Security and bugfix update to version 3.4.5-r1 Announcement message: "Welcome to the first release candidate of phpMyAdmin 3.4.5, a bugfix and security release. Details will appear on http://phpmyadmin.net. In a hurry? you can visit http://sourceforge.net/projects/phpmyadmin to download. Marc Delisle, for the team" ChangeLog: http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.4.5-rc1%2FphpMyAdmin-3.4.5-rc1.html/view Security Advisory: PMASA-2011-14 --- not yet published on the PMA website [security] Fixed XSS in Inline Edit on save action, see PMASA-2011-14 [security] Fixed XSS with db/table/column names, see PMASA-2011-14
Version 3.4.5 was released. Security Advisory: http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php Updated patch: Index: Makefile =================================================================== RCS file: /home/ncvs/ports/databases/phpmyadmin/Makefile,v retrieving revision 1.141 diff -u -u -r1.141 Makefile --- Makefile 24 Aug 2011 21:04:45 -0000 1.141 +++ Makefile 14 Sep 2011 20:18:16 -0000 @@ -6,9 +6,9 @@ # PORTNAME= phpMyAdmin -DISTVERSION= 3.4.4 +DISTVERSION= 3.4.5 CATEGORIES= databases www -MASTER_SITES= SF/${PORTNAME:L}/${PORTNAME}/${PORTVERSION} +MASTER_SITES= SF/${PORTNAME:L}/${PORTNAME}/${DISTVERSION} DISTNAME= ${PORTNAME}-${DISTVERSION}-all-languages MAINTAINER= m.seaman@infracaninophile.co.uk Index: distinfo =================================================================== RCS file: /home/ncvs/ports/databases/phpmyadmin/distinfo,v retrieving revision 1.118 diff -u -u -r1.118 distinfo --- distinfo 24 Aug 2011 21:04:45 -0000 1.118 +++ distinfo 14 Sep 2011 20:18:16 -0000 @@ -1,2 +1,2 @@ -SHA256 (phpMyAdmin-3.4.4-all-languages.tar.bz2) = 8d8ca3429cce24d560d6a1e1f544ee905059f7a253d748ea4ca49459f14d9779 -SIZE (phpMyAdmin-3.4.4-all-languages.tar.bz2) = 4954436 +SHA256 (phpMyAdmin-3.4.5-all-languages.tar.bz2) = 27917cf2d833c0c8700704c62b28a210f30682dd112e6a0b6fd2db3e6d061051 +SIZE (phpMyAdmin-3.4.5-all-languages.tar.bz2) = 4592593 -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW
State Changed From-To: open->feedback Now that 3.4.5 is out, is this change still valid?
Responsible Changed From-To: freebsd-ports-bugs->dougb I'll handle it.
State Changed From-To: feedback->open
Responsible Changed From-To: dougb->delphij Take.
delphij 2011-09-14 23:26:28 UTC FreeBSD ports repository Modified files: databases/phpmyadmin Makefile distinfo security/vuxml vuln.xml Log: Document phpMyAdmin multiple XSS vulnerability. Update phpMyAdminn to 3.4.5 release. [1] PR: ports/160589 [1] Submitted by: maitainer [1] Revision Changes Path 1.142 +2 -2 ports/databases/phpmyadmin/Makefile 1.119 +2 -2 ports/databases/phpmyadmin/distinfo 1.2446 +30 -1 ports/security/vuxml/vuln.xml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed, thanks!