Site Navigation:
security phpMyAdmin-3.4.1-1.el6 security update
Status:stable
Release: Fedora EPEL 6
Update ID: FEDORA-EPEL-2011-3453
Builds: phpMyAdmin-3.4.1-1.el6 (logs)
Pushed: True
Date Submitted: 2011-05-29 22:11:23
Date Released: 2011-05-30 17:29:17
Submitter: robert
Karma: 0
Details

Welcome to phpMyAdmin 3.4, presenting a new default theme. This release contains new features, especially:

  • User preferences
  • Relation schema export to multiple formats
  • ENUM/SET editor
  • Simplified interface for export/import
  • AJAXification of some parts
  • Charts
  • Visual query builder

and here is the ChangeLog:

Changes for 3.4.1.0 (2011-05-20)

  • [interface] Synchronize and already configured host
  • [bug] Inline edit and $cfg['PropertiesIconic']
  • [patch] Show a translated label
  • [navi] Table filter is case sensitive
  • [privileges] Revert temporary fix
  • [synchronize] Synchronize and user name
  • [core] Some browsers report an insecure https connection
  • [security] Make redirector require valid token (see PMASA-2011-3 and PMASA-2011-4)

Changes for 3.4.0.0 (2011-05-11)

  • [view] Enable VIEW rename
  • [privileges] Export a user's privileges
  • [core] Updated mootools to fix some glitches with Safari.
  • [interface] Add REGEXP ^...$ to select dialog.
  • [interface] Add insert ignore option to editing row.
  • [interface] Show warning when javascript is disabled.
  • [edit] Call UUID function separately to show it in insert.
  • [export] Allow export of timestamps in UTC.
  • [core] Remove config data from session as it brings chicken-egg problem.
  • [core] Cookie path now honors PmaAbsoluteUri.
  • [core] phpMyAdmin honors https in PmaAbsoluteUri.
  • [core] Try moving tables by RENAME and fail to CREATE/INSERT if that fails.
  • [core] Force reload js on code change.
  • [interface] Do not display long numbers in server status.
  • [edit] Add option to just display insert query.
  • [interface] Move SSL status to the end, it is usually empty.
  • [interface] Show numbers of columns in table structure.
  • [inrerface] Add link to reload navigation frame.
  • [auth] Signon authentication forwards error message through session data.
  • [interface] Move ^1 to the end of message.
  • [interface] Grey out non applicable actions in structure
  • [interface] Allow to create new table from navigation frame (in light mode).
  • [browse] Add direct download of binary fields.
  • [browse] Properly display NULL value for BLOB.
  • [edit] Allow to set BLOB to/from NULL with ProtectBinary.
  • [edit] Do not default to UNHEX when using file upload.
  • [core] Add option to configure session_save_path.
  • [interface] Provide links to documentation in highlighted SQL.
  • [interface] It is now possible to bookmark most pages in JS capable browser.
  • [core] Fix SSL detection.
  • [doc] Add some hints to chk_rel.php for quick setup.
  • [interface] Add class to some elements for easier theming.
  • [doc] Add some interesting configs to config.sample.inc.php.
  • [doc] Added advice to re-login after changing pmadb settings
  • [interface] Prefill "Copy table to" in tbl_operations.php, thanks to iinl
  • [lang] Add English (United Kingdom) translation, thanks to Robert Readman.
  • [auth] HTTP Basic auth realm name, thanks to Harald Jenny
  • [interface] Do not insert doc links to not formatted SQL.
  • [lang] Chinese Simplified update, thanks to Shanyan Baishui
  • [lang] Turkish update, thanks to Burak Yavuz
  • [interface] Focus TEXTAREA "sql_query" on click on "SQL" link
  • [lang] Uzbek update, thanks to Orzu Samarqandiy
  • [import] After import, also list uploaded filename, thanks to Pavel Konnikov and Herman van Rink
  • [structure] Clicking on table name in db Structure should Browse the table if possible, thanks to bhdouglass
  • [search] New search operators, thanks to Martynas Mickevičius
  • [designer] Colored relations based on the primary key, thanks to GreenRover
  • [core] Provide way for vendors to easily change paths to config files.
  • [interface] Add inline query editing, thanks to Muhammd Adnan.
  • [setup] Allow to configure changes tracking in setup script.
  • [edit] Optionally disable the Type column, thanks to Brian Douglass
  • [edit] Buttons for quicky creating common SQL queries, thanks to sutharshan.
  • [interface] Convert loading of export/import to jQuery ready event, thanks to sutharshan.
  • [edit] CURRENT_TIMESTAMP is also valid for datetime fields.
  • [engines] Fix parsing of PBXT status, thanks to Madhura Jayaratne.
  • [interface] Convert upload progress bar to jQuery, thanks to Philip Frank.
  • [interface] Add javascript validation of datetime input, thanks to Sutharshan Balachandren.
  • [interface] Default sort order is now SMART.
  • [interface] Fix flipping of headers in non-IE browsers.
  • [interface] Allow to choose servers from configuration for synchronisation.
  • [relation] Improve ON DELETE/ON UPDATE drop-downs
  • [relation] Improve labels in relation view
  • [interface] Use jQuery calendar dialog, thanks to Muhammad Adnan.
  • [doc] Incorporate synchronisation docs into main document.
  • [core] Include Content Security Policy HTTP headers.
  • [CSS] Field attributes use inline CSS
  • [interface] Cleanup navigation frame.
  • [core] Prevent sending of unnecessary cookies, thanks to Piotr Przybylski
  • [password] Generate password only available if JS is enabled (fixed for Privileges and Change password)
  • [core] RecodingEngine now accepts none as valid option.
  • [core] Dropped AllowAnywhereRecoding configuration variable.
  • [interface] Define tab order in SQL form to allow easier tab navigation.
  • [core] Centralized format string expansion, @VARIABLES@ are recommended way now, used by file name templates, default queries, export and title generating.
  • [validator] SQL validator works also with SOAP PHP extension.
  • [interface] Better formatting for SQL validator results.
  • [doc] The linked-tables infrastructure is now called phpMyAdmin configuration storage.
  • [interface] Move drop/empty links from being tabs to Operations tab.
  • [interface] Fixed rendering of error/notice/info titles background.
  • [doc] Language and grammar fixes, thanks to Isaac Bennetch
  • [export] JSON export, thanks to Hauke Henningsen
  • [interface] Editor for SET/ENUM fields.
  • [interface] Simplified interface to backup/restore.
  • [common] Users preferences
  • [relations] Dropped WYSIWYG-PDF configuration variable.
  • [relations] Export relations to Dia, SVG and others
  • [interface] Added charts to status tab, profiling page and query results
  • [interface] AJAXification on various pages
  • [core] Remove last remaining parts of profiling code which was removed in 2006.
  • [parser] Add workaround for MySQL way of handling backtick.
  • [interface] Removed modification options for information_schema
  • [config] Add Left frame table filter visibility config option, thanks to eesau
  • [core] Force generating of new session on login
  • [interface] Drop page-break-before as it is useless for smaller tables.
  • [interface] Allow to wrap enum values.
  • [interface] Do not automatically mark PDF schema rows to delete
  • [interface] Do not apply LeftFrameDBSeparator on first character.
  • [interface] Column highlighting and marking in table view
  • [common] Visual query builder
  • [interface] Prevent long queries from being shown in confirmation popup
  • [navi] Left panel table grouping incorrect, thanks to garas - garas
  • [interface] Avoid double escaping of MySQL errors.
  • [interface] Use less noisy message and remove disable link on server charts and database statistics.
  • [relation] When displaying results, show a link to the foreign table even when phpMyAdmin configuration storage is not active
  • [relation] Foreign key input options
  • [export] Better handling of export to PHP array.
  • [privileges] No DROP DATABASE warning if you delete a user
  • [interface] Add link to documentation for status variables.
  • [security] Redirect external links to avoid Referer leakage.
  • [interface] Default to not count tables in database.
  • [interface] Shortcut for copying table row.
  • [auth] Reset user cache on login.
  • [interface] Replace hard coded limit with $cfg['LimitChars'].
  • [interface] Indicate that bookmark is being used on browse.
  • [interface] Indicate shared bookmarks in interface.
  • [search] Ajaxify browse and delete criteria in DB Search, thanks to Thilanka Kaushalya
  • [interface] New default theme pmahomme, dropped darkblue_orange theme.
  • [auth] Allow to pass additional parameters using signon method.
  • [auth] Add example for OpenID authentication using signon method.
  • [dbi] Default to mysqli extension.
  • [interface] Add clear button to SQL edit box.
  • [core] Update library PHPExcel to version 1.7.6
  • [core] Work without mbstring installed.
  • [interface] Add links to variables documentation.
  • [import] Fix import of utf-8 XML files.
  • [auth] Force signon auth on signon URL change.
  • [core] Synchronization does not honor AllowArbitraryServer
  • [synchronization] Data containing single quotes prevents sync, thanks to jviewer
  • [common] Remove the custom color picker feature
  • [privileges] Don't fail silently on missing priviledge to execute REVOKE ALL PRIVILEGES
Bugs Fixed
704171 - phpMyAdmin-3.4.1 is available
Feedback
bodhi - 2011-05-29 22:11:30
This update has been submitted for testing by robert.
bodhi - 2011-05-30 17:42:14
This update has been pushed to testing
bodhi - 2011-06-13 23:03:34
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2011-06-13 23:22:25
This update has been submitted for stable by robert.
bodhi - 2011-06-16 00:34:27
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters