phpMyAdmin-3.4.1-1.el6 security update
|Release:||Fedora EPEL 6|
|Date Submitted:||2011-05-29 22:11:23|
|Date Released:||2011-05-30 17:29:17|
Welcome to phpMyAdmin 3.4, presenting a new default theme. This release contains new features, especially:
- User preferences
- Relation schema export to multiple formats
- ENUM/SET editor
- Simplified interface for export/import
- AJAXification of some parts
- Visual query builder
and here is the ChangeLog:
Changes for 184.108.40.206 (2011-05-20)
- [interface] Synchronize and already configured host
- [bug] Inline edit and $cfg['PropertiesIconic']
- [patch] Show a translated label
- [navi] Table filter is case sensitive
- [privileges] Revert temporary fix
- [synchronize] Synchronize and user name
- [core] Some browsers report an insecure https connection
- [security] Make redirector require valid token (see PMASA-2011-3 and PMASA-2011-4)
Changes for 220.127.116.11 (2011-05-11)
- [view] Enable VIEW rename
- [privileges] Export a user's privileges
- [core] Updated mootools to fix some glitches with Safari.
- [interface] Add REGEXP ^...$ to select dialog.
- [interface] Add insert ignore option to editing row.
-  Call UUID function separately to show it in insert.
- [export] Allow export of timestamps in UTC.
- [core] Remove config data from session as it brings chicken-egg problem.
- [core] Cookie path now honors PmaAbsoluteUri.
- [core] phpMyAdmin honors https in PmaAbsoluteUri.
- [core] Try moving tables by RENAME and fail to CREATE/INSERT if that fails.
- [core] Force reload js on code change.
- [interface] Do not display long numbers in server status.
-  Add option to just display insert query.
- [interface] Move SSL status to the end, it is usually empty.
- [interface] Show numbers of columns in table structure.
- [inrerface] Add link to reload navigation frame.
- [auth] Signon authentication forwards error message through session data.
- [interface] Move ^1 to the end of message.
- [interface] Grey out non applicable actions in structure
- [interface] Allow to create new table from navigation frame (in light mode).
- [browse] Add direct download of binary fields.
- [browse] Properly display NULL value for BLOB.
-  Allow to set BLOB to/from NULL with ProtectBinary.
-  Do not default to UNHEX when using file upload.
- [core] Add option to configure session_save_path.
- [interface] Provide links to documentation in highlighted SQL.
- [interface] It is now possible to bookmark most pages in JS capable browser.
- [core] Fix SSL detection.
- [doc] Add some hints to chk_rel.php for quick setup.
- [interface] Add class to some elements for easier theming.
- [doc] Add some interesting configs to config.sample.inc.php.
- [doc] Added advice to re-login after changing pmadb settings
- [interface] Prefill "Copy table to" in tbl_operations.php, thanks to iinl
- [lang] Add English (United Kingdom) translation, thanks to Robert Readman.
- [auth] HTTP Basic auth realm name, thanks to Harald Jenny
- [interface] Do not insert doc links to not formatted SQL.
- [lang] Chinese Simplified update, thanks to Shanyan Baishui
- [lang] Turkish update, thanks to Burak Yavuz
- [interface] Focus TEXTAREA "sql_query" on click on "SQL" link
- [lang] Uzbek update, thanks to Orzu Samarqandiy
- [import] After import, also list uploaded filename, thanks to Pavel Konnikov and Herman van Rink
- [structure] Clicking on table name in db Structure should Browse the table if possible, thanks to bhdouglass
- [search] New search operators, thanks to Martynas Mickevičius
- [designer] Colored relations based on the primary key, thanks to GreenRover
- [core] Provide way for vendors to easily change paths to config files.
- [interface] Add inline query editing, thanks to Muhammd Adnan.
- [setup] Allow to configure changes tracking in setup script.
-  Optionally disable the Type column, thanks to Brian Douglass
-  Buttons for quicky creating common SQL queries, thanks to sutharshan.
- [interface] Convert loading of export/import to jQuery ready event, thanks to sutharshan.
-  CURRENT_TIMESTAMP is also valid for datetime fields.
- [engines] Fix parsing of PBXT status, thanks to Madhura Jayaratne.
- [interface] Convert upload progress bar to jQuery, thanks to Philip Frank.
- [interface] Default sort order is now SMART.
- [interface] Fix flipping of headers in non-IE browsers.
- [interface] Allow to choose servers from configuration for synchronisation.
- [relation] Improve ON DELETE/ON UPDATE drop-downs
- [relation] Improve labels in relation view
- [interface] Use jQuery calendar dialog, thanks to Muhammad Adnan.
- [doc] Incorporate synchronisation docs into main document.
- [core] Include Content Security Policy HTTP headers.
- [CSS] Field attributes use inline CSS
- [interface] Cleanup navigation frame.
- [core] Prevent sending of unnecessary cookies, thanks to Piotr Przybylski
- [password] Generate password only available if JS is enabled (fixed for Privileges and Change password)
- [core] RecodingEngine now accepts none as valid option.
- [core] Dropped AllowAnywhereRecoding configuration variable.
- [interface] Define tab order in SQL form to allow easier tab navigation.
- [core] Centralized format string expansion, @VARIABLES@ are recommended way now, used by file name templates, default queries, export and title generating.
- [validator] SQL validator works also with SOAP PHP extension.
- [interface] Better formatting for SQL validator results.
- [doc] The linked-tables infrastructure is now called phpMyAdmin configuration storage.
- [interface] Move drop/empty links from being tabs to Operations tab.
- [interface] Fixed rendering of error/notice/info titles background.
- [doc] Language and grammar fixes, thanks to Isaac Bennetch
- [export] JSON export, thanks to Hauke Henningsen
- [interface] Editor for SET/ENUM fields.
- [interface] Simplified interface to backup/restore.
- [common] Users preferences
- [relations] Dropped WYSIWYG-PDF configuration variable.
- [relations] Export relations to Dia, SVG and others
- [interface] Added charts to status tab, profiling page and query results
- [interface] AJAXification on various pages
- [core] Remove last remaining parts of profiling code which was removed in 2006.
- [parser] Add workaround for MySQL way of handling backtick.
- [interface] Removed modification options for information_schema
- [config] Add Left frame table filter visibility config option, thanks to eesau
- [core] Force generating of new session on login
- [interface] Drop page-break-before as it is useless for smaller tables.
- [interface] Allow to wrap enum values.
- [interface] Do not automatically mark PDF schema rows to delete
- [interface] Do not apply LeftFrameDBSeparator on first character.
- [interface] Column highlighting and marking in table view
- [common] Visual query builder
- [interface] Prevent long queries from being shown in confirmation popup
- [navi] Left panel table grouping incorrect, thanks to garas - garas
- [interface] Avoid double escaping of MySQL errors.
- [interface] Use less noisy message and remove disable link on server charts and database statistics.
- [relation] When displaying results, show a link to the foreign table even when phpMyAdmin configuration storage is not active
- [relation] Foreign key input options
- [export] Better handling of export to PHP array.
- [privileges] No DROP DATABASE warning if you delete a user
- [interface] Add link to documentation for status variables.
- [security] Redirect external links to avoid Referer leakage.
- [interface] Default to not count tables in database.
- [interface] Shortcut for copying table row.
- [auth] Reset user cache on login.
- [interface] Replace hard coded limit with $cfg['LimitChars'].
- [interface] Indicate that bookmark is being used on browse.
- [interface] Indicate shared bookmarks in interface.
- [search] Ajaxify browse and delete criteria in DB Search, thanks to Thilanka Kaushalya
- [interface] New default theme pmahomme, dropped darkblue_orange theme.
- [auth] Allow to pass additional parameters using signon method.
- [auth] Add example for OpenID authentication using signon method.
- [dbi] Default to mysqli extension.
- [interface] Add clear button to SQL edit box.
- [core] Update library PHPExcel to version 1.7.6
- [core] Work without mbstring installed.
- [interface] Add links to variables documentation.
- [import] Fix import of utf-8 XML files.
- [auth] Force signon auth on signon URL change.
- [core] Synchronization does not honor AllowArbitraryServer
- [synchronization] Data containing single quotes prevents sync, thanks to jviewer
- [common] Remove the custom color picker feature
- [privileges] Don't fail silently on missing priviledge to execute REVOKE ALL PRIVILEGESBugs Fixed704171 - phpMyAdmin-3.4.1 is availablebodhi - 2011-05-29 22:11:30This update has been submitted for testing by robert.
bodhi - 2011-05-30 17:42:14This update has been pushed to testing
bodhi - 2011-06-13 23:03:34This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2011-06-13 23:22:25This update has been submitted for stable by robert.
bodhi - 2011-06-16 00:34:27This update has been pushed to stable