A ports freeze means that commits will be few and far between and only by approval.

Number of commits found: 98

- Use explicit mysql 5

PR:             128889
Reported by:    Till Klampaeckel <till@php.net>
Approved by:    maintainer

Update to 3.0.1.1.

Submitted by:   maintainer
Security:       85b0bbc8-a7a5-11dd-8283-001c2514716c

- Update to 3.0.1

PR:             128321
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Add missing dependency

PR:             128137
Submitted by:   Yi-Huan Chan <yhchan@csie.nctu.edu.tw>
Approved by:    maintainer

- Update to 3.0.0

PR:             127880
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.11.9.2

PR:             127548
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:      
http://www.vuxml.org/freebsd/150e4548-8950-11dd-a6fe-0030843d3802.html

- Update to 2.11.9.1

Security Update:
        A point release to close a code execution vulnerability. This bug
        allows a remote user logged in to the phpmyadmin web application to
        run arbitrary shell commands with the credentials of the web
        server.

PR:             127417
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Approved by:    portmgr (pav)
Security:      
http://www.vuxml.org/freebsd/74bf1594-8493-11dd-bb64-0030843d3802.html

- Update to 2.11.9

PR:             126933
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.11.8.1

PR:             126044
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.11.8-rc1

PR:             125951
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.11.7.1

PR:             125650
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:      
http://www.vuxml.org/freebsd/35e54755-54e4-11dd-ad8b-0030843d3802.html

- Update to 2.11.7

PR:             124900
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:      
http://www.vuxml.org/freebsd/e285a1f4-4568-11dd-ae96-0030843d3802.html

- Update to 2.11.6

PR:             123228
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Force commit to notes that's a Security update

- Update to 2.11.5.2
- Use the ${PW} variable

PR:             123004
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:      
http://www.vuxml.org/freebsd/6eb1dc51-1244-11dd-bab7-0016179b2dd5.html
               
http://www.vuxml.org/freebsd/fe971a0f-1246-11dd-bab7-0016179b2dd5.html

- Update to 2.11.5.2
- Use the ${PW} variable

PR:             123004
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk>

- Update to 2.11.5, a bugfix-only version containing a security fix.

PR:             ports/121266
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:      
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1

Changes:

* When installed using WITH_SUPHP use a fix username/UID from
/usr/ports/UIDs. There's no equivalent /usr/ports/GIDs entry
because it defaults to group 'www'.

* Consequently change the default username from phpmyadm to _pma
  and add an entry to /usr/ports/UIDs:

_pma:*:336:80:phpMyAdmin Owner:/nonexistent:/sbin/nologin

* Use the standard $WWWDIR for PLIST_SUB and SUB_LIST, instead of
  rolling my own equivalent.

* Various internal code changes and clean-up

* Bump PORTREVISION

Note: the changes here mostly affect compilation with WITH_SUPHP
defined. If you're not a suPHP user, then there's very little
ultimately that has changed.

PR:             119825
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.11.4

PR:             119599
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.11.3

PR:             ports/118500
Submitted by:   Matthew Seaman <m.seaman at infracaninophile.co.uk> (maintainer)

- Update to 2.11.2.2

PR:             118169
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Approved by:    portmgr (erwin)
Security:      
http://www.vuxml.org/freebsd/15485ae8-9848-11dc-9e48-0016179b2dd5.html

- Update to 2.11.2.1

PR:             117974
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Approved by:    portmgr (erwin)
Security:      
http://www.vuxml.org/freebsd/2d2dcbb4-906c-11dc-a951-0016179b2dd5.html

- Update to 2.11.2

PR:             117663
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.11.1.2

PR:             117353
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:      
http://www.vuxml.org/freebsd/498a8731-7cfc-11dc-96e6-0012f06707f0.html

- Update 2.11.1.1

PR:             117232
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:      
http://www.vuxml.org/freebsd/51b51d4a-7c0f-11dc-9e47-0011d861d5e2.html

- Update to 2.11.1

PR:             ports/116490
Submitted by:   Matthew Seaman <m.seaman at infracaninophile.co.uk> (maintainer)

Routine update of phpmyadmin to version 2.11.0

>From the announce message:

    The phpMyAdmin Project is proud to announce the immediate
    availability of phpMyAdmin 2.11.0, which will probably be the last
    series supporting PHP 4.

    This version supports creating VIEWs from query results and can
    manage triggers, procedures and functions. It also supports MySQL
    5.0.37 query profiling and has an improved interface for servers
    hosting thousands of databases and tables.

    For the full announcement, see:

   
http://sourceforge.net/mailarchive/message.php?msg_name=46CB572E.7020200%40cegepsherbrooke.qc.ca

    Full release notes can be found in either of these places:

    https://sourceforge.net/project/shownotes.php?release_id=533830
    http://www.phpmyadmin.net/ChangeLog.txt

PR:             ports/115707
Submitted by:   maintainer (Matthew Seaman)

- Remove the DESTDIR modifications from individual ports as we have a new,
  fully chrooted DESTDIR, which does not need such any more.

Sponsored by:   Google Summer of Code 2007
Approved by:    portmgr (pav)

- Update to 2.10.3

PR:             ports/114771
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.10.2

PR:             ports/113717
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Welcome X.org 7.2 \o/.
- Set X11BASE to ${LOCALBASE} for recent ${OSVERSION}.
- Bump PORTREVISION for ports intalling files in ${X11BASE}.

- Update to version 2.10.1

This is a bugfix only release, including fixing some security bugs. No
more details than that have yet been released.

ChangeLog is at:

https://sourceforge.net/project/shownotes.php?release_id=503361

PR:             ports/112065
Submitted by:   maintainer (Matthew Seaman)

Yay! Another update. And it's only the 3rd in four days. Just for a
change, this is a security thing.

http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3

From the announce message:

Hi,
The "Month Of PHP Bugs" reveals some PHP vulnerabilities. MOPB-02-2007
(PHP Executor Deep Recursion Stack Overflow) uses phpMyAdmin as an
example to show a recursion vulnerability in PHP, for which a
protection is provided in version 2.10.0.2.

More details will follow on phpmyadmin.net, Security section, PMASA-2007-3.

Marc Delisle, for the team.

PR:             ports/109765
Submitted by:   Matthew Seaman <m.seaman (at) infracaninophile.co.uk>
(maintainer)
Security:       PMASA-2007-3

- fix dependencies

PR:             ports/109747
Submitted by:   maintainer (Matthew Seaman)

- Update to 2.10.0.1

PR:             109662
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Add an option so users can build this package without any php dependencies.

PR:             ports/108034
Submitted by:   Henrik Brix Andersen <henrik at brixandersen.dk>
Approved by:    Matthew Seaman <m.seaman at infracaninophile.co.uk> (maintainer)

- This is the final release of version 2.9.2, which is actually unchanged
  from the preliminary 2.9.2.rc1 currently in ports. That release was a
  fast reaction to the vulnerabilities more fully documented with this
  release.

Fixes
-----
* improved support for web clusters
* deleting a user under MySQL 4.1.x
* DELIMITER in export no longer commented out
* export of query results and procedure definitions
* detection of a binary column
* problem on 64-bit systems
* granting all privileges on a wildcard name
* verification on encrypted zip files
* security fixes

ChangeLog:      http://www.phpmyadmin.net/ChangeLog.txt
PR:             ports/108014
Submitted by:   maintainer (Matthew Seaman)
Security:       http://www.securityfocus.com/archive/1/453432
Security:      
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-1
Security:      
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-2

Update to 2.9.2-rc1. This update address some security problems.
According to the announce message:

The phpMyAdmin Project announces the immediate availability of the
first release candidate for phpMyAdmin 2.9.2, a bugfix-only
release containing security fixes. A security advisory will be
published on phpmyadmin.net when releasing the final 2.9.2.
(Marc Delisle)

Changelog: http://www.phpmyadmin.net/ChangeLog.txt
or https://sourceforge.net/project/shownotes.php?release_id=477232

Release notes: http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0

PR:             ports/107730
Submitted by:   Matthew Seaman (maintainer)

- Update to 2.9.1.1

PR:             ports/105658
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:       PMASA-2006-7 to PMASA-2006-9,
http://secunia.com/advisories/22969/

- Routine bug-fix update to version 2.9.1. From the announce message:

Fixes
-----

* XSS fix
* Wrong import when ;; is at buffer boundary
* Duplicate id for checkbox on table Operations page
* Better behavior on the Add new fields page
* Export: csv/cvs typo
* Renaming a db containing a view
* Automated timestamp values
* Import: correctly fail if file is too short
* Default font family on original theme

Detailed list of changes is available under
http://www.phpmyadmin.net/ChangeLog.txt

PR:             ports/105343
Submitted by:   maintainer (Matthew Seaman)

- Update to 2.9.0.3

PR:             105045
Submitted by:   maintainer
Security:      
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6,
                http://secunia.com/advisories/22599/

- Update to version 2.9.0.2 (fix problems in setup.php introduced in 2.9.0.1).

PR:             ports/103958
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.9.0.1

PR:             103869
Submitted by:   maintainer
Security:       http://secunia.com/advisories/22126/

- Update to 2.9.0

PR:             ports/103439
Submitted by:   Matthew Seaman <m.seaman at infracaninophile.co.uk> (maintainer)

Update two patchlevels at once.  This is all fairly routine bugfix
stuff.  Announce messages:
2.8.2.3: This one contains two fixes:
- cookie login on IIS with IE6
- switching from scripts/setup.php to the main script in case of
register_globals enabled
2.8.2.4:
Sorry for 2.8.2.3 which broke the setup script. Now fixed in 2.8.2.4.
Changelog:
https://sourceforge.net/project/shownotes.php?release_id=441457

PR:             ports/102403
Submitted by:   Matthew Seaman (maintainer)

- distfile has been re-rolled.

Noted by:       krisbot
PR:             ports/102150
Submitted by:   maintainer (Matthew Seaman)

- Update to version 2.8.2.2
  - bugfix
    -
http://sourceforge.net/tracker/index.php?func=detail&aid=1536112&group_id=23067&atid=377408
- Respect DESTDIR

PR:             ports/102027
Submitted by:   maintainer (Matthew Seaman)

- Update to 2.8.2.1

PR:             ports/101315
Submitted by:   Matthew Seaman <m.seaman at infracaninophile.co.uk> (maintainer)

- Update to 2.8.2 which fixes several vulnerabilities

PR:             ports/99682
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Approved by:    markus (co-mentor)
Security:      
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-4

- Update to 2.8.1

PR:             97537
Submitted by:   maintainer
Security:      
http://www.vuxml.org/freebsd/2ecd02e2-e864-11da-b9f4-00123ffe8333.html

- update to 2.8.0.4

Release notes are at:

https://sourceforge.net/project/shownotes.php?release_id=416383&group_id=23067

i) Update to version 2.8.0.4 to patch some security holes.  See CVE-2006-2031

    http://secunia.com/advisories/19659
    http://pridels.blogspot.com/2006/04/phpmyadmin-xss-vuln.html

ii) Provide a little guidance on how to get phpMyAdmin installed with PHP5

iii) Provide a little more guidance on how to configure Apache to work
with phpMyAdmin.

PR:             97185
Submitted by:   matainer (Matthew Seaman)

- Update to 2.8.0.3

PR:             95411
Submitted by:   maintainer
Security:       VuXML fba75b43-c588-11da-9110-00123ffe8333

- Fix OPTIONSFILE include

PR:             94749
Submitted by:   maintainer

- Update to 2.8.0.2

Changelog https://sourceforge.net/project/shownotes.php?release_id=402223

PR:             94611
Submitted by:   maintainer

- Update to 2.8.0.1

PR:             ports/94145
Submitted by:   maintainer

eplace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)

[maintainer] databases/phpmyadmin

        Update to 2.7.0-pl2

        Release notes are at:

        http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0

        This is a bug-fix release -- particularly it fixes:

        * libraries/display_create_table.lib.php: bug #1376314, detection of
          privileges to create a table (fix for MySQL 4.0.x case)

        Plus updates to Japanese, Danish and Hungarian localization.

PR:             ports/90982
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk>

Add missing dependency on PHP session module.

Submitted by:   Matthew Seaman (MAINTAINER)
PR:             ports/90417

- Delete unused variables

PR:             90248
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk>

Update to 2.7.0-pl1

PR:             90085
Submitted by:   maintainer
Security:      
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9
                http://www.hardened-php.net/advisory_252005.110.html
                http://secunia.com/advisories/17925/

- Update to 2.7.0

PR:             ports/89962
Submitted by:   maintainer

Update to 2.6.4-pl4

PR:             89119
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security:      
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6
                http://secunia.com/advisories/17578/

- Update to 2.6.4.pl3 (security fix)

    Security alert:
    http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-5

    Download details:
    http://www.phpmyadmin.net

PR:             ports/87922
Submitted by:   maintainer

Upgrade to 2.6.4-pl2

PR:             87431, 87430
Submitted by:   Dennis Cabooter <dennis@rootxs.org>, Matthew Seaman
<m.seaman@infracaninophile.co.uk>

Mark as FORBIDDEN

Security:      
http://www.vuxml.org/freebsd/9b7053fd-3ab5-11da-9484-00123ffe8333.html

- Update to 2.6.4 pl1

PR:             ports/86301
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.6.4

PR:             ports/86085
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.6.4-rc1

PR:             ports/85442
Submitted by:   maintainer

- Update to 2.6.3-pl1

PR:             ports/83083
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.6.2-pl1

PR:             ports/81561
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

Upgrade to 2.6.2

PR:             80076
Submitted by:   Matthew Seaman (maintainer)

- Update to 2.6.2-rc1

PR:             ports/79558
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to phpmyadmin-2.6.1.pl3 which corrects some pugs introduced
with the security patches in pl2.  Announcement is at:

    http://sourceforge.net/mailarchive/forum.php?thread_id=6732974&forum_id=2141

Release Notes:

    http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0

- add OPTIONS support for the PHP MCRYPT and MBSTRING modules,
      both of which are can be used by recent versions of phpMyAdmin.

PR:             ports/78445
Submitted by:   Matthew Seaman (maintainer)

- Update to 2.6.1.2

PR:             ports/78061
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.6.1

PR:             ports/76675
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.6.1-rc2

PR:             ports/76049
Submitted by:   maintainer

Update to phpMyAdmin-2.6.1-rc1 to solve command execution and file
disclosure vulnerabilities.

PR:             ports/75158
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
VuXML:         
http://vuxml.FreeBSD.org/0ff0e9a6-4ee0-11d9-a9e7-0001020eed82.html
               
http://vuxml.FreeBSD.org/9f0a405e-4edd-11d9-a9e7-0001020eed82.html
Approved by:    nectar

Update port to phpMyAdmin-2.6.0-pl3 to fix
vulnerability documented as:
http://www.vuxml.org/freebsd/6a33477e-3a9c-11d9-84ad-000c6e8f12ef.html

Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk>
PR:             ports/74111
With hat:       secteam

Upgrade to phpMyAdmin 2.6.0-pl2 in order to close a remote command
execution vulnerability.

PR:             ports/72954
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Fixes VuXML:   
http://vuxml.FreeBSD.org/fc07c9ca-22ce-11d9-814e-0001020eed82.html
Approved by:    edwin

Fix build of databases/phpmyadmin

Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk>
Reviewed by:    Ion-Mihai Tetcu <itetcu@people.tecnik93.com>

[ Maintainer Update ] databases/phpmyadmin to 2.6.0

        - Update to phpMyAdmin 2.6.0
        - Add OPTIONS support (From 71100)
        - Add MySQLi support

PR:             ports/72143
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk>

- Cope with recent php changes

PR:             ports/69336
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.5.7-pl1, which closes security vulnerability allowing remote
  user to inject php code

PR:             ports/68557
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- Update to 2.5.7

PR:             ports/67767
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)

- moves the default installation directory to /usr/local/www/phpMyAdmin
  instead of /usr/local/www/data/phpMyAdmin

- Improves handling config files, making them not world readable
  by default.

- Generates pkg-plist dynamically

- Adds a WITH_SUPHP option

PR:             ports/66697
Submitted by:   maintainer

- Update to version 2.5.6

        Release notes are at

        http://www.phpmyadmin.net/home_page/relnotes.php?rel=0

    This release fixes the vulnerability described in:

        http://marc.theaimsgroup.com/?l=bugtraq&m=107582619125932&w=2
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0129

- Take maintainership

- No more support for php3

PR:             ports/64568
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk>
Approved by:    mat (mentor)

Drop maintainership.

Sync FORBIDDEN tags with the FreeBSD VuXML database, please refer to the
individual database entries for details. Report errors and omissions in the
database to the FreeBSD Security Officer <security-officer@FreeBSD.org>

bump PORTREVISON for x11/linux-XFree86-libs, since the vulnerabilites are
fixed.

Remove lang/php4/bsd.php.mk and switch every ports depending on PHP to
use Mk/bsd.php.mk.

Approved by:    nork (mentor/implicitly)

Update phpMyAdmin to 2.5.4

PR:             58872
Submitted by:   Melvyn Sopacua <melvyn@webteckies.org>

Update phpmyadmin to 2.5.2

PR:             54776
Submitted by:   Kang Liu <lazykang@hotmail.com>

Upgrade to 2.5.1

PR:             53405
Submitted by:   Alex Dupre <sysadmin@alexdupre.com>

Clear moonlight beckons.
Requiem mors pacem pkg-comment,
And be calm ports tree.

E Nomini Patri, E Fili, E Spiritu Sancti.

1) Upgrade phpmyadmin to 2.3.2

2) Make databases/phpmyadmin operate with apache2

PR:             43706 (2)
Submitted by:   Matthew Seaman <m.seaman@infracaninophile.co.uk> (2)

Upgrade to phpmyadmin 2.3.0 release candidate 4.

Upgrade to version 2.2.4

PR:             35600
Submitted by:   Simon 'corecode' Schubert <corecode@corecode.ath.cx>

Switch from mysql322-{client,server} to mysql323-{client,server}.    

Change the BUILD_DEPENDS I was using for testing to RUN_DEPENDS.    

Add phpMyAdmin, a set of PHP3 scripts to adminstrate MySQL over the web    

Number of commits found: 98

14 vulnerabilities affecting 30 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities