phpMyAdmin3-3.4.9-1.el5 security update
|Release:||Fedora EPEL 5|
|Date Submitted:||2011-12-22 21:57:06|
|Date Released:||2011-12-24 17:45:10|
|Date Modified:||2011-12-28 10:32:05|
Changes 126.96.36.199 (2011-12-21):
-  Inline editing enum fields with null shows no dropdown
- [interface] DB suggestion not correct for user with underscore
- [core] Magic quotes removed in PHP 5.4
- [session] No feedback when result is empty (signon auth_type)
- [display] Problems regarding ShowTooltipAliasTB
-  Can't rename a database that contains views
-  Unable to move tables with triggers
- [navi] Fast filter broken with table tree
- [GUI] Firefox favicon frameset regression
- [core] Better compatibility with mysql extension
- [security] Self-XSS on export options (export server/database/table), see PMASA-2011-20 (http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php)
- [security] Self-XSS in setup (host parameter), see PMASA-2011-19 (http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php)Bugs Fixed769818 - phpMyAdmin-3.4.9 is available769982 - CVE-2011-4782: phpMyAdmin Crafted values entered in the setup interface can produce XSS PMASA-2011-19bodhi - 2011-12-22 21:57:13This update has been submitted for testing by robert.
bodhi - 2011-12-24 17:36:10This update is currently being pushed to the Fedora EPEL 5 testing updates repository.
bodhi - 2011-12-24 17:57:26This update has been pushed to testing
bodhi - 2012-01-07 22:03:46This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2012-01-08 01:15:22This update has been submitted for stable by robert.
bodhi - 2012-01-11 06:02:43This update is currently being pushed to the Fedora EPEL 5 stable updates repository.
bodhi - 2012-01-11 07:59:22This update has been pushed to stable