066)
* Sun Mar 1 2009 Robert Scheck <robert at fedoraproject.org> 3.1.3-1
- Upstream released 3.1.3
* Mon Feb 23 2009 Robert Scheck <robert at fedoraproject.org> 3.1.2-2
- Rebuilt against rpm 4.6
* Tue Jan 20 2009 Robert Scheck <robert at fedoraproject.org> 3.1.2-1
- Upstream released 3.1.2
* Thu Dec 11 2008 Robert Scheck <robert at fedoraproject.org> 3.1.1-1
- Upstream released 3.1.1 (#475954)
* Sat Nov 29 2008 Robert Scheck <robert at fedoraproject.org> 3.1.0-1
- Upstream released 3.1.0
- Replaced LocationMatch with Directory directive (#469451)
* Thu Oct 30 2008 Robert Scheck <robert at fedoraproject.org> 3.0.1.1-1
- Upstream released 3.0.1.1 (#468974)
* Wed Oct 22 2008 Robert Scheck <robert at fedoraproject.org> 3.0.1-1
- Upstream released 3.0.1
* Sun Oct 19 2008 Robert Scheck <robert at fedoraproject.org> 3.0.0-1
- Upstream released 3.0.0
* Mon Sep 22 2008 Robert Scheck <robert at fedoraproject.org> 2.11.9.2-1
- Upstream released 2.11.9.2 (#463260)
* Tue Sep 16 2008 Robert Scheck <robert at fedoraproject.org> 2.11.9.1-1
- Upstream released 2.11.9.1 (#462430)
* Fri Aug 29 2008 Robert Scheck <robert at fedoraproject.org> 2.11.9-1
- Upstream released 2.11.9
* Mon Jul 28 2008 Robert Scheck <robert at fedoraproject.org> 2.11.8.1-1
- Upstream released 2.11.8.1 (#456637, #456950)
* Mon Jul 28 2008 Robert Scheck <robert at fedoraproject.org> 2.11.8-1
- Upstream released 2.11.8 (#456637)
* Tue Jul 15 2008 Robert Scheck <robert at fedoraproject.org> 2.11.7.1-1
- Upstream released 2.11.7.1 (#455520)
* Mon Jun 23 2008 Robert Scheck <robert at fedoraproject.org> 2.11.7-1
- Upstream released 2.11.7 (#452497)
* Tue Apr 29 2008 Robert Scheck <robert at fedoraproject.org> 2.11.6-1
- Upstream released 2.11.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #508879 - phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5)
https://bugzilla.redhat.com/show_bug.cgi?id=508879
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update phpMyAdmin' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list