non port: databases/phpmyadmin/Makefile |
Number of commits found: 327 (showing only 100 on this page) |
Sunday, 30 Nov 2014
|
21:40 matthew
Update to 4.2.13
This is a routine bugfix update, and will be the last of the 4.2.x
series, barring any emergency fixes.
Change
Log: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.13/phpMyAdmin-4.2.13-notes.html/view
|
Friday, 21 Nov 2014
|
08:14 matthew
Security update to 4.2.12
- 4 security advisories covering XSS and information disclosure
vulnerabilities
MFH: 2014Q4
Security: a5d4a82a-7153-11e4-88c7-6805ca0b3d42
|
Saturday, 1 Nov 2014
|
13:49 matthew
Update to 4.2.11
This is a routine bugfix update
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.11/phpMyAdmin-4.2.11-notes.html/view
|
Wednesday, 22 Oct 2014
|
08:56 matthew
Security update to 4.2.10.1
- XSS vulnerabilities in SQL debug output and server monitor page.
Advisory: http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php
Release
Notes: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.10.1/phpMyAdmin-4.2.10.1-notes.html/view
MFH: 2014Q4
Security: 25b78f04-59c8-11e4-b711-6805ca0b3d42
|
Saturday, 11 Oct 2014
|
18:09 matthew
Update to 4.2.10
This is a routine bugfix release
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.10/phpMyAdmin-4.2.10-notes.html/view
|
Wednesday, 1 Oct 2014
|
21:27 matthew
Security update to 4.2.9.1:
XSS vulnerabilities in table search and table structure pages.
Advisory: http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php
MFH: 2014Q4
Security: 3e8b7f8a-49b0-11e4-b711-6805ca0b3d42
|
Sunday, 21 Sep 2014
|
11:11 matthew
Update to 4.2.8
This is a routine bugfix update.
Change Log:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.9/phpMyAdmin-4.2.9-notes.html/download
|
Sunday, 14 Sep 2014
|
19:31 antoine
Allow staging as a regular user
|
Saturday, 13 Sep 2014
|
21:21 matthew
Security update to 4.2.8.1
Advisory: http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
MFH: 2014Q3
Security: cc627e6c-3b89-11e4-b629-6805ca0b3d42
|
Sunday, 31 Aug 2014
|
17:37 matthew
Update to 4.2.8
This is a routine bugfix update.
Release Notes:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.8/phpMyAdmin-4.2.8-notes.html/view
|
Sunday, 17 Aug 2014
|
19:54 matthew
Security update to 4.2.7.1
XSS in view operations page.
and
Multiple XSS vulnerabilities in browse table, ENUM editor, monitor,
query charts and table relations pages
Release
notes: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.7.1/phpMyAdmin-4.2.7.1-notes.html/download
MFH: 2014Q3
Security: fbb01289-2645-11e4-bc44-6805ca0b3d42
|
Thursday, 31 Jul 2014
|
22:07 matthew
Update to 4.2.7
This is a routine bugfox release
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.7/phpMyAdmin-4.2.7-notes.html/view
|
Friday, 18 Jul 2014
|
07:05 matthew
Security update to 4.2.6.
Security advisories will eventually be published at
http://www.phpmyadmin.net/home_page/security/
MFH: 2014Q3
Security: 3f09ca29-0e48-11e4-b17a-6805ca0b3d42
|
Sunday, 13 Jul 2014
|
05:44 matthew
Add CPE settings. phpMyAdmin certainly does have CVE numbers issued
against it -- in fact, it might well hold the record for "most CVE
numbers" out of the whole ports tree,,,
|
Friday, 27 Jun 2014
|
06:31 matthew
Update to 4.2.5
This is a routine bugfix update
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.5/phpMyAdmin-4.2.5-notes.html/view
|
Friday, 20 Jun 2014
|
22:37 matthew
Forced commit so I can fix botched MFH
|
22:09 matthew
Turn off PDF option by default: pdflib is a restricted package, which
means phpMyAdmin couldn't be packaged and installed from the repos.
Submitted by: bapt
|
22:03 matthew
Security update to 4.2.4
- while here switch plist to use @sample
The advisories: PMASA-2014-2 and PMASA-2014-3, have not been published
yet, so there is very little concrete information about what the
security problems are. About all there is comes from the change log,
where the security issues are listed as:
- bug #4464 [security] XSS injection due to unescaped db/table name in
navigation hiding
- bug #4465 [security] XSS injection due to unescaped db/table name in
recent/favorite tables
ChaneLog: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.4/phpMyAdmin-4.2.4-notes.html/view
MFH: 2014Q2
|
Thursday, 19 Jun 2014
|
05:26 matthew
Switch the default setting for the APC option to off. pecl-APC does
not provide core phpMyAdmin functionality and it is not compatible
with php-5.5
PR: 191122
Submitted by: feld
|
Tuesday, 10 Jun 2014
|
07:39 olgeni
Remove indefinite articles and trailing periods from COMMENT, plus
minor COMMENT typos and surrounding whitespace fixes. Categories D-F.
CR: D196
Approved by: portmgr (bapt)
|
Monday, 9 Jun 2014
|
09:14 matthew
Update to 4.2.3
This is a routine bugfix update.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.3/phpMyAdmin-4.2.3-notes.html/view
|
Wednesday, 21 May 2014
|
06:26 matthew
Update to 4.2.2
This is a routine bugfix update.
Change
Log: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.2/phpMyAdmin-4.2.2-notes.html/view
|
Wednesday, 14 May 2014
|
12:43 matthew
Update to 4.2.1
This is a routine bugfix release.
Change Log:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.1/phpMyAdmin-4.2.1-notes.html/view
|
Friday, 9 May 2014
|
06:27 matthew
Update to 4.2.0
This is a significant feature and bugfix upgrade.
Note: this release drops compatibility with the php-mysql module,
relying solely on php-mysqli now.
Change log:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.0/phpMyAdmin-4.2.0-notes.html/view
|
Monday, 5 May 2014
|
09:45 bapt
Convert all :U to :tu and :L to :tl
Since FreeBSD 8.4 and FreeBSD 9.1 make(1) do support :tu and :tl as a
replacement for :U and :L (which has been marked as deprecated)
bmake which is the default on FreeBSD 10+ only support by default
:tu/:tl a hack has been added at the time to support :U and :L to ease
migration. This hack is now not necessary anymore
Note that this makes the ports tree incompatible with make(1) from
FreeBSD 8.3 or earlier
With hat: portmgr
|
Sunday, 27 Apr 2014
|
08:22 matthew
Update to 4.1.14
This is a routine bugfix update
Change Log:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.14/phpMyAdmin-4.1.14-notes.html/view
|
Sunday, 13 Apr 2014
|
12:10 matthew
Update to 4.1.13
This is a routine bugfix update
Change log:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.13/phpMyAdmin-4.1.13-notes.html/view
|
Thursday, 27 Mar 2014
|
22:30 matthew
Update to 4.1.12
This is a routine bugfix release
Release Notes:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.12/phpMyAdmin-4.1.12-notes.html/view
|
Saturday, 22 Mar 2014
|
19:59 matthew
Update to 4.1.11
This is a quick-reaction update to fix a regression in 4.1.10 released
earlier today:
reCaptcha on the login panel no longer worked
Release
notes: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.11/phpMyAdmin-4.1.11-notes.html/view
|
17:37 matthew
Update to 4.1.10
* USE_XZ -> USES tar:xz
This is a routine bugfix update.
Release notes:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.10/phpMyAdmin-4.1.10-notes.html/view
|
Saturday, 8 Mar 2014
|
10:32 matthew
Update to 4.1.9
This is a routine bugfix release.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.9/phpMyAdmin-4.1.9-notes.html/view
|
Saturday, 22 Feb 2014
|
22:21 matthew
Update to 4.1.8
This is a routine bugfix relaease
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.8/phpMyAdmin-4.1.8-notes.html/view
|
Sunday, 9 Feb 2014
|
18:26 matthew
Update to 4.1.7
This is a routine bugfix release
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.7/phpMyAdmin-4.1.7-notes.html/view
|
Sunday, 26 Jan 2014
|
20:05 matthew
Update to 4.1.6
This is a routine bugfix update.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.6/phpMyAdmin-4.1.6-notes.html/download
|
Friday, 17 Jan 2014
|
20:34 matthew
Update to 4.1.5
This is a routine bugfix update.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.5/phpMyAdmin-4.1.5-notes.html/download
|
Tuesday, 7 Jan 2014
|
20:40 matthew
Update to 4.1.4
This is a routine bugfix upgrade
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.4/phpMyAdmin-4.1.4-notes.html/view
|
Tuesday, 31 Dec 2013
|
13:24 matthew
Update to 4.1.3
This is a routine bugfix update
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.3/phpMyAdmin-4.1.3-notes.html/view
|
Monday, 23 Dec 2013
|
22:58 matthew
Update to 4.1.2
- Add instructions for more recent verions of Apache to
pkg-message (1)
Release
Notes: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.2/phpMyAdmin-4.1.2-notes.html/view
Submitted by: poinsot.julien@gmail.com (1)
|
Wednesday, 18 Dec 2013
|
08:00 matthew
Update to 4.1.1
Routine bugfix update.
ChangeLog: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.1/phpMyAdmin-4.1.1-notes.html/view
|
Tuesday, 17 Dec 2013
|
13:56 matthew
Drop the SUPHP option as the www/suphp port has expired.
General cleanup:
pkg-install and pkg-deinstall are redundant: it's all handled by
@exec and @unexec actions in pkg-plist.
PR: ports/184923
Submitted by: rene
|
Thursday, 12 Dec 2013
|
22:48 matthew
Update to 4.1.0
With this release, the minimum required version of PHP is now php-5.3,
and the minimum compatible version of MySQL is now mysql-5.5. See
http://docs.phpmyadmin.net/en/latest/require.html for details.
ChangeLog: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.1.0/phpMyAdmin-4.1.0-notes.html/view
|
Tuesday, 10 Dec 2013
|
19:47 bdrewery
- Chase r336083 and bump all ports using NO_ARCH so that users building
their own packages and still on pkg 1.1.4 can upgrade.
With hat: portmgr
|
Sunday, 8 Dec 2013
|
22:38 matthew
Mark all my architecture independent ports using shell/perl/PHP as
NO_ARCH=yes
While here, fix a few other niggles:
net/phpldapadmin -- remove indefinite article from COMMENT
www/p5-RT* -- fix comments referencing the different versions of RT
x11-fonts/gentium-{basic,plus} -- mention ${STAGEDIR} explicitly in the
install targets; rework the handling of ${FONTPATH}
|
Wednesday, 4 Dec 2013
|
21:10 matthew
Update to 4.0.10
A routine bugfix update.
ChangeLog: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.10/phpMyAdmin-4.0.10-notes.html/download
|
Tuesday, 5 Nov 2013
|
07:05 matthew
Upgrade to 4.0.9
- Drop LATEST_LINK
- Apply shebangfix to a couple of shell scripts
ChangeLog: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.9/phpMyAdmin-4.0.9-notes.html/view
|
Sunday, 6 Oct 2013
|
13:54 matthew
- update to 4.0.8
Change Log:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.8/phpMyAdmin-4.0.8-notes.html/view
|
Friday, 27 Sep 2013
|
16:08 matthew
- stagify
- move post-install actions into pkg-install
|
Tuesday, 24 Sep 2013
|
11:34 matthew
Update to 4.0.7
- ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.7/phpMyAdmin-4.0.7-notes.html/view
|
Friday, 20 Sep 2013
|
16:13 bapt
Add NO_STAGE all over the place in preparation for the staging support (cat:
databases)
|
Saturday, 7 Sep 2013
|
18:03 matthew
- Update to 4.0.6
ReleaseNotes: http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.6/phpMyAdmin-4.0.6-notes.html/view
|
Sunday, 4 Aug 2013
|
12:13 matthew
- Security update of databases/phpmyadmin to 4.0.5
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.5/phpMyAdmin-4.0.5-notes.html/download
SecurityAdvisory: http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php
- Deprecate databases/phpmyadmin35
This version is vulnerable to the 'clickjacking protection bypass'
problem fixed in 4.0.5, but the development team will not be
publishing a fix. "We have no solution for 3.5.x, due to the proposed
solution requiring JavaScript. We don't want to introduce a dependency
to JavaScript in the 3.5.x family."
Therefore deprecate this port and set expiry for one month. Please
upgrade to 4.0.5 instead.
Security: 17326fd5-fcfb-11e2-9bb9-6805ca0b3d42
|
Sunday, 28 Jul 2013
|
15:38 matthew
Security update: multiple vulnerabilities in databases/phpmyadmin and
databases/phpmyadmin35
- update phpmyadmin to 4.0.4.2
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.4.2/phpMyAdmin-4.0.4.2-notes.html/view
- update phpmyadmin35 to 3.5.8.2
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.8.2/phpMyAdmin-3.5.8.2-notes.html/view
- vuxml
The PMSA references shown have not been published yet, hence no CVE
numbers and a lack of detail in the descriptions. Yes, PMSA-2013-10
is missing from the sequence. According to the security alert e-mail:
"For more details, see the upcoming PMASA-2013-8 to PMASA-2013-15 (minus
PMASA-2013-10 which is reserved for a future advisory)."
|
Sunday, 30 Jun 2013
|
20:49 matthew
Security update to 4.0.4.1
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.4.1/phpMyAdmin-4.0.4.1-notes.html/view
Advisory: http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php
Security: 1b93f6fe-e1c1-11e2-948d-6805ca0b3d42
|
Tuesday, 18 Jun 2013
|
05:23 matthew
Update to 4.0.4
A routine bugfix update
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.4/phpMyAdmin-4.0.4-notes.html/view
|
Wednesday, 5 Jun 2013
|
22:02 matthew
Security upgrade to 4.0.3
Advisory: http://www.phpmyadmin.net/home_page/security/PMASA-2013-6.php
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.3/phpMyAdmin-4.0.3-notes.html/view
Security: 6b97436c-ce1e-11e2-9cb2-6805ca0b3d42
|
Friday, 24 May 2013
|
18:59 matthew
Update to 4.0.2
Routine bugfix update.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.2/phpMyAdmin-4.0.2-notes.html/view
|
Wednesday, 15 May 2013
|
18:21 matthew
Update to 4.0.1
This is a routine, bugfix update.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.1/phpMyAdmin-4.0.1-notes.html/view
|
Monday, 13 May 2013
|
15:47 miwi
- Remove php4 reference
|
Saturday, 4 May 2013
|
06:24 matthew
- Copy databases/phpmyadmin to databases/phpmyadmin35
- Update databases/phpmyadmin to 4.0.0
Version 4.0.0 is the first release of a new major version, and
involves some significant changes in functionality. In particular it
now requires Javascript in order to operate.
Provide a new phpmyadmin35 port to track the 3.5.x branch for those
not wishing to upgrade yet. Note that you will have to adjust your
httpd.conf if you switch to this port, as it installs the application to
${LOCALBASE}/www/phpMyAdmin35
|
Wednesday, 24 Apr 2013
|
20:23 matthew
Security updae to 3.5.8.1
Four new serious security alerts were issued today by the phpMyAdmin
them: PMASA-2013-2 and PMASA-2013-3 are documented in this commit to
vuln.xml.
- Remote code execution via preg_replace().
- Locally Saved SQL Dump File Multiple File Extension Remote Code
Execution.
The other two: PMASA-2013-4 and PMASA-2013-5 only affect PMA 4.0.0
pre-releases earlier than 4.0.0-rc3, which are not available through
the ports.
|
Tuesday, 16 Apr 2013
|
20:58 matthew
Update to 3.5.8
This is a routine, bugfix release.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.8/phpMyAdmin-3.5.8-notes.html/download
Feature safe: yes
|
Friday, 15 Feb 2013
|
23:09 matthew
Upgrade to 3.5.7
This is a routine bugfix release.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.7/phpMyAdmin-3.5.7-notes.html/view
|
Monday, 28 Jan 2013
|
21:39 matthew
Update to version 3.5.6
This is a routine bugfix update.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.6/phpMyAdmin-3.5.6-notes.html/view
|
Thursday, 20 Dec 2012
|
18:55 matthew
Routine bugfix update to 3.5.5
- Release Notes:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.5/phpMyAdmin-3.5.5-notes.html/view
|
Tuesday, 20 Nov 2012
|
20:58 matthew
Update to version 3.5.4
This is a routine bugfix / new feature release.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.4/phpMyAdmin-3.5.4-notes.html/view
Feature safe: yes
|
Sunday, 12 Aug 2012
|
18:59 matthew
- Security update to 3.5.2.2
- This is a fast-reaction patch: no details about the vulnerability
are available yet, other than it involves XSS.
- VuXML to follow, once the advisories are published
|
Saturday, 4 Aug 2012
|
05:33 matthew
- Security update to 3.5.2.1
- ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.2.1/phpMyAdmin-3.5.2.1-notes.html/view
- SecurityAdvisory (to be published, eventually) PMSA-2012-3
http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php
This fixes a local path disclosure vulnerability. Unfortunately only
the security patches are available now. Supporting documentation, CVE
references etc. are yet to be published. VuXML will be updated once
that is available.
|
Tuesday, 10 Jul 2012
|
05:13 matthew
Routine bugfix update to 3.5.2
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.2/phpMyAdmin-3.5.2-notes.html/view
|
Monday, 4 Jun 2012
|
19:25 matthew
- Convert all my remaining ports to OPTIONSng
Files affected:
databases/mysql-connector-java/Makefile
databases/phpmyadmin/Makefile
mail/sa-utils/Makefile
net/phpldapadmin/Makefile
security/apg/Makefile
textproc/sphinxsearch/Makefile
www/p5-RT-Authen-ExternalAuth/Makefile
www/p5-RT-Extension-LDAPImport/Makefile
www/p5-RT-Extension-SLA/Makefile
www/p5-RTx-Calendar/Makefile
www/rt40/Makefile
www/rt40/Makefile.cpan
x11-fonts/gentium/Makefile
x11-fonts/gentium-basic/Makefile
Approved by: shaun (mentor)
|
Saturday, 5 May 2012
|
11:37 matthew
Routine bugfix update to version 3.5.1
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.1/phpMyAdmin-3.5.1-notes.html/view
Approved by: shaun (mentor)
|
Saturday, 7 Apr 2012
|
15:54 matthew
This one is a routine bugfix / new functionality update:
Welcome to phpMyAdmin 3.5.0; here are the major new features:
* browse-mode improvements
** grid editing
** remember recent tables
** remember last sort order by table
** flexible column width
** reorder columns
** more compact navigation bar
* AJAXification of many operations
* reorganised server status page, with server monitoring
* improved support for stored routines, events and triggers
* openGIS support
* zoom-search in table search
* Drizzle support
* improved ENUM/SET editor
Or see:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.0/phpMyAdmin-3.5.0-notes.html/view
Approved by: shaun (mentor)
Feature safe: yes
|
Wednesday, 28 Mar 2012
|
23:50 matthew
Another phpmyadmin security update.
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.4.10.2/phpMyAdmin-3.4.10.2-notes.html/download
Welcome to phpMyAdmin 3.4.10.2, a minor security release.
3.4.10.2 (2012-03-28)
- [security] Fixed local path disclosure vulnerability, see PMASA-2012-2
Advisory:
http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php
Approved by: shaun (mentor)
Feature safe: yes
Security: a81161d2-790f-11e1-ac16-e0cb4e266481
|
Saturday, 18 Feb 2012
|
15:00 matthew
Security update to 3.4.10.1
XSS in replication setup
ChangeLog:
Welcome to phpMyAdmin 3.4.10.1, a minor security release.
3.4.10.1 (2012-02-18)
- [security] XSS in replication setup, see PMASA-2012-1
Security Advisory:
http://www.phpmyadmin.net/home_page/security/PMASA-2012-1.php
Approved by: shaun (mentor)
|
Wednesday, 15 Feb 2012
|
16:42 matthew
Correct misunderstanding about mysqlnd functionality introduced in
previous commit. mysql or mysqli drivers are required in all cases.
Approved by: shaun (mentor)
|
00:01 matthew
Routine bugfix update to 3.4.10
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.4.10/phpMyAdmin-3.4.10-notes.html/view
3.4.10.0 (2012-02-14)
- bug #3460090 [interface] TextareaAutoSelect feature broken
- patch #3375984 [export] PHP Array export might generate invalid php code
- bug #3049209 [import] Import from ODS ignores cell that is the same as cell be
fore
- bug #3463933 [display] SELECT DISTINCT displays wrong total records found
- patch #3458944 [operations] copy table data missing SET SQL_MODE='NO_AUTO_VALU
E_ON_ZERO'
- bug #3469254 [edit] Setting data to NULL and drop-downs
- bug #3477063 [edit] Missing set fields and values in generated INSERT query
- bug #3460867 [libraries] license issue with TCPDF (updated to 5.9.145)
Other Changes:
* Drop USE_MYSQL=compat and IGNORE_WITH_MYSQL=41 -- phpmyadmin has
not suddenly grown compatibility for older versions of MySQL.
However, USE_MYSQL implies an dependency on mysql-client, but
phpmyadmin can operate just fine with only the php mysqlnd
drivers.
* Add a new WITH_MYSQL Options knob (off by default) -- if you want
to use the mysql-client driver.
* PHP52 doesn't have mysqlnd drivers, so require at least one of
WITH_MYSQL or WITH_MYSQLI to be selected.
Approved by: shaun (mentor)
|
Thursday, 9 Feb 2012
|
17:09 matthew
Update maintainer address to matthew@FreeBSD.org
Approved by: shaun (mentor)
|
Friday, 23 Dec 2011
|
07:20 dougb
This is the formal release of the fix for these securty
vulnerabilities. However the code is identical to the quick-reaction
patches in 3.4.9-rc1 other than updating the version number.
Security advisories have now been published:
http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php
http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php
CVE Numbers:
CVE-2011-4782
CVE-2011-4780
http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.4.9%2FphpMyAdmin-3.4.9-notes.html/view
PR: ports/163528
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
|
Friday, 16 Dec 2011
|
01:43 dougb
"Welcome to the first release candidate for phpMyAdmin 3.4.9, a bugfix
release with minor security corrections.
Please refer to the upcoming PMASA-2011-19 and PMASA-2011-20
announcements on http://www.phpmyadmin.net/home_page/security.
Details will appear on http://phpmyadmin.net. In a hurry? you can visit
http://sourceforge.net/projects/phpmyadmin to download.
Marc Delisle, for the team"
ChangeLog:
3.4.9.0 (not yet released)
- bug #3442028 [edit] Inline editing enum fields with null shows no dropdown
- bug #3442004 [interface] DB suggestion not correct for user with underscore
- bug #3438420 [core] Magic quotes removed in PHP 5.4
- bug #3398788 [session] No feedback when result is empty (signon auth_type)
- bug #3384035 [display] Problems regarding ShowTooltipAliasTB
- bug #3306875 [edit] Can't rename a database that contains views
- bug #3452506 [edit] Unable to move tables with triggers
- bug #3449659 [navi] Fast filter broken with table tree
- bug #3448485 [GUI] Firefox favicon frameset regression
- [core] Better compatibility with mysql extension
- [security] Self-XSS on export options (export server/database/table), see
PMASA-2011-20
- [security] Self-XSS in setup (host parameter), see PMASA-2011-19
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.4.9-rc1/phpMyAdmin-3.4.9-rc1-notes.html/download
For the port:
Switch to using lzma compressed tarballs, for a saving of about 1MB
per download.
PR: ports/163290
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk>
|
Thursday, 1 Dec 2011
|
21:03 dougb
Update to version 3.4.8
This is the formal release of the fix to CVE-2011-4634, but there are
no code differences from the preliminary fixes released in 3.4.8-rc1
except for the updated version number.
PMSA-2011-18 has now been published; vuxml entry attached.
PR: ports/163001
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Feature safe: yes
|
Saturday, 26 Nov 2011
|
09:14 dougb
Security and bugfix update to 3.4.8-rc1
Announcement:
"Welcome to the first release candidate for phpMyAdmin 3.4.8, a bugfix
release with minor security corrections.
Please refer to the upcoming PMASA-2011-18 announcement on
http://www.phpmyadmin.net/home_page/security.
Marc Delisle, for the team"
Welcome to the first release candidate for phpMyAdmin 3.4.8, a bugfix
release with minor security corrections.
3.4.8.0 (not yet released)
- bug #3425230 [interface] enum data split at space char (more space to
edit)
- bug #3426840 [interface] ENUM/SET editor can't handle commas in values
- bug #3427256 [interface] no links to browse/empty views and tables
- bug #3430377 [interface] Deleted search results remain visible
- bug #3428627 [import] ODS import ignores memory limits
- bug #3426836 [interface] Visual column separation
- bug #3428065 [parser] TRUE not recognized by parser
+ patch #3433770 [config] Make location of php-gettext configurable
- patch #3430291 [import] Handle conflicts in some open_basedir situations
- bug #3431427 [display] Dropdown results - setting NULL does not work
- patch #3428764 [edit] Inline edit on multi-server configuration
- patch #3437354 [core] Notice: Array to string conversion in PHP 5.4
- [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the
view name in main panel db Structure page
- bug #3439292 [core] Fail to synchronize column with name of keyword
- bug #3425156 [interface] Add column after drop
- [interface] Avoid showing the password in phpinfo()'s output
- bug #3441572 [GUI] 'newer version of phpMyAdmin' message not shown in IE8
- bug #3407235 [interface] Entering the key through a lookup window does not
reset NULL
- [security] Self-XSS on database names (Synchronize), see PMASA-2011-18
- [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18
- [security] Self-XSS on column type (Create index), see PMASA-2011-18
- [security] Self-XSS on column type (table Search), see PMASA-2011-18
- [security] Self-XSS on invalid query (table overview), see PMASA-2011-18
PR: ports/162873
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Feature safe: yes
|
Friday, 11 Nov 2011
|
00:43 dougb
Security update to version 3.4.7.1
Please refer to the upcoming PMASA-2011-17 announcement on
http://www.phpmyadmin.net/home_page/security.
3.4.7.1 (2011-11-10)
- [security] Fixed possible local file inclusion in XML import
(CVE-2011-4107).
http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.4.7.1%2FphpMyAdmin-3.4.7.1-notes.html/view
PR: ports/162442
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Feature safe: yes
|
Monday, 24 Oct 2011
|
22:36 dougb
Routine bugfix upgrade to version 3.4.7
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.4.7%2FphpMyAdmin-3.4.7.html/view
Welcome to phpMyAdmin 3.4.7, a bugfix release.
3.4.7.0 (2011-10-23)
- bug #3418610 [interface] Links in navigation when $cfg['MainPageIconic'] =
false
- bug #3418849 [interface] Inline edit shows dropdowns even after closing
- bug [view] View renaming did not work
- bug [navi] Wrong icon for view (MySQL 5.5)
- bug #3420229 [doc] Missing documentation section
- bug #3423725 [pdf] Broken PDF file when exporting database to PDF
- [core] Allow to set language in URL
- bug #3425184 [doc] Fix links to PHP documentation
- bug #3426031 [export] Export to bzip2 is not working
PR: ports/161937
Submitted by: maintainer
|
Monday, 17 Oct 2011
|
04:35 dougb
Remove references to mysql 323 and 40, most commonly of the form:
IGNORE_WITH_MYSQL= 323 40
|
03:39 dougb
Routine update to 3.4.6 release version. Note: despite the discussion
of security fixes in the announcement message and changelog, all of
the fixes were already applied in the previous port update (to
3.4.6-rc1). In fact, diff'ing the distfile tarballs between 3.4.6-rc1
and 3.4.6 shows that the only change is to update the version number.
Announcement message:
"Welcome to phpMyAdmin 3.4.6, a bugfix and minor security release.
Please refer to the upcoming PMASA-2011-15 and -16 announcements on
http://www.phpmyadmin.net/home_page/security.
Details will appear on http://phpmyadmin.net.
Marc Delisle, for the team"
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.4.6/phpMyAdmin-3.4.6.html/download
The advisories PMASA-15 and PMASA-16 still have not yet been published.
PR: ports/161709
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
|
Friday, 7 Oct 2011
|
00:45 dougb
Bugfix and Security update to 3.4.6.r1
From the announce message:
"Welcome to the first release candidate of phpMyAdmin 3.4.6, a bugfix
release containing also fixes for minor security problems.
Details will appear on http://phpmyadmin.net. In a hurry? you can visit
http://sourceforge.net/projects/phpmyadmin to download.
Marc Delisle, for the team"
Security Advisories:
PMASA-2011-15
PMASA-2011-16
(These are not published yet...)
ChangeLog:
(http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.4.6-rc1%2FphpMyAdmin-3.4.6-rc1.html/view)
Welcome to the first release candidate for phpMyAdmin 3.4.6, a bugfix release
containing also fixes for minor security problems.
3.4.6.0 (not yet released)
- patch #3404173 InnoDB comment display with tooltips/aliases
- bug #3404886 [navi] Edit SQL statement after error
- bug #3403165 [interface] Collation not displayed for long enum fields
- bug #3399951 [export] Config for export compression not used
- bug #3400690 [privileges] DB-specific privileges won't submit
- bug #3410604 [config] Configuration storage incorrect suggested table name
- bug #3383572 [interface] Cannot execute saved query
- bug #3411535 [display] Full text button unchecks results display options
- bug #3411224 [display] Broken binary column when 'Show binary contents' is not
set
- bug #3411633 [core] Call to undefined function PMA_isSuperuser()
- bug #3413743 [interface] Display options link missing after search
- bug #3324161 [core] CSP policy causing designer JS buttons to fail
- bug #3412862 [relation] Relations/constraints are dropped/created on every
change
- bug #3390832 [display] Delete records from last page breaks search
- bug #3392150 [schema] PMA_User_Schema::processUserChoice() is broken
- bug #3414744 [core] External link fails in 3.4.5
- patch #3314626 [display] CharTextareaRows is not respected
- bug #3417089 [synchronize] Extraneous db choices
- [security] Fixed local path disclosure vulnerability, see PMASA-2011-15
- [security] Fixed XSS in setup (host/verbose parameter), see PMASA-2011-16
PR: ports/161337
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> [maintainer]
|
Wednesday, 14 Sep 2011
|
23:26 delphij
Document phpMyAdmin multiple XSS vulnerability.
Update phpMyAdminn to 3.4.5 release. [1]
PR: ports/160589 [1]
Submitted by: maitainer [1]
|
Wednesday, 24 Aug 2011
|
21:04 dougb
Security and bug-fix update to version 3.4.4
From the announce message:
Welcome to phpMyAdmin 3.4.4, a bugfix and security release
Please refer to the upcoming PMASA-2011-13 announcements on
http://www.phpmyadmin.net/home_page/security.
Security problem (CVE-2011-3181) is "Multiple XSS in the Tracking
feature."
ChangeLog:
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.4.4/phpMyAdmin-3.4.4.html/download
PR: ports/160156
Submitted by: maintainer
|
Tuesday, 26 Jul 2011
|
01:21 zi
Update to 3.4.3.2
PR: ports/159143
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> [maintainer]
Approved by: wxs (mentor)
|
Wednesday, 13 Jul 2011
|
01:23 sunpoet
- Remove outmoded message
PR: ports/158844
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk>
|
Sunday, 3 Jul 2011
|
11:59 jlaffaye
Update to 3.4.3.1
PR: ports/158603
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Approved by: bapt (mentor, implicit)
|
Tuesday, 28 Jun 2011
|
07:22 culot
- Update to 3.4.3
PR: ports/158356
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
|
Wednesday, 8 Jun 2011
|
08:43 culot
- Update to 3.4.2
PR: ports/157699
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
|
Monday, 23 May 2011
|
08:28 wen
- Update to 3.4.1
PR: ports/157232
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
|
Wednesday, 18 May 2011
|
13:28 sylvio
- Add spl module because when installed with php-5.2.x the phpMyAdmin require
the spl module.
PR: ports/157145
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
|
Monday, 16 May 2011
|
14:49 culot
- Update to 3.4.0
PR: ports/157033
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
|
Saturday, 19 Mar 2011
|
19:58 culot
- Update to 3.3.10
PR: ports/155694
Submitted by: Matthew Seaman <m.seaman AT infracaninophile.co.uk> (maintainer)
|
Friday, 11 Feb 2011
|
20:44 dougb
Update to 3.3.9.2, a security release to fix the following:
http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php
Announcement-ID: PMASA-2011-2
Date: 2011-02-11
Summary
SQL query could be executed under another user.
Description
It was possible to create a bookmark which would be executed
unintentionally by other users.
Severity
We consider this vulnerability to be critical.
PR: ports/154695
Submitted by: me
Approved by: maintainer
|
Wednesday, 9 Feb 2011
|
14:28 miwi
- Update to 3.3.9.1
PR: 154602
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security: http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php
|
Tuesday, 4 Jan 2011
|
02:17 wen
- Update to 3.3.9
PR: ports/153652
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
|
Tuesday, 30 Nov 2010
|
02:58 sunpoet
- Update to 3.3.8.1
PR: ports/152685
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Security: http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php
|
Number of commits found: 327 (showing only 100 on this page) |