Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
phpMyAdmin.6533
phpMyAdmin.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File phpMyAdmin.changes of Package phpMyAdmin.6533
------------------------------------------------------------------- Mon Mar 20 11:57:38 UTC 2017 - chris@computersalat.de - fix for boo#1030092 * load same admin flags/values for php7 as it is done for php5 ------------------------------------------------------------------- Wed Jan 25 23:50:14 UTC 2017 - chris@computersalat.de - 4.4.15.10 (2017-01-23) - fix for boo#1021597 * PMASA-2016-44 (CVE-2016-6621, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-44/ - Multiple vulnerabilities in setup script * PMASA-2017-1 ( CVE-Nya, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-1/ - Open redirect * PMASA-2017-2 ( CVE-2015-8980, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-2/ - php-gettext code execution * PMASA-2017-3 ( CVE-Nya, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-3/ - DOS vulnerabiltiy in table editing * PMASA-2017-4 ( CVE-Nya, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-4/ - CSS injection in themes * PMASA-2017-6 ( CVE-Nya, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-6/ - SSRF in replication * PMASA-2017-7 ( CVE-Nya, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-7/ - DOS in replication status - rework phpMyAdmin-config.patch ------------------------------------------------------------------- Tue Dec 6 15:14:02 UTC 2016 - chris@computersalat.de - fix changes * add missing CVE's * remove wrong entries ------------------------------------------------------------------- Sat Nov 26 19:15:01 UTC 2016 - ecsos@opensuse.org - update to 4.4.15.9 (2016-11-24) * gh#12485 Do not show warning about short blowfish_secret if none is set - fix for boo#1012271 https://www.phpmyadmin.net/security/ * Unsafe generation of $cfg['blowfish_secret'] see PMASA-2016-58 (CVE ids: CVE-2016-9847, CWE-661) * phpMyAdmin's phpinfo functionality is removed see PMASA-2016-59 (CVE ids: CVE-2016-9848, CWE-661) * AllowRoot and allow/deny rule bypass with specially-crafted username see PMASA-2016-60 (CVE ids: CVE-2016-9849, CWE-661) * Username matching weaknesses with allow/deny rules see PMASA-2016-61 (CVE ids: CVE-2016-9850, CWE-661) * Possible to bypass logout timeout see PMASA-2016-62 (CVE ids: CVE-2016-9851, CWE-661) * Full path disclosure (FPD) weaknesses see PMASA-2016-63 (CVE ids: CVE-2016-9852, CVE-2016-9853, CVE-2016-9854, CVE-2016-9855, CWE-661) * Multiple XSS weaknesses see PMASA-2016-64 (CVE ids: CVE-2016-9856, CVE-2016-9857, CWE-661, CWE-352) * Multiple denial-of-service (DOS) vulnerabilities see PMASA-2016-65 (CVE ids: CVE-2016-9858, CVE-2016-9859, CVE-2016-9860, CWE-661, CW-400) * Possible to bypass white-list protection for URL redirection see PMASA-2016-66 (CVE ids: CVE-2016-9861, CWE-661, CWE-20, CWE-601) * Multiple SQL injection vulnerabilities see PMASA-2016-69 (CVE ids: CVE-2016-9864, CWE-661, CWE-89) * Incorrect serialized string parsing see PMASA-2016-70 (CVE ids: CVE-2016-9865, CWE-661) * CSRF token not stripped from the URL see PMASA-2016-71 (CVE ids: CVE-2016-9866, CWE-661) ------------------------------------------------------------------- Thu Aug 18 14:08:21 UTC 2016 - chris@computersalat.de - 4.4.15.8 (2016-08-16) - securitiy fixes * Improve session cookie code for openid.php and signon.php example files * Full path disclosure in openid.php and signon.php example files * Unsafe generation of BlowfishSecret (when not supplied by the user) * Referrer leak when phpinfo is enabled * Use HTTPS for wiki links * Improve SSL certificate handling * Fix full path disclosure in debugging code * Administrators could trigger SQL injection attack against users - other fixes * Remove Swekey support - fix for boo#994313 https://www.phpmyadmin.net/security/ * Weaknesses with cookie encryption see PMASA-2016-29 (CVE-2016-6606, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-30 (CVE-2016-6607, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-31 (CVE-2016-6608, CWE-661) * PHP code injection see PMASA-2016-32 (CVE-2016-6609, CWE-661) * Full path disclosure see PMASA-2016-33 (CVE-2016-6610, CWE-661) * SQL injection attack see PMASA-2016-34 (CVE-2016-6611, CWE-661) * Local file exposure through LOAD DATA LOCAL INFILE see PMASA-2016-35 (CVE-2016-6612, CWE-661) * Local file exposure through symlinks with UploadDir see PMASA-2016-36 (CVE-2016-6613, CWE-661) * Path traversal with SaveDir and UploadDir see PMASA-2016-37 (CVE-2016-6614, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-38 (CVE-2016-6615, CWE-661) * SQL injection vulnerability as control user see PMASA-2016-39 (CVE-2016-6616, CWE-661) * SQL injection vulnerability see PMASA-2016-40 (CVE-2016-6617, CWE-661) * Denial-of-service attack through transformation feature see PMASA-2016-41 (CVE-2016-6618, CWE-661) * SQL injection vulnerability as control user see PMASA-2016-42 (CVE-2016-6619, CWE-661) * Verify data before unserializing see PMASA-2016-43 (CVE-2016-6620, CWE-661) * SSRF in setup script see PMASA-2016-44 (CVE-2016-6621, CWE-661) * Denial-of-service attack with $cfg['AllowArbitraryServer'] = true and persistent connections see PMASA-2016-45 (CVE-2016-6622, CWE-661) * Denial-of-service attack by using for loops see PMASA-2016-46 (CVE-2016-6623, CWE-661) * Possible circumvention of IP-based allow/deny rules with IPv6 and proxy server see PMASA-2016-47 (CVE-2016-6624, CWE-661) * Detect if user is logged in see PMASA-2016-48 (CVE-2016-6625, CWE-661) * Bypass URL redirection protection see PMASA-2016-49 (CVE-2016-6626, CWE-661) * Referrer leak see PMASA-2016-50 (CVE-2016-6627, CWE-661) * Reflected File Download see PMASA-2016-51 (CVE-2016-6628, CWE-661) * ArbitraryServerRegexp bypass see PMASA-2016-52 (CVE-2016-6629, CWE-661) * Denial-of-service attack by entering long password see PMASA-2016-53 (CVE-2016-6630, CWE-661) * Remote code execution vulnerability when running as CGI see PMASA-2016-54 (CVE-2016-6631, CWE-661) * Denial-of-service attack when PHP uses dbase extension see PMASA-2016-55 (CVE-2016-6632, CWE-661) * Remove tode execution vulnerability when PHP uses dbase extension see PMASA-2016-56 (CVE-2016-6633, CWE-661) - rebase phpMyAdmin-config.patch ------------------------------------------------------------------- Thu Jun 23 12:46:03 UTC 2016 - chris@computersalat.de - 4.4.15.7 (2016-06-23) * fix issue Setup script doesn't use input type 'password' in all relevant locations - fix for boo#986154 * PMASA-2016-17 (CVE-2016-5701, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-17/ - BBCode injection vulnerability * PMASA-2016-19 (CVE-2016-5703, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-19/ - SQL injection attack * PMASA-2016-21 (CVE-2016-5705, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-21/ - Multiple XSS vulnerabilities * PMASA-2016-22 (CVE-2016-5706, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-22/ - DOS attack * PMASA-2016-23 (CVE-2016-5730, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-23/ - Multiple full path disclosure vulnerabilities * PMASA-2016-24 (CVE-2016-5731, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-24/ - XSS through FPD * PMASA-2016-26 (CVE-2016-5733, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-26/ - Multiple XSS vulnerabilities * PMASA-2016-28 (CVE-2016-5739, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-28/ - Referrer leak in transformations ------------------------------------------------------------------- Sat May 28 18:57:10 UTC 2016 - ecsos@opensuse.org - update to 4.4.15.6 (2016-05-25) - Security fixes: * PMASA-2016-16 (CVE-2016-5099, CWE-661) [boo#982128] https://www.phpmyadmin.net/security/PMASA-2016-16/ - Self XSS vulneratbility, see PMASA-2016-16 ------------------------------------------------------------------- Tue Mar 1 18:25:15 UTC 2016 - astieger@suse.com - phpMyAdmin 4.4.15.5: The following vulnerabilities were fixed: * CVE-2016-2560: Multiple XSS vulnerabilities (PMASA-2016-11 boo#968938) * CVE-2016-2561: Multiple XSS vulnerabilities (PMASA-2016-12 boo#968941) ------------------------------------------------------------------- Sun Jan 31 14:12:31 UTC 2016 - chris@computersalat.de - unbreak stable release - update to 4.4.15.4 (2016-01-29) * gh#11892 Error with PMA 4.4.15.3 * gh#11896 Remove hard dependency on phpseclib ------------------------------------------------------------------- Thu Jan 28 18:20:05 UTC 2016 - astieger@suse.com - phpMyAdmin 4.4.15.3 The followinng vulnerabilities were fixed: (boo#964024) * CVE-2016-2038: Multiple full path disclosure vulnerabilities * CVE-2016-2039: Unsafe generation of XSRF/CSRF token * CVE-2016-2040: Multiple XSS vulnerabilities * CVE-2016-1927: Insecure password generation in JavaScript * CVE-2016-2041: Unsafe comparison of XSRF/CSRF token * CVE-2016-2042: Multiple full path disclosure vulnerabilities * CVE-2016-2043: XSS vulnerability in normalization page - update upstream singing keyring ------------------------------------------------------------------- Wed Jan 6 17:36:34 UTC 2016 - chris@computersalat.de - fix for boo#960854 * add missing dependency of php-json ------------------------------------------------------------------- Tue Dec 29 18:47:04 UTC 2015 - ecsos@opensuse.org - update to 4.4.15.2 (2015-12-25) - Security fixes: * PMASA-2015-5 (CVE-2015-8669, CWE-661 CWE-200) boo#960282 https://www.phpmyadmin.net/security/PMASA-2015-6/ - [Security] Path disclosure, see PMASA-2015-6 ------------------------------------------------------------------- Mon Oct 26 10:32:47 UTC 2015 - ecsos@opensuse.org - update to 4.4.15.1 (2015-10-23) - gh#11464 phpMyAdmin suggests upgrading to newer version not usable on that system - Security fixes: [boo#951960] * PMASA-2015-5 (CVE-2015-7873, CWE-661 CWE-20) https://www.phpmyadmin.net/security/PMASA-2015-5/ - fix issue [security] Content spoofing on url.php ------------------------------------------------------------------- Sun Sep 20 20:12:36 UTC 2015 - ecsos@opensuse.org - update to 4.4.15 (2015-09-20) - gh#11411 Undefined "replace" function on numeric scalar - gh#11421 Stored-proc / routine - broken parameter parsing - fix issue Missing name for configuration read_as_multibytes - gh#11431 Incorrect "No row selected" message - gh#11447 MySQL 5.5 and the language system variable - gh#11452 Semantics of export and import icons are mixed up - gh#11451 Designer-Bug in move.js on multiple server configuration - gh#11458 Invalid UTF-8 sequence in argument - gh#11457 Request URI too large - fix issue Invalid argument supplied for foreach() - gh#11461 Foreign key constraints for InnoDB tables with upper-case letters disabled - gh#11487 Warning when entering Query page - change entrys in changelog from sf to gh from 4.13.0 to now ------------------------------------------------------------------- Thu Sep 17 09:41:30 UTC 2015 - ecsos@opensuse.org - boo#945999 enable required apache modules in spec at install ------------------------------------------------------------------- Fri Sep 11 09:55:59 UTC 2015 - ecsos@opensuse.org - update 4.4.14.1 (2015-09-08) - Security fixes: [boo#945420] * PMASA-2015-4 (CVE-2015-6830, CWE-661 CWE-307) https://www.phpmyadmin.net/security/PMASA-2015-4/ - fix issue [security] reCaptcha bypass ------------------------------------------------------------------- Tue Aug 25 10:09:07 UTC 2015 - ecsos@opensuse.org - update to 4.4.14 (2015-08-20) - gh#11367 Export after search, missing WHERE clause - gh#11380 Incomplete message after import - fix issue Incorrect scalar type declaration (reported under PHP 7) - gh#11389 ReCaptcha produces deprecated messages under PHP 7 - gh#11387 phpseclib < 2.0 produces deprecated messages on PHP 7 - gh#11404 "Switch to copied table" doesn't work - gh#11406 Missing quotes after calling "distinct values" - gh#11386 Cannot import database with long data in one column - gh#11410 SPATIAL index option is not clickable ------------------------------------------------------------------- Sun Aug 9 06:06:17 UTC 2015 - ecsos@opensuse.org - update to 4.4.13.1 (2015-08-08) - gh#11368 SQL error when importing phpMyAdmin dump file ------------------------------------------------------------------- Sat Aug 8 10:35:18 UTC 2015 - ecsos@opensuse.org - update to 4.4.13 (2015-08-07) - gh#1808 "Improve table structure" generates invalid SQL - fix issue Once checked "Show only active" checkbox is always checked - gh#1813 Delete rows using "Check All" is broken - fix issue Fix PHP 7 possible binding ambiguity - gh#11326 Exported schema includes all the tables of the database - gh#11339 Results not displayed if query ends in delimiter and comment - gh#11320 Live edit of data fields is not working always - fix issue Table list in navigation collapses when entering into a table in another page - gh#11364 JS error while trying to auto navigate to db structure page when db creation has failed ------------------------------------------------------------------- Tue Jul 21 18:11:32 UTC 2015 - mcihar@suse.cz - Apache configuration compatible with both 2.2 and 2.4 ------------------------------------------------------------------- Mon Jul 20 14:45:32 UTC 2015 - mcihar@suse.cz - update to 4.4.12 (2015-07-20) - Saved chart image does not have a proper name or an extension - sf#4976 Timepicker CSS issues in Original theme - sf#4975 Move/Copy/Rename operations on Table/Db fail on Drizzle server - sf#4826 Two inline edit windows - sf#4979 Problem when import *.ods file - Add missing head tag - sf#4985 Column headers move when scrolling - use smaller xz compressed archive - update Apache configuration to be compatible with 2.4 ------------------------------------------------------------------- Wed Jul 8 06:27:42 UTC 2015 - ecsos@opensuse.org - update to 4.4.11 (2015-07-06) - fix bug Missing selected/entered values when editing active options in visual query builder - sf#4969 Autoload from prefs_storage not behaving properly - sf#4972 Incorrect length computed for binary data - fix bug Remove character set from create_tables_drizzle.sql - sf#4973 Users overview needs clarification - sf#4974 Creating a database from console doesn't update navigation panel - sf#4844 FAQ 1.17 needs an update - change sourcepath in spec ------------------------------------------------------------------- Thu Jul 2 11:16:15 UTC 2015 - mcihar@suse.cz - switch upstream url to https - include signed release together with keyring to verify signatures ------------------------------------------------------------------- Wed Jun 17 17:23:38 UTC 2015 - ecsos@opensuse.org - add missing sql-scripts to doc ------------------------------------------------------------------- Wed Jun 17 15:30:50 UTC 2015 - ecsos@opensuse.org - update to 4.4.10 (2015-06-17) - sf#4950 Issues in database selection for replication - sf#4951 Trying to save chart as image crashes the browser - sf#4953 cant drag sql.gz file onto import input - sf#4960 Table creation results in GET request with missing server parameter that invalidates the session - sf#4961 Javascript error when Designer is opened - sf#4962 Insert by foreign key scrolls page to top - sf#4955 Clicking on the navi logo does not always work - fix bug External URL for $cfg['NavigationLogoLink'] causes JavaScript error when clicked ------------------------------------------------------------------- Fri Jun 5 07:56:13 UTC 2015 - ecsos@opensuse.org - update to 4.4.9 (2015-06-04) - sf#4920 relation view doesn't list fields of table in other database - sf#4905 Sorting by an alias - sf#4931 False error before entering reCAPTCHA - sf#4909 central column with multiple server - sf#4937 Custom export with backquotes off is not working - sf#4908 Reverse proxy: infinite internal redirect (added warning in doc) - sf#4942 Export to gzip saves plain text under Chrome ------------------------------------------------------------------- Thu May 28 16:13:56 UTC 2015 - ecsos@opensuse.org - update to 4.4.8 (2015-05-28) - fix bug Allow accessing visual query builder when pmadb is not configured - sf#4893 Nav tree line alignment issue - sf#4911 Lock page icon is not shown after fresh reload - sf#4912 "Highlight pointer" and "Row marker" doesn't work properly - fix bug Browse foreigners window goes out of the window - sf#4918 Date field popup dialog position bug - fix bug In /setup, PMA_messages is not defined - sf#4924 Recaptcha failure - sf#4930 Database copy doesn't work for tables with more than one FULLTEXT index - sf#4929 Edit view structure doesn't load the algorithm - sf#4923 Do not limit table comments to 60 characters ------------------------------------------------------------------- Sat May 16 12:04:23 UTC 2015 - ecsos@opensuse.org - update to 4.4.7 (2015-05-16) - sf#4876 Settings issues (Favorite tables shown twice in Settings) - sf#4896 Non-styled error page when following results link - sf#4894 Deleting without confirmation - sf#4858 Issues with SQL autocomplete - sf#4897 Column hint in SQL autocomplete is sometimes not shown - sf#4898 JS error after selecting a field and press Enter - fix bug Honor proxy settings when getting Git commit information - fix bug Missing title on link - sf#4512 ForceSSL Redirect Check - fix bug Undefined index collation_connection - fix bug Error when the reporting server is down - fix bug Escape database and table names for partition maintenance - fix bug Invalid value for CURLOPT_SSL_VERIFYPEER - sf#4367 Import status infinite loop - sf#4902 Designer: Loading does not work - sf#4904 Setup: Overview > Display does not work - sf#4906 Designer: pages from all databases ------------------------------------------------------------------- Wed May 13 17:51:57 UTC 2015 - ecsos@opensuse.org - update 4.4.6.1 (2015-05-13) This update fixes several vulnerabilities - Security fixes: * PMASA-2015-2 (CVE-2015-3902, CWE-661 CWE-352) http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php - sf#4899 [security] CSRF vulnerability in setup * PMASA-2015-3 ( CVE-2015-3903, CWE-661 CWE-295) http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php - sf#4900 [security] Vulnerability allowing man-in-the-middle attack ------------------------------------------------------------------- Thu May 7 15:45:44 UTC 2015 - ecsos@opensuse.org - update to 4.4.6 (2015-05-07) - sf#4890 webkitStorageInfo and webkitIndexedDB is deprecated - sf#4892 Undefined variable: unique_conditions - sf#4891 CSV Import ignores "Replace table data with file" checkbox ------------------------------------------------------------------- Tue May 5 15:45:46 UTC 2015 - ecsos@opensuse.org - update to 4.4.5 (2015-05-05) - fix bug Table overhead stats: missing space before the unit - fix bug Fix resize icon in Designer - sf#4879 Exit fullscreen in Designer does not change the button text - sf#4880 Designer icons missing when using original theme - sf#4878 Column list of central columns is not cleared - sf#4881 jQuery dialogs of the Designer are not displayed in fullscreen - sf#4883 Search function breaks when searching for certain combinations of backslashes and slashes - sf#4830 Maximum execution time exceeded in Util.class.php (better fix) - sf#4885 Some icons are above the overlay of jQuery dialogs - sf#4886 Clicking on external links in advisor rules give JS error - sf#4888 Filter in central columns does not work in other languages ------------------------------------------------------------------- Sun Apr 26 12:08:40 UTC 2015 - ecsos@opensuse.org - update to 4.4.4 (2015-04-26) - sf#4863 Edit vs Change - sf#4859 Don't scroll (to bottom) when editing multiple rows - sf#4862 Misaligned Inline edit field - sf#4861 Use of undefined constant PMA_DRIZZLE - sf#4865 sprintf(): Too few arguments - sf#4866 Limit column ordering in index edit dialog - sf#4867 Incorrect ALTER TABLE statement generated - sf#4870 Inconsistency in 'Ignore' checkbox in insert page - sf#4869 Drop column action not asking to confirm - sf#4871 Error on creating table - fix bug Undefined index: Rows ------------------------------------------------------------------- Mon Apr 20 15:02:56 UTC 2015 - ecsos@opensuse.org - update to 4.4.3 (2015-04-20) - sf#4851 PHP errors in login dialogue - sf#4845 White screen (Cloudflare) - sf#4207 json_encode error due to strftime returning non utf8 chars in Windows 8.1 Chinese version - sf#4794 Server error viewing table content - fix bug Fix issues related to number of decimal places in time - sf#4853 Relation view between 1600 and 1780 px - fix bug PHP 7 compatibility in php-gettext - fix bug PHP 7 compatibility in bfShapeFiles - fix bug PHP 7 session_regenerate_id() warning - sf#4857 Alter table after changing column name error - sf#4830 Maximum execution time exceeded in Util.class.php ------------------------------------------------------------------- Mon Apr 13 18:28:37 UTC 2015 - ecsos@opensuse.org - update to 4.4.2 (2015-04-13) - sf#4835 PMA_hideShowConnection not called after submit_num_fields - sf#4836 Server warning after moving from console to direct clicks - sf#4837 Duplicate new version notification when using the "Back" button - sf#4839 DOC link in setting is broken - sf#4841 Status page: Mislukte pogingen per uur value is incorrect - fix bug MIME Transformation link fixed - sf#4838 Prevents console window from moving out of the screen height - sf#4829 Create procedure via SQL Editor not more possible - sf#4833 CSS and Javascript are not compressed - sf#4849 Functions accessed from navigation do not load on ajax dialog - sf#4850 Relation view on 1920 ------------------------------------------------------------------- Sat Apr 11 18:02:48 UTC 2015 - ecsos@opensuse.org - update 4.4.1.1 (2015-04-08) - sf#4846 Web server's error log is flooded - changes from 4.4.1 (2015-04-07) - sf#4813 MySQL 5.7.6 and the Users menu tab - sf#4818 MySQL 5.7.6 and changing the password for another user - sf#4819 Request URI too large - sf#4814 MySQL 5.7.6 and Databases - fix bug Use 'server' parameter in console to work in multi server environments - fix bug Missing tooltip in monitor - fix bug Missing sort icons in monitor - sf#4805 Inline edit broken when using functions in query - sf#4821 Timed-out import fails to restart when file represented - sf#4754 pMA DB not detected properly - sf#4825 Datepicker missing when changing number of rows on Insert page - sf#4824 INNODB STATUS page is empty - sf#4828 JavaScript is loaded in wrong order - sf#4827 TEXT formatting doesn't work after inline editing - sf#4822 Compress when php.ini output_buffering is active - sf#4832 Sorting distinct values result loses links - sf#4834 Do not attach token to css requests to improve caching ------------------------------------------------------------------- Fri Apr 3 21:36:12 UTC 2015 - ecsos@opensuse.org - update to 4.4.0 (2015-04-01) + rfe #1553 InnoDB presently supports one FULLTEXT index creation at a time + rfe #1562 Allow tracking multiple table at once from database level tracking page + rfe #1564 Improve action message on Tracking page + rfe #1566 Change value of "Number of rows:" when "Show all" is checked + rfe Focus console by clicking on white space + rfe #1507 Part 1: Cycle through console history with keyboard up/down arrows + rfe #1579 Default to primary key when adding relation + rfe #1572 User prefs: Diff-friendly JSON for config + rfe #1567 Sever Variables Table UI Improvements - sf#4675 phpMyAdmin should be able to work without 'examples' DIR - move SQL scripts to sql directory + rfe #1578 Warn about reserved word only when a column is created + rfe #1590 Recaptcha API v2 + rfe #1580 Individual Zeroconf PMA tables support + rfe #1525 Generate keys one per line + rfe #347 allow table with transformed column anywhere in FROM clause + rfe #1591 Shortcut link to search page + rfe #1568 Fold Add Column After / Before into dropdown - sf#4705 Table structure: adding primary key doesn't refresh page + rfe #1582 SQL formatter + rfe #1597 Fast filter improvement: remove "x other results found" - sf#4720 No error message on Missing extension mbstring + rfe #801 Builtin transformations and relations + rfe #767 USING BTREE support for HEAP/MEMORY tables + rfe #1596 Make "Options > Relational" configurable + rfe #719 More details in PDF relation view + rfe #1096 Cannot enter connection for federated engine table + rfe #954 Allow SALT in ENCRYPT function + rfe #1260 Setting LoginCookieValidity > session.gc_maxlifetime + rfe Transformation for JSON - bug Fix isCanvasSupported for new window + rfe #1600 Clarify the "Inline" link + rfe #1179 Speed up slow triggers by using EVENT_OBJECT_SCHEMA + rfe #1192 ON DUPLICATE KEY UPDATE for loading CSV - bug fix Cannot execute command from console (multi-server installation) + rfe #1208 linking from information_schema + rfe #1235 Relation view: move to main "Structure" page + rfe #1558 Designer menu with explicit text + rfe #937 Relations with views like with tables + rfe #1241 Browse Field -> Search + rfe #723 Provide sanity check for table/column names (table names) + rfe #1312 SessionTimeZone configuration directive - bug fix Add missing confirmation when deleting tracking report entries + rfe Ability to disable foreign key check when emptying tables + rfe #1549 Reset auto-increment when exporting structure + rfe #1602 Recover query in redaction after session end + rfe #1605 After database creation, go to database structure page + rfe #1604 Show PHP version - sf#4770 Multiple delete on table browse ignoring foreign key checkbox + rfe CodeMirror based SQL editor as an input transformation + rfe #1275 CodeMirror based JSON editor as an input transformation + rfe #685 Editor for HTML content + rfe #1595 make professional code editor suggestion + rfe #1606 processlist filter + rfe Change tracking activation status from db level tracking page + rfe #1207 Export users associated with a specific schema/database + rfe #1575 "Disable database expansion" : unclear directive name and explanation + rfe #1607 Tool tip for lock icon when making changes to a page + rfe #1327 Hide 'Add user' link if user does not have privileges + rfe #501 Support for SSL GRANT option + rfe #1608 Central columns allowing setting SIGNED / UNSIGNED attribute for integer + rfe #1441 Add regexp match when using AllowArbitraryServer - sf#4806 Unable to work with two different servers in two tabs - fix incorrect fsf-address - change pma.patch ------------------------------------------------------------------- Sun Mar 29 13:42:58 UTC 2015 - ecsos@opensuse.org - update to 4.3.13 (2015-03-29) - sf#4803 "Show hidden items" is sometimes hidden - sf#4807 Breaks when sorting by multiple columns while using UNION - sf#4798 Missing column when exporting in sql - sf#4810 Broken find and replace - sf#4804 Undefined Index after export schema - sf#4802 Changelog page is not working - sf#4815 Infinite calls to index.php - sf#4820 Invalid links to dev.mysql.com - sf#4718 simulate query fails, but actual query does not ------------------------------------------------------------------- Sat Mar 14 22:17:52 UTC 2015 - ecsos@opensuse.org - update to 4.3.12 (2015-03-14) - sf#4746 Right-aligned columns have left-aligned header - sf#4779 PMA_Util::parseEnumSetValues fails on enums with UTF-8 values - fix bug Undefined index savedsearcheswork - sf#4788 Inline edit of DATE fields with NULL, NULL checkbox is under datepicker - sf#4790 DROP TABLE/VIEW IF EXISTS are not tracked - fix bug Compatibility with central columns of version 4.4 - sf#4758 Firefox with auth_type to http with multiple server doesn't work anymore - sf#4789 Views aren't dropped when copying a database - sf#4784 Incomplete bookmark saving - sf#4786 SELECT width on relations page ------------------------------------------------------------------- Wed Mar 4 23:12:16 UTC 2015 - ecsos@opensuse.org - update to 4.3.11.1 (2015-03-04) This update fixes several vulnerabilities - Security fixes: * PMASA-2015-1 (CVE-2015-2206, CWE-661 CWE-352) [boo#920773] http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php - fix bug [security] Risk of BREACH attack ------------------------------------------------------------------- Wed Mar 4 09:07:09 UTC 2015 - ecsos@opensuse.org - fix error displayed in Status/Advisor and not functional display of cpu and memory under Status/Monitor/ ------------------------------------------------------------------- Tue Mar 3 23:54:51 UTC 2015 - ecsos@opensuse.org - update to 4.3.11 (2015-03-02) - sf#4774 SQL links are completely wrong - sf#4768 MariaDB: version mismatch - sf#4777 Some images are missing in Designer for original theme - sf#4767 Drizzle: undefined index in mysql_charsets.inc.php - sf#4753 Normal field and multi-line field have different margins - sf#4760 Cannot re-import settings from local storage - sf#4778 SQL error when database list is sorted by additional columns - sf#4780 Notice when timestamp column does not have default value ------------------------------------------------------------------- Fri Feb 20 16:32:21 UTC 2015 - ecsos@opensuse.org - update to 4.3.10 (2015-02-20) - fix bug Undefined index navwork - sf#4744 Opening console scroll down the page - fix bug Remove extra column heading in view structure page - fix bug Add missing confirmation when deleting central columns - fix bug Undefined index DisableIS - sf#4763 Database export with more than 512 tables fails - sf#4769 Previously set column aliases are destroyed if returned to the same table - sf#4752 Incorrect page after creating table - sf#4771 Central Columns not working, showing error ------------------------------------------------------------------- Fri Feb 6 16:41:06 UTC 2015 - ecsos@opensuse.org - update to 4.3.9 (2015-02-05) - sf#4728 Incorrect headings in routine editor - sf#4730 Notice while browsing tables when phpmyadmin pma database exists, but not all the tables - sf#4729 Display original field when using "Relational display column" option and display column is empty - sf#4734 Default values for binary fields do not support binary values - sf#4736 Changing display options breaks query highlighting - fix bug Undefined index submit_type - sf#4738 Header lose align when scrolling in Firefox - sf#4741 in ./libraries/Advisor.class.php#184 vsprintf(): Too few arguments - sf#4743 Unable to move cursor with keyboard in filter rows box - fix bug Incorrect link in doc - sf#4745 Tracking does not handle views properly - sf#4706 Schema export doesn't handle dots in db/table name - sf#3935 Table Header not displayed correct (Safari 5.0.5 Mac) - sf#4750 Disable renaming referenced columns - sf#4748 Column name center-aligned instead of left-aligned in Relations ------------------------------------------------------------------- Sat Jan 24 13:34:33 UTC 2015 - ecsos@opensuse.org - update to 4.3.8 (2015-01-24) - fix bug Undefined constant PMA_DRIZZLE - sf#4712 Wrongly positioned date-picker while Grid-Editing - sf#4714 Forced ORDER BY for own sql statements - sf#4721 Undefined property: stdClass::$version - sf#4719 'only_db' not working - sf#4700 Error text: Internal Server Error - sf#4722 Incorrect width table summary when favorite tables is disabled - sf#4716 Collapse all in navigation panel is sometimes broken - sf#4724 Cannot navigate in filtered table list - sf#4717 Database navigation menu broken when resolution/screen is changing - sf#4727 Collation column missing in database list when DisableIS is true - fix bug Undefined index central_columnswork - fix bug Undefined index favorite_tables ------------------------------------------------------------------- Sat Jan 17 09:32:06 UTC 2015 - ecsos@opensuse.org - update to 4.3.7 (2015-01-15) - sf#4694 js error on marking table as favorite in Safari (in private mode) - sf#4695 Changing $cfg['DefaultTabTable'] doesn't update link and title - fix bug Undefined index menuswork - fix bug Undefined index navwork - fix bug Undefined index central_columnswork - sf#4697 Server Status refresh not behaving as expected - fix bug Null argument in array_multisort() - sf#4699 Navigation panel should not hide icons based on 'TableNavigationLinksMode' - sf#4703 Unsaved schema page exported as pdf.pdf - sf#4707 Call to undefined method PMA_Schema_PDF::dieSchema() - sf#4702 URL is non RFC-2396 compatible in get_scripts.js.php ------------------------------------------------------------------- Thu Jan 8 06:07:12 UTC 2015 - ecsos@opensuse.org - update to 4.3.6 (2015-01-07) - fix bug Undefined index notices while configuring recent and favorite tables - sf#4687 Designer breaks without configuration storage - sf#4686 Select elements flicker and selects something else - sf#4689 Setup tool creates "pma__favorites" incorrectly - sf#4685 Call to a member function isUserType() on a non-object - sf#4691 Do not include console when no server is selected - sf#4688 File permissions in archive - sf#4692 Dynamic javascripts gives 500 when db selected ------------------------------------------------------------------- Mon Jan 5 23:54:17 UTC 2015 - chris@computersalat.de - fix for boo#911360 * problems with pma__config enabled by default in phpMyAdmin - rework config patch * fix for pma storage config (disabled by default) - add phpMyAdmin-pma.patch * fix create_tables.sql - fix restart_on_update ------------------------------------------------------------------- Mon Jan 5 16:03:43 UTC 2015 - ecsos@opensuse.org - update to 4.3.5 (2015-01-05) - fix bug Auto-configuration: tables were not created automatically - sf#4677 Advanced feature checker does not check for favorite tables feature - sf#4678 Some of the data stored in configuration storage are not deleted upon db or table delete - sf#4679 Setup does not allow providing a name for favorites table - sf#4680 Number of favorite table are not configurable in setup - sf#4681 'Central columns table' field in setup does not have a description - sf#4318 Default connection collation and sorting - sf#4683 Relational data is not properly updated on table rename - sf#4655 Undefined index: collation_connection (second patch) - sf#4682 4.3.3 & 4.3.4 Import sql created by mysqldump fails on foreign keys - sf#4676 Auto-configuration issues - sf#4416 New lines are removed when grid editing (part two: TEXT) ------------------------------------------------------------------- Mon Dec 29 18:03:15 UTC 2014 - ecsos@opensuse.org - update to 4.3.4 (2014-12-29) - sf#4653 Always connection error was shown, on /setup at tab "configuration storage" - sf#4661 Drag and drop file import always fails - sf#4651 don't open console with esc - sf#4664 select min() displays 1 row, but reports the table amount of rows returned - sf#4666 Undefined indexes in table stucture print view of a view - sf#4663 Export missing back ticks for order table name - sf#4668 Remove from central columns error - sf#4670 CSV import reads both commas and values into first column after first row - sf#4642 phpmyadmin often fails to load due to specific load order - sf#4671 Unable to move all columns - sf#4645 Import of export created with mysqldump - sf#4672 "Distinct values" does not page - sf#4667 Consistency in borders - sf#4658 Illegal string offset (Data_length, Index_length) - sf#4655 Undefined index: collation_connection - sf#4673 Delimiter causing page lock ------------------------------------------------------------------- Sun Dec 21 12:27:09 UTC 2014 - ecsos@opensuse.org - update to 4.3.3 (2014-12-21) - fix bug The "Recently used tables" setting should be with Nav panel - sf#4647 Can't disable Favorites - sf#4646 Version Check Broken - sf#4630 AJAX request infinite loop - sf#4649 Attributes field size smaller than others - sf#4622 Cannot remove table ordering on a Mac - fix bug Fix initial replication configuration - fix bug Undefined index central_columnswork - sf#4657 Don't have default blowfish_secret - sf#4656 Some error popups fade away too quickly - sf#4648 Consistency in borders - fix bug $cfg['Error_Handler']['display'] no longer necessary - sf#4659 Leading and trailing whitespace in column name ------------------------------------------------------------------- Fri Dec 12 15:27:17 UTC 2014 - ecsos@opensuse.org - update to 4.3.2 (2014-12-12) - sf#4628 PHP error while exporting schema as PDF - sf#4631 Server selector submits two server parameter values - sf#4629 Problem with custom SQL queries using cookie authentication - fix bug Undefined index central_columnswork - sf#4632 Notice in ./libraries/Util.class.php#1916 Undefined index: query - sf#4633 Wrong parameter in fetchValue - sf#4634 Error reporting creates an infinite loop - sf#4635 Token mismatch while creating configuration storage - sf#4640 Incorrect reference to PHP 6 - sf#3794 failure to handle repeating empty columns when importing ODS - sf#4638 Default Export Method setting broken - sf#4639 Export SQL missing indentation first field - sf#4637 Field Alignment - sf#4644 Error when browsing tables ------------------------------------------------------------------- Mon Dec 8 18:26:50 UTC 2014 - ecsos@opensuse.org - update to 4.3.1 (2014-12-08) - sf#4609 'Show all' checkbox label is not clickable - sf#4610 JS error reporting: Hash fragment is reset - fix bug Undefined index menuswork - sf#4614 Separator between "Show All" and "Number of rows" disappears - sf#4615 SQL highlighting in process list breaks on auto refresh - sf#4616 Warning in db structure print view page - fix bug Undefined index navwork, savedsearcheswork, fields - sf#4620 Undefined index while adding to the central columns list - sf#4618 Page scrolls while GIS visualization is zoomed in/out with mousewheel - sf#4613 HHVM: method 'ob_gzhandler' not found - sf#4593 Manual "SELECT" doesn't change active table - sf#4623 Incomplete PHP OpenSSL support - sf#4626 Ctrl + click on a column not in sort triggers a server call to erroneous url - sf#4625 "Insufficient space to save the file" on export SQL to file on server - sf#4627 "file_get_contents(examples/create_tables.sql): failed to open stream" after update - sf#4617 UI issues with sortable tables - sf#4619 SELECT LENGTH(`field`) FROM `table` does not sort ------------------------------------------------------------------- Sat Dec 6 10:09:35 UTC 2014 - ecsos@opensuse.org - update to 4.3.0 (2014-12-05) + rfe #1502 Smart sorting for int keys + rfe #1521 Confirmation message when dropping user(s) + rfe #1518 Confirm dialog on accidentally leaving a page + rfe #1445 Easy access to "SHOW CREATE ..." + rfe #1448 Allow clicking an approximate row count to get a correct one + rfe #1487 "Browse foreign values" should be a modal dialog + rfe #1523 Better visual clue for table structure primary key column + rfe #982 Support for editing binary fields in hexadecimal - sf#4416 New lines are removed when grid editing + rfe #706 Multi-db privileges adding + rfe #1527 Charts for data in <x-axis, series, value> format + rfe Allow saving query charts as images + rfe #1145 Preview SQL instead of executing it + rfe #759 Use aliases in SQL export for tables and columns - sf#4450 Query is duplicated on Ctrl+Enter + rfe #755 Export with table/column name changes + rfe #869 Run SQL query: Allow rollback for InnoDB tables + rfe #654 Range Search Capability + rfe #1490 Dynamic process list + rfe #1522 Drag and Drop SQL import + rfe #637 Custom Field Handlers + rfe #1488 User privilege tab not shown in all relevant cases + rfe #781 Privileges for non superuser + rfe #908 Improvements for the table editor (index creation) + rfe #1426 Navigation state lost on reload - sf#4439 Table list in left panel doesn't expand + rfe Improved validation when inserting data + rfe #1491 Support InnoDB for database Query by example + rfe #345 Normalize a table + rfe #1123 Zeroconf PMA tables support + rfe #1492 Remove the distinct query window / Add SQL log+history panel + rfe #919 Multiple-column foreign key relation - sf#3165 Redundant foreign keys not supported - fix bug Incorrect link to documentation + rfe #857 Regexp replace - fix bug Incorrect path in change password when on reverse proxy or non-root directory + MariaDB 10+ multi-master replication support + rfe #1544 MySQL 5.7.5 compatibility + rfe #1529 Avoid session timeout when user is active - sf#4528 Can't import dump via SQL field + rfe #1251 Show "Overhead" with same precision for all tables + rfe #1546 Improve the js printf library + rfe #1542 Better error reporting in Designer - sf#4547 Micro history does not work in Users page - sf#4551 Wrong test in source code - sf#4537 BLOB inline-view JPG column transformation does not work for anything except simple queries + rfe #1535 Keyword-based autocompletion in SQL query editors - sf#4558 Unable to Add Rows while Creating Table + rfe #1547 Wrap No Tables Found message with message box - sf#4559 Logging in causes 100% CPU usage - sf#4564 Designer: spaces in table name with edit table link generates bad links - sf#4582 Debug SQL works only for the first page - sf#3869 Count(*) on information_scheme.INNODB_BUFFER_PAGE with a huge bufferpool - sf#4495 Comment lines in multiquery - sf#4535 Loads of Warnings/Notices in PMA_getServerSlaveStatus on replication slave - sf#4585 Multi query results not shown + rfe #1556 Disabling Show all - sf#4513 phpmyadmin run very slow (information_schema) - sf#4243 Super slow page rendering with tens of thousands of DBs - sf#4391 Upgraded to 4.2.0, insanely slow now + rfe #1537 PHP OpenSSL support for cookie encryption/decryption - sf#4227 Token mismatch when using HTTP AUTH and the SESSION expires - change all my old mail address in this changelog from ecsos@old.domain to ecsos@opensuse.org ------------------------------------------------------------------- Wed Dec 3 17:14:16 UTC 2014 - ecsos@opensuse.org - update to 4.2.13.1 (2014-12-03) This update fixes several vulnerabilities - Security fixes: * PMASA-2014-18 (CVE-2014-9219, CWE-661 CWE-79) [boo#908364] http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php - sf#4612 [security] XSS vulnerability in redirection mechanism * PMASA-2014-17 (CVE-2014-9218, CWE-661 CWE-400) [boo#908363] http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php - sf#4611 [security] DOS attack with long passwords ------------------------------------------------------------------- Sun Nov 30 22:47:22 UTC 2014 - ecsos@opensuse.org - update to 4.2.13 (2014-11-30) - sf#4604 Query history not being deleted - sf#4057 db/table query string parameters no longer work - sf#4605 Unseen messages in tracking - sf#4606 Tracking report export as SQL dump does not work - sf#4607 Syntax error during db_copy operation - sf#4608 SELECT permission issues with relations and restricted access ------------------------------------------------------------------- Thu Nov 20 16:18:55 UTC 2014 - ecsos@opensuse.org - update to 4.2.12 (2014-11-20) This update fixes several vulnerabilities, as well as a number of other bug fixes. - Security fixes: * PMASA-2014-16 (CVE-2014-8961, CWE-661 CWE-23) [boo#906488] http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php - sf#4595 [security] Path traversal can lead to leakage of line count * PMASA-2014-15 (CVE-2014-8960, CWE-661 CWE-79) [boo#906487] http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php - sf#4596 [security] XSS through exception stack * PMASA-2014-14 (CVE-2014-8959, CWE-661 CWE-98) [boo#906486] http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php - sf#4594 [security] Path traversal in file inclusion of GIS factory * PMASA-2014-13 (CVE-2014-8958, CWE-661 CWE-79) [boo#906485] http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php - sf#4578 [security] XSS vulnerability in table print view - sf#4579 [security] XSS vulnerability in zoom search page - sf#4598 [security] XSS in multi submit - sf#4597 [security] XSS through pma_fontsize cookie - Other bug fixes: - sf#4574 Blank/white page when JavaScript disabled - sf#4577 Multi row actions cause full page reloads - fix ReferenceError: targeturl is not defined - fix Incorrect text/icon display in Tracking report - sf#4404 Recordset return from procedure display nothing - sf#4584 Edit dialog for routines is too long for smaller displays - sf#4586 Javascript error after moving a column - sf#4576 Issue with long comments on table columns - sf#4599 Input field unnecessarily selected on focus - sf#4602 Exporting selected rows exports all rows of the query - sf#4444 No insert statement produced in SQL export for queries with alias - sf#4603 Field disabled when internal relations used ------------------------------------------------------------------- Fri Oct 31 17:44:05 UTC 2014 - ecsos@opensuse.org - update to 4.2.11 (2014-10-31) - fix ReferenceError: Table_onover is not defined - sf#4552 Incorrect routines display for database due to case insensitive checks - sf#4259 reCaptcha sound session expired problem - sf#4557 PHP fatal error, undefined function __() - sf#4568 Date displayed incorrectly when charting a timeline - sf#4571 Database Privileges link does not work - fix makegrid.js: where_clause is undefined - sf#4572 missing trailing slash (import and open_basedir) ------------------------------------------------------------------- Tue Oct 21 22:59:45 UTC 2014 - andreas.stieger@gmx.de - phpMyAdmin 4.2.10.1 [boo#902154] [CVE-2014-8326] This release fixes cross-site scripting vulnerabilities in the SQL debug output and server monitor pages. This developer option is not enabled by default. - sf#4562 [security] XSS in debug SQL output - sf#4563 [security] XSS in monitor query analyzer ------------------------------------------------------------------- Sat Oct 11 15:34:28 UTC 2014 - ecsos@opensuse.org - update to 4.2.10 (2014-10-11) - sf#4361 Can't change font size (when config.inc.php not present) - sf#4542 Tab key in column name not shown - fix bug PDF export: title not present in PDF - sf#4543 Changing column name can break saved "order by" clause - sf#4545 trying to favorite table while browser localStorage is disabled throws JS error - sf#4259 reCaptcha sound session expired problem - sf#4548 Inline editing a field converts tab to spaces - sf#4252 Database-level permission bug for db names containing underscores - sf#3120 Events are not exported when using xml - sf#4554 Grid-editing timestamp column forces datepicker - sf#4556 Fast filters for tables, views etc. should be governed by NavigationTreeDisplayItemFilterMinimum ------------------------------------------------------------------- Wed Oct 1 20:26:14 UTC 2014 - andreas.stieger@gmx.de - phpMyAdmin 4.2.9.1 [bnc#899452] [CVE-2014-7217] Contains a fix for a cross-site scripting vulnerability in the table search and table structure pages which could be trigged with a crafted ENUM value - sf#4544 [security] XSS vulnerabilities in table search and table structure pages ------------------------------------------------------------------- Sat Sep 20 12:12:53 UTC 2014 - ecsos@opensuse.org - update to 4.2.9 (2014-09-20) - fix bug ajax.js responseHandler: cannot read property of null - fix bug sql.js: str is undefined - sf#4524 Allow for direct selection of "0" on the "user overview" page - sf#4529 Undefined index: pos - sf#4523 tbl_change.js: insert as new row submit type on multiple selected records does not set all AUTO_INCREMENTs to 0 value - fix bug ajax.js responseHandler: another "cannot read property" - fix bug tbl_structure.js "cannot read property" ------------------------------------------------------------------- Sun Sep 14 21:10:17 UTC 2014 - chris@computersalat.de - fix for bnc#896635 * update to 4.2.8.1 (2014-09-13) * PMASA-2014-10 (CVE-2014-6300, CWE-661 CWE-352) http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php - sf#4530 [security] DOM based XSS that results to a CSRF that creates a ROOT account in certain conditions ------------------------------------------------------------------- Fri Sep 5 18:39:29 UTC 2014 - chris@computersalat.de - rollback changes introduced by fix for bnc#894107 cause they broke apache pkg. ------------------------------------------------------------------- Sun Aug 31 21:52:38 UTC 2014 - ecsos@opensuse.org - update to 4.2.8 (2014-08-31) - sf#4516 Odd export behavior - sf#4519 Uncaught TypeError: Cannot read property 'success' of null - sf#4520 sql.js: cannot read property - sf#4521 Initially allowed chart types do not match selected data - sf#4518 Export to SQL: CREATE TABLE option AUTO_INCREMENT ignored - sf#4522 Duplicate column names while assigning index - sf#4487 Export of partitioned table does not import - fix bug server_privileges.js: cannot read property - sf#4527 Importing ODS files with column names having trailing spaces fails - sf#4413 Navigation Error in Nav Tree for Search Results Past the First Page - fix bug functions.js: Cannot read property 'replace' of undefined ------------------------------------------------------------------- Fri Aug 29 14:58:31 UTC 2014 - chris@computersalat.de - fix for bnc#894107 * fix post/postun for systemd ------------------------------------------------------------------- Tue Aug 19 21:46:14 UTC 2014 - chris@computersalat.de - fix changes file * add missing PMASA / CVE info ------------------------------------------------------------------- Mon Aug 18 18:13:29 UTC 2014 - andreas.stieger@gmx.de - fix for bnc#892401 * update to 4.2.7.1 * PMASA-2014-8 (CVE-2014-5273, CWE-661 CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php - sf#4501 [security] XSS in table browse page - sf#4502 [security] Self-XSS in enum value editor - sf#4503 [security] Self-XSSes in monitor - sf#4504 [security] Self-XSS in query charts - sf#4517 [security] XSS in relation view * PMASA-2014-9 (CVE-2014-5274, CWE-661 CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php - sf#4505 [security] XSS in view operations page ------------------------------------------------------------------- Thu Jul 31 21:38:39 UTC 2014 - ecsos@opensuse.org - update to 4.2.7 (2014-07-31) - sf Broken links on home page - sf#4494 Overlap in navigation panel - sf#4427 Action icons not in horizontal order - sf#4493 s_attention.png is missing - sf#4499 Uncaught TypeError: Cannot call method 'substr' of undefined - sf#4498 PMA 4.2.x and HHVM - sf#4500 mysql_doc_template is not defined ------------------------------------------------------------------- Fri Jul 18 17:24:08 UTC 2014 - ecsos@opensuse.org - update to 4.2.6 (2014-07-17) - sf#4471 Undefined index warning with referenced column. - sf#4027 $cfg['MaxExactCount'] is ignored when BROWSING is back - sf#4482 Multi Column sorting (improved user experience) - sf#4478 Server validation does not work while in setup/mysqli - sf Undefined variable when grid editing a foreign key column - sf#4481 mult_submits.inc.php Undefined variable Error - sf#4485 Sorting breaks the copy column feature - sf#4440 Javascript error when renaming table - sf#4483 'New window' link (selflink) disappears, causing Javascript error - sf#4489 Incorrect detection of privileges for routine creation - sf#4459 First few characters of database name aren't clickable when expanded - fix for PMASA-2014-4 (CVE-2014-4954, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php * sf#4486 [security] XSS injection due to unescaped table comment - fix for PMASA-2014-5 (CVE-2014-4955, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php * sf#4488 [security] XSS injection due to unescaped table name (triggers) - fix for PMASA-2014-6 (CVE-2014-4986, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php * sf#4492 [security] XSS in AJAX confirmation messages - fix for PMASA-2014-7 (CVE-2014-4987, CWE-661) http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php * sf#4491 [security] Missing validation for accessing User groups feature ------------------------------------------------------------------- Thu Jun 26 19:34:06 UTC 2014 - ecsos@opensuse.org - update to 4.2.5 (2014-06-26) - sf#4467 shell_exec() has been disabled for security reasons - sf#4470 Error while submitting empty query - sf#4463 Fatal error: Class 'PMA_DatabaseInterface' not found - sf#4469 Fixed cookie based login for installations without mcrypt - sf#4473 incorrect result count when having clause is used - mcrypt: remove the requirement (64-bit) and the related warning ------------------------------------------------------------------- Sat Jun 21 07:20:18 UTC 2014 - ecsos@opensuse.org - update to 4.2.4 (2014-06-20) - sf#4449 Mediawiki export does not produce table header row; also fix related PHP warnings - sf#4442 New lines are added to query every time - sf#4445 Fatal error on SQL Export of join query - sf#4448 Dump binary columns in hexadecimal notation not working - Regenerate cookie encryption IV for every session - sf#4405 Cannot import (open_basedir): fix another case - sf#4457 SQL tab - Insert queries not showing affected row count - bug Missing warning about existing account, on multi-server config - sf#4435 WHERE clause can be undefined - bug SQL export views as tables option getting ignored * fix for PMASA-2014-3 ( CVE-2014-4349, CWE-661, CWE-79 ) http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php - sf#4464 [security] XSS injection due to unescaped db/table name in navigation hiding * fix for PMASA-2014-2 ( CVE-2014-4348, CWE-661, CWE-79 ) http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php - sf#4465 [security] XSS injection due to unescaped db/table name in recent/favorite tables ------------------------------------------------------------------- Mon Jun 9 19:16:43 UTC 2014 - andreas.stieger@gmx.de - update to 4.2.3: - sf#4423 Moving fields not working - sf#4424 Table indexes disappear after altering field - sf#4432 Error while displaying chart at server level - sf#4405 Cannot import (open_basedir) - sf#4396 Problem copying constraints (such as Sakila) - sf#4433 Missing privileges submenu - sf#4394 Drop db confirmation message when dropping a user - sf#4436 Insert form numeric field with function drop-down list - sf#4437 Problems due to missing enforcement of the minimum supported MySQL version - Add enforcement of the minimum supported PHP version (5.3.0) - bug: Query error on submitting a column change form containing a disabled input field - bug: Incorrect menu tab generation from usergroups - bug: Missing space in index creation/edit generated query - sf#4434 Unchecking 'Show SQL queries' results NaN ------------------------------------------------------------------- Tue May 20 16:58:13 UTC 2014 - ecsos@opensuse.org - update to 4.2.2 (2014-05-20) - sf#4388 Disable database expansion when enabled throws Error 500 when database name is clicked in navigation tree - sf#4414 table display of performance_schema DB structure - sf#4411 Protect Binary Columns: many problems - sf#4395 BLOB link transformation is broken - sf Respect ['ShowCreateDb'] in the navi panel - sf#4392 Cannot see databases in nav panel on databases grouping when disabled database expansion - sf#4419 No more calendar into search tab - sf#4398 Monitor should fit into screen width - sf#4418 When copying databases, primary key attributes get lost - sf#4421 empty maxInputVars on js/messages.php ------------------------------------------------------------------- Tue May 13 20:15:28 UTC 2014 - ecsos@opensuse.org - update to 4.2.1 (2014-05-13) - sf#4380 Cannot display table structure with enums containing special characters - sf#4381 Cannot remove the last remembered sorted column - sf Correctly fetch length of user and host fields in MySQL tables - sf#4364 examples/signon.php does not support the SessionSavePath directive - sf#4382 Missing source for OpenLayers library - sf Incorrect attributes for number fields - sf#4383 Cannot update values in Zoom search - sf#4313 GIS Visualization Extension does not work with PointFromText() function - sf#4384 Incorrect "Rows" total shown when truncating or dropping a table on DB Structure page - sf#4385 Grid edit on sorted columns fails - sf#4389 Null checkbox covering data input when editing - sf#4390 Data type changing by itself (no size but attribute present) ------------------------------------------------------------------- Thu May 8 14:29:34 UTC 2014 - ecsos@opensuse.org - update to 4.2.0 (2014-05-08) + rfe #1403 Export only triggers + rfe #1483 Export Server/Database/Table without triggers + rfe #1662 Add table comment tool tip in database structure page + rfe #1447 Single table for display Character Sets and Collations + rfe #1455 Display icons/text/both for the table row actions + rfe #1473 Transformation to convert Boolean value to text - sf#4157 Changing users password will delete it + rfe #1474 Text transformation combines Append and Prepend + Added warning about the mysql extension being deprecated and removed the extension directive + Added support for scatter charts + rfe #1478 Make Column Headings Sticky + rfe #1480 Enhance privileges initials table + rfe #1472 [interface] Break "Edit privileges" with sub-menus + rfe #1466 Minor refactoring required + rfe #1004 Create indexes at the end in SQL export + rfe #1479 Relations edit form for larger monitors + rfe #1475 Inline query box vertical resize + rfe #1500 [interface] Add bottom border to top menu container + rfe #1498 Add datepicker for 'TIME' type - sf#4237 HTTP Referer disclosure in SQL links + rfe Show full names on navigation hover + rfe #1505 Behaviour on click on a routine in nav panel + rfe #1418 Support more than one separating character on CSV import + rfe #569 Load/Save Query By Example - sf#4281 Grid edit ENUM field, dialog disappears when trying to select - sf#4304 DB export using zip compression generates an empty archive + rfe #1508 confirmation message at the top - sf#4306 breadcrubs wrong on table create + rfe #1511 better validate database name for copying + rfe #1510 Database tab "Drop" button should be a link + rfe #1513 Highlight required form fields after failed submission + rfe #1460 Redirect to login page after session has expired - sf#4316 Grid edit: can't change month on date fields + rfe #1501 add maxlength by field with length-spec + rfe #1512 Import happily doesn't do anything with no file name provided + rfe #1514 Add function to all the insert boxes automatically + rfe #1515 Option to skip tables larger than n + rfe #1486 Possibility of disabling database expansion + rfe #1476 Favourite tables select box + rfe #420 $cfg['CharEditing']='textarea' for structure edit + rfe #1329 Avoid editing of fields which are part of relation + rfe [interface] Highlight active left menu item in setup + rfe Filter on-screen rows during Browse Removed support for SQL Validator (SOAP service no longer offered) - sf#4352 Settings > Manage: incorrect messages - sf#4337 "More" in Actions area doesn't collapse to fit available space - sf#4375 Group two DB, one's name is the prefix of the other one - sf#4070 Confusing database/table grouping - sf#4366 Creating Index doesn't update index-list ------------------------------------------------------------------- Sat Apr 26 20:56:34 UTC 2014 - andreas.stieger@gmx.de - phpMyAdmin 4.1.14 * sf#4365 Creating bookmark with multiple queries not working * sf#4372 Changing browser transformation results in unnecessary table rebuild * sf#4375 Group two DB, one's name is the prefix of the other one * sf#4376 [interface] Login fields show in separate line ------------------------------------------------------------------- Sun Apr 13 14:14:42 UTC 2014 - ecsos@opensuse.org - update to 4.1.13 (2014-04-13) * sf#4279 CTRL + up or down moves 2 fields * sf#4336 List server css style wrong * sf Missing value on the Status > Server page * sf#4347 Fixed PHP Parse error in Advisor * sf#4350 Deleting the DB if it is renamed by the same name * sf#4353 makeProfilingChart is not defined * sf#4355 Precision specifier for DOUBLE type is truncated * sf#4346 Incorrect "Export incomplete" message * sf#4359 Notices on create table page * sf#4356 GROUPed selects show number of rows as if not grouped * sf#4357 JS Form submitted on "enter" even if focus is inside a select field ------------------------------------------------------------------- Thu Mar 27 16:12:55 UTC 2014 - ecsos@opensuse.org - update to 4.1.12 (2014-03-27) * sf#4334 Add event : datepicker won't open * sf#4338 Fix missing value error while executing SQL query * TCPDF library is now optional dependency * sf#4326 Cannot find the import plugins which start with uppercase 'I' ------------------------------------------------------------------- Sat Mar 22 21:44:48 UTC 2014 - andreas.stieger@gmx.de - phpMyAdmin 4.1.11: * sf#4335 reCaptcha problem (4.1.10 regression) ------------------------------------------------------------------- Sat Mar 22 15:27:37 UTC 2014 - ecsos@opensuse.org - update to 4.1.10 (2014-03-22) * sf#4301 Grid edit: "SELECT" query is replaced by "UPDATE" query after edit * sf#4278 reCaptcha re-login requires double effort * sf#4324 Datepicker not showing up on insert page * sf#3991 Problem selecting item in select boxes with the ENTER keystroke in some browsers * sf#4323 QueryWindow ignores CodeMirror * sf None of the live charts shown on "Status -> Monitor" (Chrome) ------------------------------------------------------------------- Sat Mar 8 02:00:58 UTC 2014 - ecsos@opensuse.org - update to 4.1.9 (2014-03-06) * sf#4279 CTRL + up or down moves two fields (part one) * sf#4294 output as text radio clickable for "OpenDocument Text" export * sf#4297 DROP DATABASE tick box in export no longer works * sf#4291 Unable to export comments in OpenDocument text format * sf#4299 Deletion even when the user says "No" to the confirmation message * sf#4303 "New" link in navi panel is shown even if no privileges * sf#4302 Some params are being omitted from microhistory * sf#4298 Missing validation on Import CSV: "Columns enclosed with" and "Columns escaped with" * sf#4040 Fatal error while resetting settings * sf#4305 JS error when editing procedure from nav panel * sf#4308 Edit routine form submitting when pressing enter * sf#4307 Nav: "Columns" won't expand with specific schema ------------------------------------------------------------------- Wed Feb 26 23:18:52 UTC 2014 - chris@computersalat.de - fix changes file ------------------------------------------------------------------- Sat Feb 22 13:35:15 UTC 2014 - ecsos@opensuse.org - update to 4.1.8 (2014-02-22) * sf#4276 Login loop on session expiry * sf#4249 Incorrect number of result rows for SQL with subqueries * sf#4275 Broken Link to php extension manual * sf#4053 List of procedures is not displayed after executing with Enter * sf#4081 Setup page content shifted to the right edge of its tabs * sf#4284 Reordering a column erases comments for other columns * sf#4286 Open "Browse" in a new tab * sf#4287 Printview - Always one column too much * sf#4288 Expand database (+ icon) after timeout doesn't do anything * sf#4285 Fixed CSS for setup * Fixed altering table to DOUBLE/FLOAT field * sf#4292 Success message and failure message being shown together * sf#4293 opening new tab (using selflink) for import.php based actions results in error and logout ------------------------------------------------------------------- Sun Feb 9 16:40:00 UTC 2014 - ecsos@opensuse.org - fix for bnc#864917 * PMASA-2014-1 ( CVE-2014-1879, CWE-661 CWE-79) * update to >= 4.1.7 - update to 4.1.7 (2014-02-09) * sf#4245 initial Browse query does not match sorting order * sf#4250 Notice on export page * sf#4253 "New" text in navigation frame acts like a database * sf#4262 Cannot define a column with fractional seconds * sf#4265 Missing datepicker icon for DATETIME(length) * sf#4257 Hide fractional seconds when applicable * sf#4264 Uncheck "Ignore" while inserting, upon leaving a textarea * sf#4260 reCaptcha is ignoring language settings * sf#4259 reCaptcha sound session expired problem * sf#4263 Japanese character encoding not working properly when exporting * sf#4269 Notice on table relation page * sf#4270 Bad text-color for table comments * sf#4278 reCaptcha re-login requires double effort * sf#4272 Incorrect tabindex * sf#4271 Query by example and the second criteria line * sf#4242 Wildcard-containing only_db failure in sidebar ------------------------------------------------------------------- Sun Jan 26 12:56:25 UTC 2014 - ecsos@opensuse.org - update to 4.1.6 (2014-01-26) * sf#4232 User not found after creating the user * sf#4241 Confusing dialog when trying to create an already existing user * sf#4239 Missing LIMIT clause for some queries * rfe #1489 Do not show create icon when user has no privileges * sf#4218 Chrome behavior with date fields * sf#3579 NOW() function incorrectly selected (regression) * sf#4244 Advisor complaints about MariaDB 10.x is version less than 5.1 * sf#3889 When login fails and error display is active, login data is displayed (regression) * sf#4247 open_basedir warnings on export page * sf#4013 AJAX request waiting until version info is retrieved * sf#4248 js error when changing number of columns in status monitor ------------------------------------------------------------------- Fri Jan 17 21:42:20 UTC 2014 - andreas.stieger@gmx.de - phpMyAdmin 4.1.5 * sf#3780 Allow aborting loading pages * sf#4223 Database list: Create database misses collation column * sf#4224 Empty table names when a table is "inuse" * sf#4225 Partition maintenance broken * sf#4219 Table list (left panel) does not reload when table renamed * sf#4230 "in use" displayed for all views in database print view * sf#4226 Notice: Undefined index: pma_config_loading * sf#4221 Bzip2 export cannot be directly imported (so withdraw bz2 export) * sf#4204 Reloading user privileges hides user groups submenu * sf#4231 DATE columns quick edit decrement by one day ------------------------------------------------------------------- Wed Jan 8 14:02:09 UTC 2014 - ecsos@opensuse.org - update to 4.1.4 (2014-01-07) * sf#3840 (additional fix) When exporting to gzip format, the data is compressed 2 times * sf#4209 Missing compression in one case * sf#4208 Can't browse tables after sorting on columns with fieldnames that have a '-' * sf#4184 Switch to wrong page after adding an index * sf#3885 Additional fix for this bug * sf#4212 Table "disappears" if it has the same name as its tablegroup * sf#4213 Datetime Quick Edit decrements by one day * sf#4217 Current value not highlighted when browsing foreign values * sf#4220 Incorrect key values in foreign key browser * sf#4215 MariaDB 5.5: error in Drizzle detection ------------------------------------------------------------------- Wed Jan 1 16:36:22 UTC 2014 - andreas.stieger@gmx.de - add source URL, see https://en.opensuse.org/SourceUrls ------------------------------------------------------------------- Wed Jan 1 12:59:03 UTC 2014 - ecsos@opensuse.org - update to 4.1.3 (2013-12-31) * sf#3938 PDFDefaultPageSize doc and easy configurability * sf#4198 Hovering over pie chart gives fatal JS error * sf#4200 Missing syntax highlighting * sf#4201 Exports are not compressed * sf#4131 Import: "number of rows to skip" is ambiguous * sf#4205 Add a user shows additional "edit user group" link * sf#4202 Cannot read property 'token' of undefined * sf#4203 On refreshing designer, $.FullScreen is undefined * sf#3920 Lost space in navigation area - Fix python-bytecode-inconsistent-mtime ------------------------------------------------------------------- Mon Dec 23 23:47:24 UTC 2013 - ecsos@opensuse.org - update to 4.1.2 (2013-12-23) * sf#4178 Quick edit for BIT type does not work * sf#2760 Warn about incomplete exports * sf#4190 Fractional seconds cause row update even if the value is not changed * sf#4170 Overflow scroll for table grid is not a good solution * sf#2961 Relations settings not updated on config change * sf#4187 SQL query inline edit doesn't post changes on the first run * rfe #1465 Docs for connections to IPv6 only MySQL instances * rfe #1468 [interface] No floating for server breadcrumb menu ------------------------------------------------------------------- Tue Dec 17 17:27:05 UTC 2013 - ecsos@opensuse.org - update to 4.1.1 (2013-12-17) * sf#4154 Error using UNION query * sf#4173 Transformations overview not reachable * sf#4149 Js freezes in the management of replication * sf#3903 Query fails when using aliases after ordering result * sf#4181 Adding columns in table creation clears existing columns * sf#4023 Requires wildcard EXECUTE/ALTER ROUTINE on DB to allow Procedures to be executed by user * sf#4186 Adding a column when creating a table does not propagate index info * sf#4185 Unable to execute create procedure statement from query window ------------------------------------------------------------------- Sun Dec 15 18:51:58 UTC 2013 - ecsos@opensuse.org - update to 4.1.0 (2013-12-11) * rfe #499 On user creation, warn if the user already exists * Use indeterminate check all checkbox in server privileges * Break server_status.php functions into smaller functions * PMA_DBI functions in database_interface.lib.php renamed to be compliant with PEAR standards * [interface] Make warning about existing config directory clearer * rfe #1414 Allow specifying controlport * PMA_DBI functions in database interface libraries renamed to be compliant with PEAR standards * rfe #1412 Creating a view from an empty set of results * Improved layout on db and table operations pages * rfe #1410 Added support for AES_ENCRYPT for blob fields * rfe #1423 Clarify option text for icon/text settings * [interface] Upgraded CodeMirror to 3.x series * rfe #1363 Improved query profiler * [interface] rfe #1429 Better suggestion for database name * rfe #1433 Support relations with ndbcluster * sf#3962 Proper escaping of JSON export * rfe #1382 Optional ReCAPTCHA support * rfe #1434 Improvements to the table browsing navigation bar * rfe #1233 and rfe #1283 Improvements to Relation View interface * rfe #1397 Use fractional seconds in time, datetime, and timestamp * rfe #175 Allow cross-database relations * [core] Dropped support for PHP 5.2. * rfe #487 and rfe #1405 Find and Replacing column wise * rfe #1373 Use same create view dialog for editing a view * rfe #316 Configurable menus; allow user groups with customized menus per group * sf#4024 Editing field a record is selected by makes pma load forever * sf#4035 Query "inline" link disappears when turning off "Explain SQL" option * rfe #1385 Hide tables, functions, procedures, events and views in navigation tree * rfe #1321 Export view as if it was a table * Dropped configuration directive: SQP * Dropped configuration directive: MySQLManual* * rfe #1041 and bug #2954 Improved support for SSL connections between MySQL and phpMyAdmin * sf#4056 Language: Vague error message when adding a varchar field * [setup] rfe #1452 Use type="password" for server passwords * rfe #1451 HTML5 input tag enhancements * sf#1193 Text field too small when editing a row longer than $cfg['LimitChars'] * Privileges tab for table level * sf#4068 Headline in operations not readable in IE10 * sf#4000 "Table does not contain unique column" message appears after adding a unique column * rfe #1428 add 'new database' entry to nav tree * rfe #1457 Stone Age icon found * rfe #1463 Filter tables and databases by regular expression * Change the proxy variable names in the config to remove the VersionCheck prefix from them * Added an Error Reporting Component * Javascript files are no longer uglified * sf#4145 Config screen fails to validate MemoryLimit = -1 (new default) * sf#4123 Double config including * sf#4134 After deleting all rows on a page, it returns to a blank page * Dropped configuration directive: DisableIS, ShowDatabasesCommand * sf#4152 Not possible to enter % for search in date fields * sf#3931 IN Clause search does not permit multiple values * sf#4086 Clicking OK from edit popup opens new tab * sf#2983 unknown table status: TABLE_TYPE * sf#4030 ORDER BY SUM(`field`) does not sort DESC * sf#4133 CSV import breaks when no blank line at end of file * sf#4153 Unable to import if newline encoding is MAC style * sf#4096 horizontal scrollbar should not overflow on the left column * sf#4159 bug with navigation between database and table filter * sf#4119 Huge session data with $cfg['Error_Handler']['gather'] * sf#4169 Table list jumps to table on click * sf#4168 Rename multiple columns is not working ------------------------------------------------------------------- Fri Dec 6 14:58:34 UTC 2013 - ecsos@opensuse.org - update to 4.0.10 (2013-12-04) * sf#4150 Clicking database name in query window opens a new tab * sf#4141 Wrong page is shown after editing; also, do not show a modal dialog for multi-row edit * sf#3939 PHP NavigationTree error when paging through list * sf#4075 Support A10 Networks load balancer * sf#4083 row deleting isn't binlogs friendly * sf#4163 Setup script does not recognize manually-configured server * sf#4158 Events page says no privileges with ALL PRIVILEGES ------------------------------------------------------------------- Sun Nov 10 12:59:02 UTC 2013 - ecsos@opensuse.org - update to 4.0.9 (2013-11-04) * sf#4104 Can't edit updatable view when searching * sf#4108 Missing refresh by deleting databases * sf#3995 Drizzle server charset notice * sf#3911 Filtering database names includes empty groupings * sf#3678 Does not display or manipulate bit(64) fields appropriately * sf#4129 Unneeded navi panel refresh * sf#4120 SSL redirects to port 80 * sf#4144 DROP DATABASE displays wrong database name * sf#4059 Running delete query asks for confirmation but says it was already executed * sf#4147 Accessibility: Images without Alt nor title attribute ------------------------------------------------------------------- Mon Oct 7 15:36:07 UTC 2013 - ecsos@opensuse.org - update to 4.0.8 (2013-10-06) * sf#3988 Rename view is not working * sf#4041 Interaction between linkified fields and grid editing * sf#3975 Table grouping isn't implemented properly * sf#4060 Browser tries to remember wrong password when creating new user * sf#4002 Edit Index on big table doesn't show "Loading" or any message * sf#4098 Default table tab is ignored * sf#4099 Server/library difference warning: setting is ignored * sf#4100 table tree group strategy * sf#4102 ALTER TABLE ORDER BY and InnoDB * sf#4103 Tracking report: cannot delete a statement * sf#3996 Drizzle navigation doesn't expand * sf#4074 GIS column editor: point not displayed * sf#4109 Drizzle tables in navigation are shown as views * sf#4095 NUL symbols added to the end of database dump file * sf#4105 More disappears in table Structure * sf#3992 Multi-row edit doesn't clear values when checking NULL ------------------------------------------------------------------- Sun Sep 29 11:13:39 UTC 2013 - ecsos@opensuse.org - update to 4.0.7 (2013-09-23) * sf#3993 Sorting in database overview with statistics doesn't work * bug Handle the situation where PHP_SELF is not set * sf#4080 Overwrite existing file not obeyed * sf#3929 Database-specific privileges are not copied when cloning user * sf#3997 Error handling in case MySQL extension is missing * sf#4089 Moving Columns will alter column definition * sf#4091 Insert ignore option does not work * sf#4090 Downloading BLOB downloads page template * sf#4092 Clicking on table name in view of information_schema redirects to wrong page * sf#4079 Copy Table Add AUTO_INCREMENT value checkbox not working * sf#4088 MySQL server version at index.php incorrect w/ controlhost * sf#4001 Import error: Class 'ImportOds' not found * sf#3986 Missing DROP VIEW button ------------------------------------------------------------------- Sat Sep 7 15:42:13 UTC 2013 - ecsos@opensuse.org - update to 4.0.6 (2013-09-05) * sf#4036 Call to undefined function mb_detect_encoding (clarify the doc) * sf Missing hints when changing a column's structure * sf#4048 Cannot select foreign value in Search * sf#4025 gzip export is not actually compressed with mod_deflate * sf#4054 query analysis doesn't launch in status monitor * Add pmahomme icon credits (FamFamFam silk icon set) * sf#4064 Table structure statistics "Space usage" caption too small for l10n * sf#4051 Wrong tabindex when inserting rows * sf#4066 varchar field not truncated in table browse mode * rfe #1435 Opening database should expand it in the navigation menu * (performance) Removed ShowTooltip directive * sf#4046 Exporting huge Tables causes memory-Problems ------------------------------------------------------------------- Wed Aug 7 12:09:45 UTC 2013 - chris@computersalat.de - fix for bnc#833731 * PMASA-2013-10 (CVE-2013-5029 CWE-661 CWE-693) http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php ------------------------------------------------------------------- Mon Aug 5 21:51:23 UTC 2013 - obs@ladisch.de - update to 4.0.5 (2013-08-04) * sf#3977 Not detected configuration storage * sf#3970 Pressing enter in the filter field reloads page * sf#3984 Cannot insert in this table (PHP < 5.4) * sf#3989 Reloading privileges does not update the interface * sf#3960 NavigationBarIconic config not honored * sf#3985 Call to undefined function mb_detect_encoding * sf#4007 Analyze option not shown for InnoDB tables * sf#4015 Forcing a storage engine for configuration storage * bug Incorrect Drizzle 7 detection * sf#4019 Create database if not exists (export): add an option to the interface to enable generating CREATE DATABASE and USE (false by default) * sf#4012 Crash on CSV file import * sf#4009 Statistic Monitor shows only last 3 digits in graph * sf#3998 Non-permanent SQL history not working * sf#3578 Transformations for text/plain on a BLOB column * [security] Improved protection against cross framing, see PMASA-2013-10 (CVE-2013-5029 CWE-661 CWE-693) * Reinstated configuration directive: AllowThirdPartyFraming - fix for bug sf#4038: PMASA-2013-8 not mentioned in 4.0.4.2 changes - add CVEs to 4.0.4.2 changes ------------------------------------------------------------------- Mon Jul 29 20:07:45 UTC 2013 - chris@computersalat.de - fix for bnc#831896 * multiple XSS issues (+ a SQL injection and full path disclosure flaw) * fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79) * fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80) * fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79) * fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200) * fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80) * fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79) * fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269) - update to 4.0.4.2 (2013-07-28) * [security] fix unescaped parameter, see PMASA-2013-8 * [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 * [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 * [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 * [security] Fix full path disclosure, see PMASA-2013-12 * [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 * [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15 * [security] Fix self-XSS in schema export, see PMASA-2013-14 * [security] Fix unencoded json object, see PMASA-2013-11 * [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13 ------------------------------------------------------------------- Wed Jul 3 21:40:23 UTC 2013 - obs@ladisch.de - update to 4.0.4.1 (2013-06-30) * [security] Global variables scope injection vulnerability (PMASA-2013-7, CVE-2013-4729) ------------------------------------------------------------------- Tue Jun 18 22:29:34 UTC 2013 - ecsos@opensuse.org - update to 4.0.4 (2013-06-17) * sf#3959 Using DefaultTabDatabase in NavigationTree for Database Click * sf#3961 Avoid Suhosin warning when in simulation mode * sf#3897 Row Statistics and Space usage bugs * sf#3966 Only display "table has no unique column" message when applicable * sf#3960 NavigationBarIconic config not honored * sf#3965 Default language wrong with zh-TW * sf#3921 Call to undefined function PMA_isSuperuser() if default server is not set * sf#3971 Ctrl/shift + click opens links in same window * sf#3964 Import using https does not work * fix bug Missing removeCRLF option in ExportCsv and ExportExcel plugins * sf#3631 Drop not working Visio schema export. * sf#3645 Better handling of invalid ODS documents * sf#3976 Number of pages * sf#3922 User privileges, database name unescaped ------------------------------------------------------------------- Wed Jun 12 21:59:40 UTC 2013 - chris@computersalat.de - fix changelog * add missing 'fix for bnc#xxxxxx ------------------------------------------------------------------- Thu Jun 6 16:27:24 UTC 2013 - ecsos@opensuse.org - update to 4.0.3 (2013-06-05) * sf#3941 Recent tables list always empty * sf#3933 Do not translate "Open Document" in export settings * sf#3927 List of tables is missing after expanding in the navigation frame * sf#3942 Warnings about reserved word for many non reserved words * sf#3912 Exporting row selection, resulted by ORDER BY query * sf#3957 Cookies must be enabled past this point * sf#3956 "Browse foreign values" search filter / page selector not working * sf#3579 NOW() function incorrectly selected (partial regression) * [security] Javascript execution vulnerability in Create view, reported by Maxim Rupp (see PMASA-2013-6) - fix for bnc#824306 * PMASA-2013-6 (CVE-2013-3242) ------------------------------------------------------------------- Sat May 25 17:33:09 UTC 2013 - ecsos@opensuse.org - update to 4.0.2 (2013-05-24) * sf#3902 Cannot browse when table name contains keyword "call" * center loading indicator for navigation refresh, related to bug #3920 * sf#3925 Table sorting in navigation panel is case-sensitive * sf#3915 Import of CSV file (Replace table data with file) with duplicate values * sf#3907 undefined variables, function parameter problems * sf#3898 Structure not refreshed after column drop * sf#3926 View is not updatable * sf#3919 PropertiesIconic not honored * sf#3930 Databases to choose for specific privileges show up escaped * sf#3910 Export database with empty table as a php array, does not produce valid PHP * sf#3936 Query profiler chart not loading from SQL Query page * sf#3946 Missing CSV import option "Do not abort on INSERT error" * sf#3943 Missing Operations>Table options>AUTO_INCREMENT * bug Missing CREATE DATABASE statement when exporting at database level * sf#3924 Show warning when CSV file does not contain data for all columns * sf#3947 Missing Sql Query after modify structure * sf#3948 Server export problems * sf#3917 CountTables directive is deprecated ------------------------------------------------------------------- Wed May 15 08:00:00 UTC 2013 - ecsos@opensuse.org - update to 4.0.1.0 (2013-05-14) * sf#3879 Import broken for CSV using LOAD DATA * sf#3889 When login fails and error display is active, login data is displayed * sf#3890 [import] Web server upload directory import fails * sf#3891 [import] Server upload folder import file name missing in success message * rfe #1421 [auth] Add retry button on connection failure with config auth * sf#3894 [interface] Provide feedback if no columns selected for multi-submit * sf#3799 [interface] Incorrect select field change on ctrl key navigation in Firefox * sf#3885 [browse] display_binary_as_hex option causes unexpected behavior * sf#3899 Git commit links to Github missing * sf#3900 CSP WARN in Firefox console * sf#3901 Setup script warning for config auth (stored login data) shows link BBcode * sf#3895 [browse] Fixed getting BLOB data * sf#3905 [export] Custom Exporting exports all databases * sf#3909 [import] Import of CSV FIle to selected table doesn't work * sf#3904 Browsing an empty table should not display its Structure * sf#3908 Calendar widget improperly redirects to home * sf#3918 Greyed out tabs when there are no rows fixed * sf#3916 [interface] Missing scrollbar (original theme) * [vendor] add tcpdf path to vendor_config.php * bug fix compat with tcpdf >= 6.0 (tested with 6.0.012) ------------------------------------------------------------------- Fri May 3 17:32:42 UTC 2013 - ecsos@opensuse.org - update to 4.0.0 (2013-05-03) * Patch #3481047 for rfe #3480477 Insert as new row enhancement * Patch #3480999 Activate codemirror in the query window * Patch #3495284 XML Import - fix message and redirect * rfe #3484063 Null checkbox behavior * Patch #3497179 Contest-5: Add user: Allow create DB w/same name + grant u_% * Patch #3498201 Contest-6: Export all privileges * Patch #3502814 for rfe #3187077 Change password buttons should match * rfe #3488640 Expand table-group in non-light navigation frame if only one * Patch #3509360 Contest-3: Option "Truncate table" before "insert" * Patch #3506552 Contest-2: Show index information in the data dictionary * Patch #3510656 Contest-1: Ignoring foreign keys while dropping tables * sf#3509686 Reverting sort on joined column does not work * New transformation: append string * rfe #3507804 Session upload progress (PHP 5.4) * rfe #3488185 draggable columns vs copy column name * Patch #3507001 Contest-4: Textarea for large character columns * Removed the PHP version of the ENUM editor * Patch #3507111 Display distinct results, linked to corresponding data rows * sf#3507917 [export] JSON has unescaped values for allegedly numeric columns * rfe #3516187 show tables creation, last update, last check timestamps in db_structure * sf#3059806 Supporting running from CIFS/Samba shares * sf#3516341 [export] Open Document Text, Word and Texy! Text show table structure twice * sf [export] Texy! Text: Columns containing Pipe Character don't export properly * [export] Show triggers in Open Document Text, Word and Texy! Text * Patch #3415061 [auth] Login screen appears under the page * rfe #3517354 [interface] Allow disabling CodeMirror with $cfg['CodemirrorEnable'] = false * rfe #3475567 [interface] New directive $cfg['HideStructureActions'] * sf#3468272 [import] Fixed import of ODS with more paragraphs in a cell * sf#3510196 [core] Improved redirecting with ForceSSL option * rfe #3518852 [edit] edit blob but not other binary, new option $cfg['ProtectBinary'] = 'noblob' * Hide language select box if there are no locales installed * Removed some directives: verbose_check, SuggestDBName, LightTabs, VerboseMultiSubmit, ReplaceHelpImg * Patch #3500882 Fixing checkbox behaviour while editing identical rows * rfe #3441722 [interface] Display description of datatypes * rfe #3517835 [structure] Move columns easily * Ajaxified "Create View" functionality * [import] New plugin: import mediawiki * New navigation system * Discontinued the use of a frame-based layout * rfe #3528994 [interface] Allow wrapping possibly long values in replication-status table * [interface] Autoselect username input on cookie login page * sf#3563799 [interface] Grid editing destroying huge amount of data * [import] Remove support for the unactive docSQL import format * sf#3577443 [edit] "Browse foreign values" does not show on ajax edit * rfe #3522109 [browse] Grid editing: action to trigger it (or disable) * sf#3526598 [interface] SQL query not shown when creating table * Dropped configuration directive: AllowThirdPartyFraming * Dropped configuration directive: LeftFrameLight * Dropped configuration directive: DisplayDatabasesList * Dropped configuration directives: ShowTooltipAliasDB and ShowTooltipAliasTB * Dropped configuration directive: NaviDatabaseNameColor * Added configuration directive: MaxNavigationItems * Renamed configuration directive: LeftFrameDBTree => NavigationTreeEnableGrouping * Renamed configuration directive: LeftFrameDBSeparator => NavigationTreeDbSeparator * Renamed configuration directive: LeftFrameTableSeparator => NavigationTreeTableSeparator * Renamed configuration directive: LeftFrameTableLevel => NavigationTreeTableLevel * Renamed configuration directive: LeftPointerEnable => NavigationTreePointerEnable * Renamed configuration directive: LeftDefaultTabTable => NavigationTreeDefaultTabTable * Renamed configuration directive: LeftDisplayTableFilterMinimum => NavigationTreeDisplayTableFilterMinimum * Renamed configuration directive: LeftDisplayLogo => NavigationDisplayLogo * Renamed configuration directive: LeftLogoLink => NavigationLogoLink * Renamed configuration directive: LeftLogoLinkWindow => NavigationLogoLinkWindow * Renamed configuration directive: LeftDisplayServers => NavigationDisplayServers * Renamed configuration directive: LeftRecentTable => NumRecentTables * Renamed configuration directive: LeftDisplayDatabaseFilterMinimum => NavigationTreeDisplayDbFilterMinimum * Removed the "Mark row on click" feature; must now click the checkbox to mark * Removed the "Synchronize" feature * Improved layout of server variables page * rfe #1052091 [config] Double-underscores in PMA table names * Improved the "More" dropdown on the table structure page * [interface] Added "scroll to top" link in menubar * [designer] Fullscreen mode for the designer * Upgraded jquery to v1.8.3 and jquery-ui to v1.9.2 * Patch #3597529 [status] Add raw value as title on server status page * Support MySQL 5.6 partitioning * Removed the AjaxEnable directive * rfe #3542567 Accept IPv6 ranges and IPv6 CIDR notations in $cfg['Servers'][$i]['AllowDeny']['rules'] * sf#3576788 Grid editing shows the value before silent truncation * Upgraded jqPlot to 1.0.4 r1121 * Upgraded to jquery-ui-timepicker-addon 1.1.1 * rfe #3599046 [interface] Added comments for indexes * Replaced qtip with jQuery UI tooltip * Upgraded CodeMirror to 2.37 * sf#2951 [export] Correctly export decimal fields. * sf#3762 [core] Make Advisor work on Windows withou COM extension. * sf#3519 [export] Prevent infinite recursion in PDF export. * sf#3827 Table specific privileges not displayed for db name containing underscore * rfe #1386 Add IF NOT EXISTS clause when copying database * No longer package .travis.yml configuration file when creating a release. * sf#3830 Can't export custom query because it lowercases table names * sf#3829 Enabling query profiling crashes javascript based navigation * rfe #879 Reserved word warning * Remove the database ordering sub-feature of the only_db directive * sf#3840 When exporting to gzip format, the data is compressed 2 times * rfe #1319 Permit to create index when creating foreign key * sf#3703 Incorrect updating of the list of users * sf#3853 Blowfish implementation might be broken (replace with phpseclib) * sf#3865 Using like operator on each backslash needs 4 backslash protection * sf#3860 Displayed git revision info is not set * sf#3871 Check referential integrity broken across databases * sf#3874 [export] No preselected option when exporting table * sf#3873 Can't copy table to target database if table exists there * sf#3683 Incorrect listing of records from to count * sf#3876 [import] PHP 5.2 - unexpected T_PAAMAYIM_NEKUDOTAYIM * [security] Local file inclusion vulnerability, reported by Janek Vind (see PMASA-2013-4) * [security] Global variables overwrite in export.php, reported by Janek Vind (see PMASA-2013-5) * sf#3892 [export] SQL Export files are empty - fix for bnc#824304 * PMASA-2013-4 (CVE-2013-3240) - fix for bnc#824305 * PMASA-2013-5 (CVE-2013-3241) ------------------------------------------------------------------- Wed Apr 24 22:41:50 UTC 2013 - ecsos@opensuse.org - update to 3.5.8.1 (2013-04-24) * [security] Remote code execution (preg_replace), reported by Janek Vind (see PMASA-2013-2) * [security] Locally Saved SQL Dump File Multiple File Extension Remote Code Execution, reported by Janek Vind (see PMASA-2013-3) - fix for bnc#824301 * PMASA-2013-2 (CVE-2013-3238) - fix for bnc#824302 * PMASA-2013-3 (CVE-2013-3239) ------------------------------------------------------------------- Mon Apr 8 18:33:29 UTC 2013 - ecsos@opensuse.org - update to 3.5.8 (2013-04-08) * sf#3828 MariaDB reported as MySQL * sf#3854 Incorrect header for Safari 6.0 * sf#3705 Attempt to open trigger for edit gives NULL * Use HTML5 DOCTYPE * [security] Self-XSS on GIS visualisation page, reported by Janek Vind see PMASA-2013-1 * sf#3800 Incorrect keyhandler behaviour #2 - fix for bnc#814678 * PMASA-2013-1 (CVE-2013-1937) ------------------------------------------------------------------- Fri Mar 15 19:51:32 UTC 2013 - chris@computersalat.de - update to 3.5.7.0 (2013-02-15) * sf#3779 [core] Problem with backslash in enum fields * sf#3816 Missing server_processlist.php * sf#3821 Safari: white page * Correct detection of the Chrome browser ------------------------------------------------------------------- Mon Feb 4 17:34:24 CET 2013 - draht@suse.de - update to 3.5.6.0 (2013-01-28) * sf#3593604 [status] Erroneous advisor rule * sf#3596070 [status] localStorage broken in server status monitor * sf#3598736 [routines] Editing a procedure with special characters * sf#3600322 [core] Visualize GIS data throws Fatal Error * sf#3599362 [core] Double-escaped error message * sf#3776 [cookies] Login without auth on second server ------------------------------------------------------------------- Wed Jan 16 23:17:50 UTC 2013 - chris@computersalat.de - update to 3.5.5.0 (2012-12-21) * sf#3563824 [export] Support Apache's mod_deflate * sf#3585523 [interface] Inline query editing broken after row update * sf#3586389 [setup] Cannot switch language in /setup * sf#3585695 [CSS] Font size in inline query editor is way too big * sf#3588354 [l10n] Portuguese Language not displaying correctly * sf#3591412 [status] Live charts don't work for non-default server * sf[core] Proxy ajax calls to pma.net to avoid browser notices * sf#3593534 [tracking] Structure Snapshot on tracked view renders invalid SQL * sf#3544366 [events] Event comments not saved ------------------------------------------------------------------- Sat Dec 15 15:23:00 UTC 2012 - chris@computersalat.de - update to 3.5.4.0 (2012-11-16) * sf#3570212 [edit] uuid_short() is a no-arguments function * sf#3569577 [edit] Add routine parameter headers not valid for "function" * sf#3575799 [search] Various search operators not working as expected * sf#3576322 [search] Invalid select query generated for tables with ENUM fields * sf#3577468 [display] Incorrect imagejpeg Syntax Breaks Image Transformation * sf#3578776 [search] Editing SQL not possible when no records found * sf#3571970 [interface] Display chart and number of rows to plot * sf#3582631 [core] Wrong redirect url caused cookies error with ForceSSL ------------------------------------------------------------------- Mon Nov 5 11:40:16 UTC 2012 - chris@computersalat.de - update to 3.5.3.0 (2012-10-08) * sf#3539044 [interface] Browse mode "Show" button gives blank page if no results anymore * sf#3534979 [interface] Copy Database Ajax feedback vanishes long before copying is done * sf#3527531 [interface] GC-maxlifetime warning incorrectly displayed * sf#3526916 [interface] Search fails with JS error when tooltips disabled * sf#3544366 [interface] Event comments not saved * sf#3549084 [edit] Can't enter date directly when editing inline * sf#3548491 [interface] Inline query editor doesn't work from search results * sf#3547825 [edit] BLOB download no longer works * sf#3541966 [config] Error in generated configuration arrray * sf#3553551 [GUI] Invalid HTML code in multi submits confirmation form * [interface] Designer sometimes places tables on the top menu * sf#3546277 [core] Call to undefined function __() when config file has wrong permissions * sf#3540922 [edit] Error searching table with many fields * sf#3555104 [edit] Cannot copy a DB with table and views * sf#3559925 [privileges] Incorrect updating of the list of users * sf#3561224 [edit] cell edit date field with empty date fills in current date * sf#3559955 [edit] current_date from function drop down fails on update * sf#3562472 add support for Solaris and FreeBSD system load and memory display in server status * sf#3553068 [import] Table import from XML file fails * replace Highcharts with jqplot for Display chart * sf#3567684 [edit] Pasting value doesn't clear null checkbox * sf#3570786 [edit] Datepicker for date and datetime fields is broken - fix for bnc#788103 * PMASA-2012-6 (CVE-2012-5339) o http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php * PMASA-2012-7 (CVE-2012-5368) o http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php ------------------------------------------------------------------- Tue Aug 21 14:30:51 UTC 2012 - chris@computersalat.de - update to 3.5.2.2 (2012-08-12) - [security] Fixed XSS vulnerabilities, see PMASA-2012-4 - update to 3.5.2.1 (2012-08-03) - [security] Fixed local path disclosure vulnerability, see PMASA-2012-3 - fix for bnc#776701 * PMASA-2012-4 (CVE-2012-4345) - fix for bnc#776698 * PMASA-2012-3 (CVE-2012-4219) ------------------------------------------------------------------- Sun Jul 8 15:52:13 UTC 2012 - chris@computersalat.de - udpate to 3.5.2 (2012-07-07) * bug sf#3521416 [interface] JS error when editing index * bug sf#3521313 [core] Call to undefined function __() * bug sf#3521016 [edit] NOW() function incorrectly selected * bug [GUI] Invalid HTML code on transformation_overview.php * bug sf#3522930 [browse] Missing validation in Ajax mode * bug Fix popup message on build SQL of import * bug sf#3523499 [core] Make X-WebKit-CSP work better * replace Highcharts with jqplot for query profiling, zoom search * bug sf#3531584 [interface] No form validation in change password dialog * bug sf#3531585 [interface] Broken password validation in copy user form * bug sf#3531586 [unterface] Add user form prints JSON when user presses enter * bug sf#3534121 [config] duplicate line in config.sample.inc.php * bug sf#3534311 [interface] Grid editing incorrectly parses ENUM/SET values * bug sf#3510196 [core] More clever URL rewriting with ForceSSL - rebase config patch ------------------------------------------------------------------- Sun Jun 3 22:00:45 UTC 2012 - chris@computersalat.de - update to 3.5.1.0 (2012-05-03) * bug sf#3510784 [edit] Limit clause ignored when sort order is remembered * bug sf#3511471 [interface] View name not seen in navi panel (MySQL 5.1) * bug sf#3512916 [display] Right frame reloads after displaying SQL result(zero rows) * bug [interface] Fixed missing Codemirror for inline query edit when exporting a result set * bug sf#3514490 [auth] Multiple Navigation panels bug still present * bug sf#3515181 [users] Error in create user + underscore + create database * bug sf#3515666 [display] Profiling chart shows wrong data * bug sf#3516037 [auth] JS includes missing in auth config error page * bug sf#3516183 [display] Missing image extension * bug [display] Added missing icons in original theme * bug sf#3516761 [edit] Query error after search * bug sf#3516405 [display] Chart title is getting wrong within chart export * bug sf#3517021 [interface] Header links except 'More' hide after closing dialog * bug sf#3516817 [interface] "More" actions in table structure * bug sf#3518484 [privileges] PMA_sqlAddSlashes() does not quote the table names correctly * bug sf#3518983 [designer] Error messages do not appear in the Designer * bug sf#3519747 [interface] Suhosin patch warning incorrectly displayed * bug sf#3520107 [interface] Server status page: Incorrect dialog box titles * bug sf#3516089 [structure] DROP does not work on defective VIEWs - rebase config patch * remove version from patch name * add missing options ------------------------------------------------------------------- Thu Apr 26 19:49:16 UTC 2012 - chris@computersalat.de - update to 3.4.11.0 * bug sf#3486970 [import] Exception on XML import * bug sf#3488777 [navi] $cfg['ShowTooltipAliasTB'] and blank names in navigation * bug sf#3512565 [navi] Fixed missing word "Rows" in table list tooltip after click ------------------------------------------------------------------- Mon Apr 2 10:14:55 UTC 2012 - chris@computersalat.de - update to 3.4.10.2 (fix for bnc#755211) - [security] Fixed local path disclosure vulnerability, see PMASA-2012-2 http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php ------------------------------------------------------------------- Thu Feb 23 12:45:22 UTC 2012 - chris@computersalat.de - fix changelog * rename bugs , patches ("{bug,patch} #....") to fit into bug naming scheme -> "sf#...." ------------------------------------------------------------------- Mon Feb 20 09:50:54 UTC 2012 - chris@computersalat.de - update to 3.4.10.1 (fix for bnc#747841) * [security] XSS in replication setup, see PMASA-2012-1 - 3.4.10.0 (2012-02-14) * sf#3460090 [interface] TextareaAutoSelect feature broken * sf#3375984 [export] PHP Array export might generate invalid php code * sf#3049209 [import] Import from ODS ignores cell that is the same as cell be fore * sf#3463933 [display] SELECT DISTINCT displays wrong total records found * sf#3458944 [operations] copy table data missing SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO' * sf#3469254 [edit] Setting data to NULL and drop-downs * sf#3477063 [edit] Missing set fields and values in generated INSERT query * sf#3460867 [libraries] license issue with TCPDF (updated to 5.9.145), (fix for bnc#736698) ------------------------------------------------------------------- Wed Dec 28 13:41:55 UTC 2011 - chris@computersalat.de - update to 3.4.9 - sf#3442028 [edit] Inline editing enum fields with null shows no dropdown - sf#3442004 [interface] DB suggestion not correct for user with underscore - sf#3438420 [core] Magic quotes removed in PHP 5.4 - sf#3398788 [session] No feedback when result is empty (signon auth_type) - sf#3384035 [display] Problems regarding ShowTooltipAliasTB - sf#3306875 [edit] Can't rename a database that contains views - sf#3452506 [edit] Unable to move tables with triggers - sf#3449659 [navi] Fast filter broken with table tree - sf#3448485 [GUI] Firefox favicon frameset regression - [core] Better compatibility with mysql extension - [security] Self-XSS on export options (export server/database/table), see PMASA-2011-20 - [security] Self-XSS in setup (host parameter), see PMASA-2011-19 - fix for bnc#738411 * PMASA-2011-19 (CVE-2011-4780) * PMASA-2011-20 (CVE-2011-4782) - rework config patch ------------------------------------------------------------------- Fri Dec 16 08:34:11 UTC 2011 - chris@computersalat.de - fix changelog * add missing info for bnc#736772 - fix fdupes * reduce fdupes to affected files only (./libraries,./themes) ------------------------------------------------------------------- Tue Dec 13 14:25:45 UTC 2011 - chris@computersalat.de - update to 3.4.8 - sf#3425230 [interface] enum data split at space char (more space to edit) - sf#3426840 [interface] ENUM/SET editor can't handle commas in values - sf#3427256 [interface] no links to browse/empty views and tables - sf#3430377 [interface] Deleted search results remain visible - sf#3428627 [import] ODS import ignores memory limits - sf#3426836 [interface] Visual column separation - sf#3428065 [parser] TRUE not recognized by parser + sf#3433770 [config] Make location of php-gettext configurable - sf#3430291 [import] Handle conflicts in some open_basedir situations - sf#3431427 [display] Dropdown results - setting NULL does not work - sf#3428764 [edit] Inline edit on multi-server configuration - sf#3437354 [core] Notice: Array to string conversion in PHP 5.4 - [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the view name in main panel db Structure page - sf#3439292 [core] Fail to synchronize column with name of keyword - sf#3425156 [interface] Add column after drop - [interface] Avoid showing the password in phpinfo()'s output - sf#3441572 [GUI] 'newer version of phpMyAdmin' message not shown in IE8 - sf#3407235 [interface] Entering the key through a lookup window does not reset NULL - [security] Self-XSS on database names (Synchronize), see PMASA-2011-18 - [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18 - [security] Self-XSS on column type (Create index), see PMASA-2011-18 - [security] Self-XSS on column type (table Search), see PMASA-2011-18 - [security] Self-XSS on invalid query (table overview), see PMASA-2011-18 - fix for bnc#736772 (CVE-2011-4634, PMASA-2011-18) ------------------------------------------------------------------- Mon Nov 14 20:22:30 UTC 2011 - chris@computersalat.de - update to 3.4.7.1 (fix for bnc#728243) - [security] Fixed possible local file inclusion in XML import (CVE-2011-4107), see PMASA-2011-17 http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php ------------------------------------------------------------------- Wed Oct 26 10:49:15 UTC 2011 - chris@computersalat.de - update to 3.4.7 - sf#3418610 [interface] Links in navigation when $cfg['MainPageIconic'] = false - sf#3418849 [interface] Inline edit shows dropdowns even after closing - bug [view] View renaming did not work - bug [navi] Wrong icon for view (MySQL 5.5) - sf#3420229 [doc] Missing documentation section - sf#3423725 [pdf] Broken PDF file when exporting database to PDF - [core] Allow to set language in URL - sf#3425184 [doc] Fix links to PHP documentation - sf#3426031 [export] Export to bzip2 is not working - 3.4.6.0 (2011-10-16) - sf#3404173 InnoDB comment display with tooltips/aliases - sf#3404886 [navi] Edit SQL statement after error - sf#3403165 [interface] Collation not displayed for long enum fields - sf#3399951 [export] Config for export compression not used - sf#3400690 [privileges] DB-specific privileges won't submit - sf#3410604 [config] Configuration storage incorrect suggested table name - sf#3383572 [interface] Cannot execute saved query - sf#3411535 [display] Full text button unchecks results display options - sf#3411224 [display] Broken binary column when 'Show binary contents' is not set - sf#3411633 [core] Call to undefined function PMA_isSuperuser() - sf#3413743 [interface] Display options link missing after search - sf#3324161 [core] CSP policy causing designer JS buttons to fail - sf#3412862 [relation] Relations/constraints are dropped/created on every change - sf#3390832 [display] Delete records from last page breaks search - sf#3392150 [schema] PMA_User_Schema::processUserChoice() is broken - sf#3414744 [core] External link fails in 3.4.5 - sf#3314626 [display] CharTextareaRows is not respected - sf#3417089 [synchronize] Extraneous db choices - [security] Fixed local path disclosure vulnerability, see PMASA-2011-15 - [security] Fixed XSS in setup (host/verbose parameter), see PMASA-2011-16 ------------------------------------------------------------------- Tue Oct 4 21:36:48 UTC 2011 - chris@computersalat.de - update to 3.4.5 - sf#3375325 [interface] Page list in navigation frame looks odd - sf#3313235 [interface] Error div misplaced - sf#3374802 [interface] Comment on a column breaks inline editing - sf#3383711 [display] Order by a column in a view doesn't work in some cases - sf#3386434 [interface] Add missing space to server status - [core] Remove library PHPExcel, due to license issues - [export] Remove native Excel export modules (xls and xlsx formats) - [import] Remove native Excel import modules (xls and xlsx formats) - sf#3392920 [edit] BLOB emptied after editing another column - [security] Fixed XSS in Inline Edit on save action, see PMASA-2011-14 - [security] Fixed XSS with db/table/column names, see PMASA-2011-14 ------------------------------------------------------------------- Sat Aug 27 17:17:27 UTC 2011 - chris@computersalat.de - update to 3.4.4 - sf#3323060 [parser] SQL parser breaks AJAX requests if query has unclosed quotes - sf#3323101 [parser] Invalid escape sequence in SQL parser - sf#3348995 [config] $cfg['Export']['asfile'] set to false does not select as Text option - sf#3340151 [export] Working SQL query exports error page - sf#3353649 [interface] "Create an index on X columns" form not validated - sf#3350790 [interface] JS error in Table->Structure->Index->Edit - sf#3353811 [interface] Info message has "error" class - sf#3357837 [interface] TABbing through a NULL field in the inline mode resets NULL - remove version number in /setup - sf#3367993 [usability] Missing "Generate Password" button - sf#3363221 [display] Missing Server Parameter on inline sql query - sf#3367986 [navi] Drop field -> lost active table - remove misleading comment on the "Rename database" interface - sf#3374374 [interface] Fix footnote for inexact count while browsing - sf#3372807 [interface] Fix security warning link in setup - sf#3374347 [display] Backquotes in normal text on import page - sf#3358750 [core] With Suhosin, urls are too long in edit links - [security] Missing sanitization on the table, column and index names leads to XSS vulnerabilities, see PMASA-2011-13 ------------------------------------------------------------------- Fri Jul 29 14:57:01 UTC 2011 - chris@computersalat.de - update to 3.4.3.2 o PMASA-2011-9 to PMASA-2011-12 http://www.phpmyadmin.net/home_page/security/ ------------------------------------------------------------------- Mon Jul 4 13:27:10 UTC 2011 - chris@computersalat.de - update to 3.4.3.1 - [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-5 - [security] Fixed possible code injection incase session variables are compromised, see PMASA-2011-6 - [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7 - [security] Fixed filtering of a file path, which allowed for directory traversal, see PMASA-2011-8 - 3.4.3.0 (2011-06-27) - sf#3311170 [sync] Missing helper icons in Synchronize - sf#3304473 [setup] Redefine a lable that was wrong - sf#3304544 [parser] master is not a reserved word - sf#3307616 [edit] Inline edit updates multiple duplicate rows - sf#3311539 [edit] Inline edit does not escape backslashes - sf#3313210 [interface] Columns class sometimes changed for nothing - sf#3313326 [interface] Some tooltips do not disappear - sf#3315720 [search] Fix search in non unicode tables - sf#3315741 [display] Inline query edit broken - sf#3317206 [privileges] Generate password option missing on new accounts - sf#3317293 [edit] Inline edit places HTML line breaks in edit area - sf#3319466 [interface] Inline query edit does not escape special characters - minor XSS (require a valid token) - add restart_on_update apache to post ------------------------------------------------------------------- Wed Jun 22 09:01:52 UTC 2011 - chris@computersalat.de - fix changelog o update to 3.4.2.0 -> update to 3.4.2 - fix bnc#697748 (suhosin customization) o moved from spec's %post to http_conf file ------------------------------------------------------------------- Thu Jun 09 14:41:00 UTC 2011 - jweberhofer@weberhofer.at - update to 3.4.2 - sf#3301249 [interface] Iconic table operations does not remove inline edit label - sf#3303869 [interface] Unnecessary scrolling on Databases page - sf#3303813 [setup] Define a label that was missing - sf#3305606 [interface] Show all button wraps on privileges page - sf#3305517 [config] Config for export compression not used - sf#3305883 [interface] Table is dropped regardless of confirmation - [auth] Fixed error handling for signon auth method. - sf#3276001 [core] Avoid caching of index.php. - sf#3306958 [interface] Unnecessary Details slider - sf#3308476 [interface] "Show all" not persistent after a sort - sf#3308072 [auth] Version disclosure to anonymous visitors - sf#3306981 [interface] pmahomme and table statistics ------------------------------------------------------------------- Tue May 24 16:06:05 UTC 2011 - chris@computersalat.de - update to 3.4.1 - bug sf#3301108 [interface] Synchronize and already configured host - bug sf#3302457 Inline edit and $cfg['PropertiesIconic'] - Patch #3302313 Show a translated label - bug sf#3300981 [navi] Table filter is case sensitive - bug sf#3285929 [privileges] Revert temporary fix - bug sf#3302872 [synchronize] Synchronize and user name - bug sf#3302733 [core] Some browsers report an insecure https connection - [security] Make redirector require valid token - rework config patch - removed 3.3.8, added 3.4.1 config patch - added conftrib to doc - mod post section o modify suhosin.ini ------------------------------------------------------------------- Sat Mar 19 19:17:57 UTC 2011 - chris@computersalat.de - update to 3.3.10 - patch sf#3147400 [structure] Aria table size printed as unknown, thanks to erickoh75 - erickoh75 - patch sf#3150164 [structure] Ordering by size gives incorrect results, thanks to Madhura Jayaratne - madhuracj - bug sf#3153409 [core] 0 row(s) affected - bug sf#3155842 [core] Edit relational page and page number - [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10 - [lang] German update, thanks to jannicars@users.sourceforge.net. ------------------------------------------------------------------- Wed Feb 23 12:10:46 UTC 2011 - chris@computersalat.de - update to 3.3.9.2 - [security] SQL injection, see PMASA-2011-2 - 3.3.9.1 (2011-02-08) - [security] Path disclosure, see PMASA-2011-1 - add macros for ap_usr, ap_grp - fix perm on sysconfdir o 0750,root,www ------------------------------------------------------------------- Thu Jan 27 20:14:40 UTC 2011 - chris@computersalat.de - update to 3.3.9 - bug [doc] Fix references to MySQL doc - sf#3101490 Default function for TIMESTAMP, thanks to jirand - jirand - sf#3103853 [js] Double quotes were not escaped in generated js - sf#3077463 [core] Events were not copied when copying/renaming database - sf#1762306 [core] Copy database with view of a view - sf#3117535 [replication] Add quotes to database in initial statement, thanks to Craig Duncan - duncan3dc - sf#3112614 [pdf schema] Scratchboard for PDF pages not working - sf#3125606 [parser] Query for table "level" causes strange display - sf#3127904 [parser] Close all opened round brackets indents - removed Authors from spec ------------------------------------------------------------------- Fri Dec 3 23:04:41 UTC 2010 - chris@computersalat.de - update to 3.3.8.1 - sf#3115519 (private) [security] XSS on db search, see PMASA-2010-8 - rework config patch o add AllowNoPassword ------------------------------------------------------------------- Wed Oct 27 10:23:50 UTC 2010 - javier@opensuse.org - update to 3.3.8 - sf#3059311 [import] BIGINT field type added to table analysis - [core] Update library PHPExcel to version 1.7.4 - sf#3062455 [core] copy procedures and routines before tables - sf#3062455 [export] with SQL, export procedures and routines before tables - sf#3056023 [import] USE query not working - sf#3038193 [display] Error when editing row with GEOMETRY column - sf#3062454 [interface] Display routines/events also when no tables are defin ed - support ARIA storage engine as well as its previous name MARIA ------------------------------------------------------------------- Wed Sep 22 14:03:14 CEST 2010 - mcihar@suse.cz - update to 3.3.7 ------------------------------------------------------------------- Wed Jul 7 14:48:50 UTC 2010 - chris@computersalat.de - update to version 3.3.4 - sf#2996161 [import] properly escape import value - sf#2998889 [import] Import button does not work in Catalan - [browse] Fix handling of sort order if only column is specified. + [lang] Greek update, thanks to Panagiotis Papazoglou - panos78 + [lang] Updated lot of translation based on work done in master branch. - sf#3008411 [databases] Last dropped database remains active in navi - sf#2986383 [parser] Not all data being shown / counted - bug [synchronize] Rows were deleted in target table regardless of the "Would you like to delete..." option - bug [privileges] List of tables not shown when the db name has a wildcard - sf#3011126 [display] Edit link missing after long query - sf#3013264 [doc] FAQ 1.40 uses a comma instead of a period, thanks to Isaac Bennetch - ibennetch - [engines] Fix getting InnoDB status. - sf#2986422 [import] Results for query are not displayed ------------------------------------------------------------------- Fri May 21 16:59:50 UTC 2010 - chris@computersalat.de - update to version 3.3.3 - sf#2982480 [navi] Do not group if there would be one table in group - sf#2983492 [sync] When asking to synchronize Structure and Data, only Structure is done - sf#2984893 [engines] InnoDB storage page emits a warning - sf#2974687, sf#2974692 [compatibility] PHPExcel : IBM AIX iconv() does not work - sf#2983066 [interface] Flush table on table operations shows the query twice - sf#2983060, sf#2987900 [interface] Fix initial state of tables in designer - sf#2983062, sf#2989408 [engines] Fix warnings when changing table engine to Maria - sf#2974067 [display] non-binary fields shown as hex - sf#2983065 [operations] Error when changing from Maria to MyISAM engine - sf#2975408 [tracking] Data too long for column data_sql - bug [tracking] Tracking report should obey MaxCharactersInDisplayedSQL - bug [edit] Avoid selecting UNHEX function by default for a BLOB column for which editing is protected - sf#2994168 [structure] Show auto_increment in uppercase - sf#2993970 [pdf schema] Page numbering in Table of Contents - 3.3.2.0 (2010-04-13) - sf#2969449 [core] Name for MERGE engine varies depending on the MySQL version, thanks to Dieter Adriaenssens - ruleant - sf#2966078 [browse] Incorrect LIMIT is saved and sticks while browsing - sf#2967366 [Structure] Some results of Propose table structure are shown in hex - sf#2967565 [insert] UNHEX not selected by default when inserting BINARY - [navi] Changed link to git repository on main page - sf#2972232 [menu] Import menu tab not present on main page - sf#2976790 [menu] Go to the upper level after table DROP, thanks to Kaarel Nummert - kaarelnu - sf#2978815 [pdf] Fix generating PDF with table dimensions, thanks to BlinK_ - sf#2977725 [export] XML wrongly encoded, thanks to Victor Volkov - hanut - sf#2979234 [import] Create tables with current charset and collation. - sf#2979234, sf#2960105 [import] Properly import unicode text from ODS. - sf#2973280 [export] Proper handling of temporary directory in XLS export. - sf#2980582 [interface] Properly format server status parameter. - sf#2973949 [session] SQL History broken (revert sf#2899969), thanks to Dieter Adriaenssens - ruleant - [doc] Be more specific about problems with Suhosin. ------------------------------------------------------------------- Fri Mar 26 00:41:30 UTC 2010 - chris@computersalat.de - update to version 3.3.1 - sf#2941037 [core] Database structure not sorted by table correctly - sf#2948492 [interface] Slide effect masks some fields on search page - sf#2959746 [interface] Unknown table status: TABLE_TYPE - sf#2953050 [export] export VIEW as SQL includes INSERT statement - sf#2942032 [core] Cannot detect PmaAbsoluteUri correctly on Windows - sf#2961609 [auth] Potential information disclosure at login page - sf#2961540 [export] Do not export data of MERGE table, thanks to Dieter Adriaenssens - ruleant - sf#2961198 [parser] Querying a table named "data" - sf#2931429 [structure] Editing long triggers - sf#2970769 [structure] Incorrect reference to mootools-more.js - cleanup spec - fixed HEADER - sort TAGS - some macros (ap_...) - updated description - added postun o restart_on_update apache2 - some rpmlint stuff - fdupes - reworked patches - removed blowfish_secret - removed mysqli.patch - added config patch o mods to vendor_config - replaced Source1 phpmyadmin.conf > phpMyAdmin.http - config.inc.php to /etc/phpMyAdmin ------------------------------------------------------------------- Wed Mar 10 21:41:47 UTC 2010 - javier@opensuse.org - Updated to 3.3.0 + rfe #2308632 [edit] Use hex for (var)binary fields + sf#2794819 [navi] Filter for displayed table names - sf#2794840 [core] Cannot redeclare pma_tableheader() - rfe #2726479 [core] configurable maximal length of URL + sf#2724755 [display] Full/partial text links (big T) are back - bug [display] handle NavigationBarIconic as documented for navi buttons + rfe #2726479 [export] Export tables preselect + sf#2805828 [export] PHP array export plugin + sf#2798592 [import] Progress bar - bug [gui] Generate Password not working for 'Change Login Information', only for 'Change password' + [lang] Arabic update + rfe #2822190 [structure] BOOLEAN is standard SQL + [lang] German update + rfe #2813867 [structure] Default sorting order in list of tables + [import] Added MySQL type-detection functionality to import library + [import] Added ODS, Excel XLS, Excel XLSX, and XML import modules + [export] Added Excel XLSX export module + [core] Added ability for tracking changes made through phpMyAdmin + rfe #2839504 [engines] Support InnoDB plugin's new row formats + [core] Added ability for synchronizing databases among servers. + [lang] #2843101 Dutch update + [lang] Galician update + [export] Added MediaWiki export module + [lang] Turkish update + [auth] Add custom port configuration in signon - [core] Removed context from the error handler - sf#2883633 [export] Export of InnoDB table is incomplete + rfe #2862575 [status] Order query statistics by % desc, skip rows with 0 + rfe #2823686 [interface] Increase default height of query window + rfe #2129902 [structure] Don't hide indexes + sf#2812070 [interface] Allow selecting a range of rows by holding shift + [lang] Russian update, thanks to Victor Volkov + [lang] Greek update, thanks to Panagiotis Papazoglou + [lang] Norwegian update, thanks to Sven-Erik Andersen - sf#2929958 [import] Cannot import (French interface) - [security] Use X-Frame-Options header to protect against ClickJacking. + [lang] Finnish update, thanks to Jouni Kahkonen + [lang] Lithuanian update, thanks to Rytis Slatkevicius - rytis_s - sf#2931939 [status] Seeing "m" as unit is confusing - sf#2926613 [edit] Copy database shows errors when DB has foreign key + [lang] Catalan update, thanks to Xavier Navarro ------------------------------------------------------------------- Wed Jan 20 17:18:45 UTC 2010 - javier@opensuse.org - Updated to 3.2.5 - sf#2903400 [bookmarks] Status of bookmark table, thanks to Virsacer - virsacer - bug [history] QueryHistoryDB is not respected - sf#2905629 [auth] Blowfish secret is not hashed - sf#2910000 [gui] ShowServerInfo should hide all server info from main page - sf#2910568 [structure] Table size for ARCHIVE tables is not displayed - sf#2899969 [core] Session lock blocks working from a second window, thanks to Greg Roach - fisharebest - sf#2915168 [import] Incorrect parsing of DELIMITER keyword, thanks to Greg Roach - fisharebest - sf#2918831 [export] Missing backquotes on reserved words, thanks to Virsacer - virsacer - [core] Fix broken cleanup of $_GET - sf#2924357 [operations] Cannot rename a database that has foreign key constraints - sf#869006 [structure] Ignore number of records for MRG_MyISAM tables - bug [browse] "Show BLOB contents" should display HTML code that is present in a BLOB, thanks to Vincent van der Tuin - [privileges] Improve escaping of hostname ------------------------------------------------------------------- Tue Nov 10 01:45:00 UTC 2009 - javier@opensuse.org - sf#2856664 [export] Date, time, and datetime column types now export correctly to OpenOffice Spreadsheet - sf#2859788 [parser] Double-character delimiters (sf#2846239) - sf#2832600 [export] Slow export when having lots of databases - sf#2537766 [import] Comments are stripped when editing store procedures - sf#2852370 [operations] Renaming database deletes triggers - sf#2872247 [interface] Failed opening required 'mysql_charsets.lib.php' - bug [structure] "In use" table incorrectly reported as "view" - sf#2879909 [interface] Removed double htmlspecialchars when editing enum column - sf#2868328 [relations] Adding foreign key when table name contains a dot - sf#2883381 [doc] Side effects of MemoryLimit setting - sf#2826128 [display] Inverting sort order when expression contains a function name ------------------------------------------------------------------- Sat Sep 19 00:50:10 CEST 2009 - javier@opensuse.org - sf#2825293 [structure] Default value for a BIT column - bug [display] Red arrows were reversed in the list of tables - sf#2813879 [export] Duplicate empty lines when exporting without comments - sf#2825919 [export] Trigger export with database name - sf#2823996 [data] Cannot edit row with no PK and a BIT field - bug [export] Exporting results of a query which contains a LIMIT clause inside a subquery - sf#2837722 [export] Run complex SQL then export does not work - sf#2839548 [export] Triggers order on export - sf#2826986 [display] Order by BLOB and range display - bug [display] After clicking on Show Function or Function, the UPDATE query is not shown after execution - bug [structure] Missing validation for BINARY and VARBINARY ------------------------------------------------------------------- Sun Aug 16 06:13:35 UTC 2009 - javier@opensuse.org - sf#2799009 Login with ipv6 IP address breaks redirect - sf#2796066 [priv] Inconsistent display of databases list - sf#2802870 [display] Incorrect overhead value for InnoDB - bug [display] Incorrect display in replication status - sf#1601625 [display] The Ignore checkbox is not unchecked for ENUM - sf#2809930 [setup] Notice: Undefined variable: k in setup/index.php - bug [features] Incorrect report of missing relational features - [security] XSS: Insufficient output sanitizing (not exploitable without a vali d token) thanks to Sven Vetsch/Disenchant for informing us in a responsible manner - sf#2634827 [import] Using DELIMITER produces infinite cycle + new language files: uzbek_cyrillic and urbek_latin - sf#2814109 [search] Right frame is blank - sf#2816840 [priv] Cannot change a user's details - sf#2816165 [display] Executed query not always displayed - sf#2819944 [setup] Incorrect mention of designer_coords - sf#2821757 [insert] "Insert another new row" no longer worked + [lang] Norwegian update - bug [core] PMA_pow() can support negative exponents in the pow() case + [lang] Brazilian Portuguese update - sf#2822384 [docs] Missing auth_type in docs-example - sf#2819728 [display] Slider effect jumping to top of page - bug [display] Incorrect computation of overhead stats in server view for tables under the InnoDB engine + [lang] Swedish update ------------------------------------------------------------------- Fri Jul 24 15:51:24 UTC 2009 - javier@opensuse.org - First security release for phpMyAdmin 3.2.0 ------------------------------------------------------------------- Sun Jun 28 04:17:23 UTC 2009 - javier@opensuse.org - update to 3.2.0 ------------------------------------------------------------------- Sun May 4 16:19:43 UTC 2008 - crrodriguez@suse.de - phpMyAdmin package misses files (favicon.ico, scripts/*) [BNC #381747] - phpMyAdmin setup.php missing [BNC #335306] - update to version 2.11.6, bug fix only release - sf#1903724 [interface] Displaying of very large queries in error message - sf#1905711 [compatibility] Functions deprecated in PHP 5.3: is_a() and get_magic_quotes_gpc() - bug [lang] catalan wrong accented characters - sf#1893034 [Export] SET NAMES for importing with command-line client + [lang] Russian update - sf#1910485 [core] Unsetting the whitelist during the loop - sf#1906980 [Export] Import of VIEWs fails if temp table exists - sf#1812763 [Copy] Table copy when server is in ANSI_QUOTES sql_mode - sf#1918531 [compatibility] Navigation isn't w3.org valid - sf#1926357 [data] BIT defaults displayed incorrectly - sf#1930057 [auth] colon in password prevents HTTP login on CGI/IIS - sf#1929553 [lang] Don't output BOM character in Swedish language file - sf#1895796 [lang] Typo in Japanese lang files - sf#1935652 [auth] Access denied (show warning about mcrypt on login page) - sf#1906983 [export] Reimport of FUNCTION fails - sf#1919808 [operations] Renaming a database fails to handle functions - sf#1934401 [core] Cannot force a language - sf#1944077 [core] Config file containing a BOM - sf#1947189 [scripts] Missing head tag in scripts/signon.php - [lang] Romanian update ------------------------------------------------------------------- Mon Apr 7 11:27:24 UTC 2008 - crrodriguez@suse.de - pmd folder is missing in phpmyadmin 2.11.5.1 [bnc #376616] ------------------------------------------------------------------- Sat Mar 29 15:53:44 UTC 2008 - crrodriguez@suse.de - update to version 2.11.5.1 * sf#1909711 [security] Sensitive data in session files ------------------------------------------------------------------- Mon Mar 10 04:13:27 UTC 2008 - crrodriguez@suse.de - phpMyAdmin tries to access non-existing print.css [#307966] ------------------------------------------------------------------- Sat Mar 1 23:34:52 UTC 2008 - crrodriguez@suse.de - version 2.11.5 - sf#1862661 [GUI] Warn about rename deleting database - sf#1866041 [interface] Incorrect sorting with AS - sf#1871038 [import] Notice: undefined variable first_sql_delimiter - sf#1873110 [export] Problem exporting with a LIMIT clause - sf#1871164 [GUI] Empty and navigation frame synch. - sf#1873188 [GUI] Making db pager work when js is disabled, thanks to Jürgen Wind - windkiel - sf#1875010 [auth] MySQL server and client version mismatch (mysql ext.) - sf#1879031 [transform] dateformat transformation and UNIX timestamps, thanks to Tim Steiner - spam38 - bug [import] Do not verify a missing enclosing character for CSV, because files generated by Excel don't have any enclosing character - sf#1799691 [export] "Propose table structure" and Export - sf#1884911 [GUI] Space usage - sf#1863326 [GUI] Wrong error message / no edit (Suhosin) - sf#1887204 [GUI] Order columns in result list messing up query - sf#1893538 [GUI] Display issues on Opera 9.50, thanks to Jürgen Wind - windkiel - bug [GUI] Do not display the database name used by the previous user, thanks to Ronny Görner - bug [security] Remove cookies from Array for better coexistence with other applications, thanks to Richard Cunningham. See PMASA-2008-1. ------------------------------------------------------------------- Sun Jan 13 11:02:14 UTC 2008 - crrodriguez@suse.de - do not BuildRequire apache2-devel libapr-util1-devel pcre-devel - PreReq coreutils sed and grep - update to version 2.11.4 - sf#1843428 [GUI] Space issue with DROP/DELETE/ALTER TABLE - sf#1807816 [search] regular expression search doesn't work with backslashes - sf#1843463 [GUI] DROP PROCEDURE does not show alert - sf#1835904 [GUI] Back link after a SQL error forgets the query - sf#1835654 [core] wrong escaping when using double quotes - sf#1817612 [cookies] Wrong cookie path on IIS with PHP-CGI, thanks to Carsten Wiedmann - sf#1848889 [export] export trigger should use DROP TRIGGER IF EXISTS - sf#1851833 [display] Sorting forgets an explicit LIMIT (fix for sorting on column headers) - sf#1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin - sf#1798786 [import] Wrong error when a string contains semicolon - sf#1813508 [login] Missing parameter: field after re-login - sf#1710144 [parser] Space after COUNT breaks Export but not Query - sf#1783620 [parser] Subquery results without "as" are ignored - sf#1821264 [display] MaxTableList and INFORMATION_SCHEMA - sf#1859460 [display] Operations and many databases - sf#1814679 [display] Database selection pagination when switching servers - sf#1861717 [export] CSV Escape character not exported right, thanks to nicolasdigraf - sf#1864468 [display] Theme does not switch to darkblue_orange - sf#1847409 [security] Path disclosure on darkblue_orange/layout.inc.php, thanks to Jürgen Wind - windkiel ------------------------------------------------------------------- Wed Aug 22 12:36:22 UTC 2007 - crrodriguez@suse.de - 2.11.0-rc1 -> 2.11.0 final - mod_php_any is enough to get a webserver do not explicitly require apache2 - update phpmyadmin.conf adding the session save path to open_basedir as well ensuring some additional and possible conflicting php settings are set the way we want ------------------------------------------------------------------- Mon Aug 6 21:59:16 UTC 2007 - anosek@suse.cz - updated to version 2.11.0-rc1 ------------------------------------------------------------------- Mon Jul 30 11:38:44 UTC 2007 - anosek@suse.cz - updated to version 2.11.0-beta1 + [import] support handling of DELIMITER to mimic mysql CLI, thanks to fb1 + improved PHP 6 compatibility - sf#1674914 [structure] changing definition of a TIMESTAMP field - sf#1615530 [upload] added more specific error message if field upload fails - sf#1627210, #1083301, #1482401 [data] warning on duplicate indexes - sf#1668724 JavaScript focus login Opera - sf#1666657 [auth] Cookie password delete on timeout / inactivity - sf#1648802 different mysql library and server version - sf#1662976 [auth] Authentication fails when controluser/pass is set - sf#1643758 [import] Error #1264 importing NULL values in MySQL 5.0 - sf#1523747 [innodb] make warning about row count more visible - sf#1676012 [auth] strip non-US-ASCII characters (RFC2616) - sf#1679440 Added FAQ entry about header errors under IIS caused by an end-of-line character - [gui] avoid displaying a wide selector in server selection - sf#1614004 [relation] foreign key spanning multiple columns are incorrectly displayed - sf#1681598 [interface] Edit next row - sf#1688053 [export] Wrong export of binary character fields - sf#1498281 [parser] Wrong primary key used for displaying results with subquery - sf#1699772 Visual space bug in table name (in browser) - sf#1699532 Cause of data manipulation issues: implemented changes as suggested by crisp_; still have to work on updating an ENUM value + [doc] changed all documentation in config.inc.php to phpDocumentor style + [data] support for CREATE VIEW from query results + [gui] dropped css/ folder and moved into root of PMA + [l10n] new: Sinhala, Macedonian + [export] YAML export (see yaml.org), thanks to Bryce Thornton + [server] improved display of binary logs + [data] better error handling in tbl_create.php + [routines] from Patch #1649881, thanks to Mike Beck + [querywindow] store sql history in session + [querywindow] sql history now without db too + [querywindow] tweaks in sql history view + [export] Native Excel (Spreadsheet_Excel_Writer) improvements, thanks to Christian Schmidt + [doc] requirement of mcrypt on 64-bit, thanks to Isaac Bennetch + RFE #1435922 [gui] navigation frame shows listing of databases when none selected + [data] support BIT datatype (under mysqli), thanks to Christian Schmidt + [display] automatic confirmation for sort by key, thanks to Juergen Wind + [data] can now choose the number of insert rows + RFE #1704779 [gui] link documentation from login page + [structure] TRIGGERS: display/edit/drop/SQL export + [browse] store browse state in session per query + [gui] Insert/Edit: no longer display the Go button each 15 lines but just at the end of a row + [gui] Query window: use verbose server name if any + [auth] sf#1712514 specify host for single signon, thanks to Thierry + [gui] Navigator for the db list in the navigation panel + [gui] Navigator for the table list in the content panel - sf#1727138 HTML not encoded (more than 1000 characters) + [display] Support for MySQL 5.0.37 profiling + RFE #1743983 [gui] Replace $max_characters by a configurable param: $cfg['MaxCharactersInDisplayedSQL'] - sf#1746186 LeftLogoLink fails if set to some external site . [transformations]: remove "auto-detect" MIME-type that was never implemented + [display] sf#1749705, Allow multibyte characters in number formatting, thanks to garas - sf#1747215 Export emits blanks at line ends - sf#1751172 Do not export data when exporting a single VIEW + [privileges] Support password hashing on the Edit Privileges interface - sf#1755339 Warn about rename dataase actually being copy/delete - sf#1746921 Left frame shrinks on db change, thanks to Juergen Wind + [gui] Export: Select All/Unselect All over the choices, thanks to Florian Schmitz ------------------------------------------------------------------- Wed Jul 25 14:31:02 UTC 2007 - anosek@suse.cz - updated to version 2.10.3 - sf#1734285 Copy database with VIEWs - sf#1722502 DROP TABLE in export VIEW - sf#1729027 Sorting results of VIEW browsing - sf#1733012 Unwanted table alias in delete button - sf#1736405 Pretty printer and HTML line breaks - sf#1745257 Invalid DB name is still displayed - sf#1730367 Calendar "Go" has no effect - sf#1748633 Incorrect parameter validation for VIEWs + [lang] Russian revision, thanks to Victor Volkov and the users of php-myadmin.ru - Do not try to delete an internal relation if we just deleted an InnoDB one ------------------------------------------------------------------- Tue Jun 19 03:39:00 UTC 2007 - anosek@suse.cz - updated to version 2.10.2 + [data] display all warnings, not only last one - typo in fix for sf#1671813 - sf#1714908 Inserted Row Count is wrong - sf#1712570 Deleting last record freezes - sf#1717339 Missing header when deleting a checked column, thanks to Michael Keck - sf#1717477 Warning on Query page when db is empty - sf#1721002 db rename -> undefined cfgRelation, thanks to Jürgen Wind - sf#1721571 CREATE database privilege not always detected, thanks to Gordon McNaughton - sf#1715709 export in SQL format always includes procedures and functions - sf#1722502 DROP TABLE in export view structure - sf#1718787 Multi-server setup breaks Designer - sf#1724401 Column truncation in repair table output - sf#1726500 Wrong position of , thanks to Jürgen Wind - sf#1728590 Detected failing session_start fails, thanks to Jürgen Wind - RFE #1714760 Obey ShowCreateDb on the Databases tab - sf#1733762 Typo in message "INSERT DELAY", thanks to Victor Volkov - sf#1730171 Dead message strLanguageFileNotFound, thanks to Victor Volkov - sf#1731280 Avoid negative exponent in gmp_pow(), thanks to anosek ------------------------------------------------------------------- Tue Jun 12 21:48:10 UTC 2007 - anosek@suse.cz - updated to version 2.10.2-rc1 + [data] display all warnings, not only last one - typo in fix for sf#1671813 - sf#1714908 Inserted Row Count is wrong - sf#1712570 Deleting last record freezes - sf#1717339 Missing header when deleting a checked column, thanks to Michael Keck - sf#1717477 Warning on Query page when db is empty - sf#1721002 db rename -> undefined cfgRelation, thanks to Jürgen Wind - sf#1721571 CREATE database privilege not always detected, thanks to Gordon McNaughton - sf#1715709 export in SQL format always includes procedures and functions - sf#1722502 DROP TABLE in export view structure - sf#1718787 Multi-server setup breaks Designer - sf#1724401 Column truncation in repair table output - sf#1726500 Wrong position of </tbody>, thanks to Jürgen Wind - sf#1728590 Detected failing session_start fails, thanks to Jürgen Wind - RFE #1714760 Obey ShowCreateDb on the Databases tab ------------------------------------------------------------------- Tue Jun 5 00:56:30 UTC 2007 - anosek@suse.cz - fixed warning: gmp_pow(): Negative exponent not supported in common.lib.php [#271746] (gmp_pow.patch) ------------------------------------------------------------------- Tue Apr 24 08:46:01 UTC 2007 - anosek@suse.cz - updated to version 2.10.1 * bugfix release ------------------------------------------------------------------- Tue Mar 6 16:34:13 UTC 2007 - anosek@suse.cz - updated to version 2.10.0.2 * default value for $cfg['Servers'][$i]['ssl'] changed to false * fixes PHP Executor Deep Recursion Stack Overflow [#251757] ------------------------------------------------------------------- Wed Feb 28 14:16:10 UTC 2007 - anosek@suse.cz - updated to version 2.10.0 * Designer: new graphical relation manager * Improved speed on servers with thousands of databases/tables * Vertical field editor (optional) * Option to avoid counting rows for views * Calendar on search page * DOS-style end-of-lines in setup-generated files ------------------------------------------------------------------- Wed Jan 17 12:14:04 UTC 2007 - anosek@suse.cz - updated to version 2.9.2 * improved support for web clusters * deleting a user under MySQL 4.1.x * DELIMITER in export no longer commented out * export of query results and procedure definitions * detection of a binary column * problem on 64-bit systems * granting all privileges on a wildcard name * verification on encrypted zip files * security fixes ------------------------------------------------------------------- Sat Dec 2 21:16:07 UTC 2006 - mmarek@suse.cz - fix previous update which wrongly moved the config.inc.php file to the libraries subdirectory [#223721] ------------------------------------------------------------------- Thu Nov 23 16:01:59 UTC 2006 - anosek@suse.cz - security update to version 2.9.1.1 [#222594] [#222622] ------------------------------------------------------------------- Wed Nov 8 04:04:15 UTC 2006 - anosek@suse.cz - added suggestions from [#216213] * phpMyAdmin now uses mysqli extension not mysql (mysqli.patch) * added Required: php5-mbstring * phpMyAdmin now uses open_basedir for increased security ------------------------------------------------------------------- Tue Oct 17 15:25:56 UTC 2006 - postadal@suse.cz - updated to 2.9.0.2 * Improved readability of setup panels * PDF schema: automatic layout for InnoDB * Font size selector on main page * Export: support for procedures and functions * Can hide "Create Database" dialog * Customizable link under left logo * Export: "Open Document Text", "Open Document spreadsheet" formats * Export: new plugin architecture * User management: can create a db with the same name as created user * Use IEC binary units (KiB, MiB, ...) * Import: SQL compatibility selector * Possibility of using external authentication and use an empty MySQL password * Display MySQL warnings * Links to language-specific MySQL doc whenever possible * Security fixes ------------------------------------------------------------------- Thu Sep 21 06:18:48 UTC 2006 - anosek@suse.cz - updated to 2.9.0 * Improved readability of setup panels * PDF schema: automatic layout for InnoDB * Font size selector on main page * Export: support for procedures and functions * Can hide "Create Database" dialog * Customizable link under left logo * Export: "Open Document Text", "Open Document spreadsheet" formats * Export: new plugin architecture * User management: can create a db with the same name as created user * Use IEC binary units (KiB, MiB, ...) * Import: SQL compatibility selector * Possibility of using external authentication and use an empty MySQL password * Display MySQL warnings * Links to language-specific MySQL doc whenever possible ------------------------------------------------------------------- Wed Aug 23 21:06:46 UTC 2006 - anosek@suse.cz - updated to 2.8.2.4 * fixed cookie login on IIS with IE6 * fixed switching from scripts/setup.php to the main script in case of register_globals enabled ------------------------------------------------------------------- Tue Aug 15 20:48:22 UTC 2006 - anosek@suse.cz - update to 2.8.2.2 * fixed config not loaded on install (MySQL error code 2002 or 2003) ------------------------------------------------------------------- Thu Aug 3 18:53:02 UTC 2006 - mskibbe@suse.de - update to 2.8.2.1 * XSS vulnerability from requests not containing a token * reenabled XML option in Export * added a user with password containing a backslash * setup script: compatibility with security tokens * setup script: detection of writable config * reading the database list with MySQL wildcards ------------------------------------------------------------------- Thu Jun 1 12:57:37 UTC 2006 - postadal@suse.cz - updated to 2.8.1 (bugfix-only release) [#177091] * fixes some XSS vulnerabilities - removed obsoleted patches (2006-1804.patch, 2006-2031.patch) ------------------------------------------------------------------- Tue May 2 17:32:14 UTC 2006 - mmarek@suse.cz - fixed XSS in error messages [#170529] (CVE-2006-2031.patch) ------------------------------------------------------------------- Thu Apr 20 16:02:37 UTC 2006 - mmarek@suse.cz - fixed XSS in sql.php (and other scripts): add a secret token to each link and form to prevent linking to sql.php from outside [#165772] (CVE-2006-1804) ------------------------------------------------------------------- Thu Apr 13 14:52:47 UTC 2006 - mmarek@suse.cz - updated to 2.8.0.3 * fixes some XSS vulnerabilities * improves php-5.1.2 compatibility [#165772] - moved $cfg['blowfish_secret'] to separate file, so that config.inc.php isn't edited during install (blowfish_secret.patch) ------------------------------------------------------------------- Wed Jan 25 20:19:55 UTC 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Tue Jan 17 16:53:13 UTC 2006 - postadal@suse.cz - added php-session to Requires [#137368] ------------------------------------------------------------------- Thu Jan 5 01:41:48 UTC 2006 - postadal@suse.cz - update to version 2.7.0-pl2 (security fixes) [#136015, 137368, 137797] - removed all patches ------------------------------------------------------------------- Tue Nov 22 19:00:46 UTC 2005 - postadal@suse.cz - fixed XSS on HTTP_HOST (HTTP_HOST.patch) [#133818] ------------------------------------------------------------------- Mon Nov 21 21:04:25 UTC 2005 - postadal@suse.cz - update to version 2.6.4-pl4 * fixes PMASA-2005-6 [#133818] (PMASA-2005-6.patch) - removed obsoleted patches: CVE-2005-2869.patch, PMASA-2005-4_and_5.patch, lang-utf8-fix.patch ------------------------------------------------------------------- Mon Nov 14 15:26:43 UTC 2005 - postadal@suse.cz - fixed CVE-2005-2869 (XSS on the cookie-based login panel) [#130226] (CVE-2005-2869.patch) ------------------------------------------------------------------- Tue Nov 1 12:26:05 UTC 2005 - postadal@suse.cz - fixed PMASA-2005-4 and PMASA-2005-5 [#130226] (PMASA-2005-4_and_5.patch) ------------------------------------------------------------------- Tue Aug 23 19:55:32 UTC 2005 - postadal@suse.cz - disabled auto-switch the lang to its UTF-8 version when Lang is set [#104600] ------------------------------------------------------------------- Thu Jul 28 03:26:13 UTC 2005 - postadal@suse.cz - update to 2.6.3-pl1 ------------------------------------------------------------------- Mon Jun 6 19:38:14 UTC 2005 - cthiel@suse.de - update to 2.6.2-pl1 ------------------------------------------------------------------- Tue Mar 8 01:35:42 UTC 2005 - mcihar@suse.cz - generate shorter key to make it work with mcrypt, see https://sourceforge.net/tracker/index.php?func=detail&aid=1115327&group_id=23067&atid=377408 ------------------------------------------------------------------- Fri Mar 4 15:58:09 UTC 2005 - mcihar@suse.cz - update to pl3, it includes previous fix and fixes editing fields with special names (sf#70864) ------------------------------------------------------------------- Thu Mar 3 05:33:39 UTC 2005 - mcihar@suse.cz - fix bad setting of privileges (sf#67276) ------------------------------------------------------------------- Tue Mar 1 18:25:09 UTC 2005 - mcihar@suse.cz - depend on mod_php_any ------------------------------------------------------------------- Thu Feb 24 12:47:49 UTC 2005 - mcihar@suse.cz - update to 2.6.1-p2 to fix several vulnerabilities (sf#66264) ------------------------------------------------------------------- Wed Feb 9 12:08:38 UTC 2005 - mcihar@suse.cz - depend on unversioned php modules, to allow both php4 and php5 installation ------------------------------------------------------------------- Mon Jan 24 17:11:01 UTC 2005 - mcihar@suse.cz - update to 2.6.1 - require php4-mcrypt for faster cookie encryption ------------------------------------------------------------------- Wed Oct 13 10:27:49 UTC 2004 - mcihar@suse.cz - update to 2.6.0-pl2 (sf#47160) - require php4-iconv as it seems to be on all arches now (sf#36642) ------------------------------------------------------------------- Tue Oct 5 13:52:43 UTC 2004 - mcihar@suse.cz - drop php4-recode dependency (sf#46817) ------------------------------------------------------------------- Mon Sep 6 04:07:57 UTC 2004 - mcihar@suse.cz - update to 2.6.0-rc2 ------------------------------------------------------------------- Fri Sep 3 08:17:25 UTC 2004 - mcihar@suse.cz - update to 2.6.0-rc1 - use pwgen for secret generating - don't ship scripts, as they're not needed for most users ------------------------------------------------------------------- Tue Apr 27 19:17:52 UTC 2004 - ro@suse.de - build using apache2 ------------------------------------------------------------------- Wed Mar 31 15:33:40 UTC 2004 - mcihar@suse.cz - require php4-recode for charset conversion (better solution for bugs [#36642] and #36560) ------------------------------------------------------------------- Mon Mar 22 09:15:44 UTC 2004 - mcihar@suse.cz - dropped php-4iconv dependency at all (sf#36642) ------------------------------------------------------------------- Fri Mar 19 15:34:42 UTC 2004 - mcihar@suse.cz - do not require php4-iconv on achitectures where it isn't built (sf#36560) ------------------------------------------------------------------- Mon Mar 8 10:37:50 UTC 2004 - mcihar@suse.cz - require all needed php modules ------------------------------------------------------------------- Mon Mar 1 09:16:37 UTC 2004 - mcihar@suse.cz - update to 2.5.6 ------------------------------------------------------------------- Mon Jan 5 16:29:39 UTC 2004 - mcihar@suse.cz - updated to 2.5.5-pl1 ------------------------------------------------------------------- Mon Oct 20 07:30:55 UTC 2003 - mcihar@suse.cz - updated to 2.5.4 ------------------------------------------------------------------- Thu Oct 16 14:52:30 UTC 2003 - mcihar@suse.cz - do not build as root - little spec file cleanup ------------------------------------------------------------------- Tue Sep 9 00:29:29 UTC 2003 - mcihar@suse.cz - automatically generate blowfish_secret on rpm installation - mark config file as %%config(noreplace) (this in conjuction with previous means that it will be never replaced on upgrade, this is okay as phpMyAdmin supports loading of old config files) ------------------------------------------------------------------- Mon Sep 8 11:19:25 UTC 2003 - mcihar@suse.cz - updated to 2.5.3: - many bugs fixed - messages about missing variables were displayed wrongly - more export bugs - confirmation of some dangerous SQL (TRUNCATE,DROP DATABASE) - new nice icons for actions ------------------------------------------------------------------- Thu Sep 4 12:46:38 UTC 2003 - mcihar@suse.cz - include documentation stylesheet ------------------------------------------------------------------- Fri Aug 29 19:27:03 UTC 2003 - mcihar@suse.cz - depend on mod_php rather that http_daemon as this needs php ------------------------------------------------------------------- Thu Aug 28 13:56:05 UTC 2003 - mcihar@suse.cz - include stylesheets ------------------------------------------------------------------- Thu Aug 7 01:51:18 UTC 2003 - mcihar@suse.cz - updated to 2.5.2-pl1 ------------------------------------------------------------------- Mon Mar 24 21:57:02 UTC 2003 - postadal@suse.cz - removed mysql from Requires, becouse can access to MySQL remotely [#25797] ------------------------------------------------------------------- Mon Feb 24 10:17:25 UTC 2003 - postadal@suse.cz - updated to verison 2.4.0 * new server/user management interface with sub-pages * export to LaTeX format * display UPDATE SQL statement after a row edit * (experimental) support for compressed connections to the MySQL server * upload of binary file into a field * show blob size * a lot of fixes ------------------------------------------------------------------- Wed Jan 29 19:43:40 UTC 2003 - postadal@suse.cz - updated to version 2.3.3pl1 * upload of compressed dumps * inform the user who does not have privileges to create a db * new internal analyzer for db, table, column and alias * a lot of fixes ------------------------------------------------------------------- Mon Aug 12 10:03:41 UTC 2002 - postadal@suse.cz - update to release 2.3.0 ------------------------------------------------------------------- Fri Aug 2 19:59:10 UTC 2002 - ro@suse.de - adapt server-root ------------------------------------------------------------------- Thu Aug 1 14:48:47 UTC 2002 - postadal@suse.cz - fixed required perl path ------------------------------------------------------------------- Wed Jul 31 22:38:40 UTC 2002 - postadal@suse.cz - update to version 2.3.0-rc4 * can specify a different charset for MySQL and HTML * utf-8 charset support * full database search * XML export * faster table delete under MySQL 4 * new language: slovenian * fixes ------------------------------------------------------------------- Mon Jul 1 05:53:47 UTC 2002 - ro@suse.de - fixed directory permissions ------------------------------------------------------------------- Thu Jan 10 12:09:07 UTC 2002 - rvasice@suse.cz - update to version 2.2.3 ------------------------------------------------------------------- Tue Sep 4 10:23:05 UTC 2001 - rvasice@suse.cz - update to version 2.2.0 final - dynamic multiple language support, with automatic detection - database usage statistics - table maintenance features (repair, check, optimize) - made package noarch ------------------------------------------------------------------- Thu Aug 2 23:51:57 UTC 2001 - rvasice@suse.cz - update to version 2.2.0rc3 ------------------------------------------------------------------- Mon Jun 18 09:49:14 UTC 2001 - rvasice@suse.cz - initial package release (version 2.1.0)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
