Hello community, here is the log from the commit of package phpMyAdmin for openSUSE:Factory checked in at 2014-03-07 07:05:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/phpMyAdmin (Old) and /work/SRC/openSUSE:Factory/.phpMyAdmin.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "phpMyAdmin" Changes: -------- --- /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin.changes 2014-02-23 07:47:05.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.phpMyAdmin.new/phpMyAdmin.changes 2014-03-07 07:05:54.000000000 +0100 @@ -1,0 +2,5 @@ +Wed Feb 26 23:18:52 UTC 2014 - chris@computersalat.de + +- fix changes file + +------------------------------------------------------------------- @@ -5,13 +10,13 @@ -- sf#4276 Login loop on session expiry -- sf#4249 Incorrect number of result rows for SQL with subqueries -- sf#4275 Broken Link to php extension manual -- sf#4053 List of procedures is not displayed after executing with Enter -- sf#4081 Setup page content shifted to the right edge of its tabs -- sf#4284 Reordering a column erases comments for other columns -- sf#4286 Open "Browse" in a new tab -- sf#4287 Printview - Always one column too much -- sf#4288 Expand database (+ icon) after timeout doesn't do anything -- sf#4285 Fixed CSS for setup -- Fixed altering table to DOUBLE/FLOAT field -- sf#4292 Success message and failure message being shown together -- sf#4293 opening new tab (using selflink) for import.php based actions + * sf#4276 Login loop on session expiry + * sf#4249 Incorrect number of result rows for SQL with subqueries + * sf#4275 Broken Link to php extension manual + * sf#4053 List of procedures is not displayed after executing with Enter + * sf#4081 Setup page content shifted to the right edge of its tabs + * sf#4284 Reordering a column erases comments for other columns + * sf#4286 Open "Browse" in a new tab + * sf#4287 Printview - Always one column too much + * sf#4288 Expand database (+ icon) after timeout doesn't do anything + * sf#4285 Fixed CSS for setup + * Fixed altering table to DOUBLE/FLOAT field + * sf#4292 Success message and failure message being shown together + * sf#4293 opening new tab (using selflink) for import.php based actions @@ -22,0 +28,3 @@ +- fix for bnc#864917 + * PMASA-2014-1 ( CVE-2014-1879, CWE-661 CWE-79) + * update to >= 4.1.7 @@ -24,16 +32,16 @@ - - sf#4245 initial Browse query does not match sorting order - - sf#4250 Notice on export page - - sf#4253 "New" text in navigation frame acts like a database - - sf#4262 Cannot define a column with fractional seconds - - sf#4265 Missing datepicker icon for DATETIME(length) - - sf#4257 Hide fractional seconds when applicable - - sf#4264 Uncheck "Ignore" while inserting, upon leaving a textarea - - sf#4260 reCaptcha is ignoring language settings - - sf#4259 reCaptcha sound session expired problem - - sf#4263 Japanese character encoding not working properly when exporting - - sf#4269 Notice on table relation page - - sf#4270 Bad text-color for table comments - - sf#4278 reCaptcha re-login requires double effort - - sf#4272 Incorrect tabindex - - sf#4271 Query by example and the second criteria line - - sf#4242 Wildcard-containing only_db failure in sidebar + * sf#4245 initial Browse query does not match sorting order + * sf#4250 Notice on export page + * sf#4253 "New" text in navigation frame acts like a database + * sf#4262 Cannot define a column with fractional seconds + * sf#4265 Missing datepicker icon for DATETIME(length) + * sf#4257 Hide fractional seconds when applicable + * sf#4264 Uncheck "Ignore" while inserting, upon leaving a textarea + * sf#4260 reCaptcha is ignoring language settings + * sf#4259 reCaptcha sound session expired problem + * sf#4263 Japanese character encoding not working properly when exporting + * sf#4269 Notice on table relation page + * sf#4270 Bad text-color for table comments + * sf#4278 reCaptcha re-login requires double effort + * sf#4272 Incorrect tabindex + * sf#4271 Query by example and the second criteria line + * sf#4242 Wildcard-containing only_db failure in sidebar @@ -45,11 +53,11 @@ - - sf#4232 User not found after creating the user - - sf#4241 Confusing dialog when trying to create an already existing user - - sf#4239 Missing LIMIT clause for some queries - - rfe #1489 Do not show create icon when user has no privileges - - sf#4218 Chrome behavior with date fields - - sf#3579 NOW() function incorrectly selected (regression) - - sf#4244 Advisor complaints about MariaDB 10.x is version less than 5.1 - - sf#3889 When login fails and error display is active, login data is displayed (regression) - - sf#4247 open_basedir warnings on export page - - sf#4013 AJAX request waiting until version info is retrieved - - sf#4248 js error when changing number of columns in status monitor + * sf#4232 User not found after creating the user + * sf#4241 Confusing dialog when trying to create an already existing user + * sf#4239 Missing LIMIT clause for some queries + * rfe #1489 Do not show create icon when user has no privileges + * sf#4218 Chrome behavior with date fields + * sf#3579 NOW() function incorrectly selected (regression) + * sf#4244 Advisor complaints about MariaDB 10.x is version less than 5.1 + * sf#3889 When login fails and error display is active, login data is displayed (regression) + * sf#4247 open_basedir warnings on export page + * sf#4013 AJAX request waiting until version info is retrieved + * sf#4248 js error when changing number of columns in status monitor @@ -61,10 +69,10 @@ - - sf#3780 Allow aborting loading pages - - sf#4223 Database list: Create database misses collation column - - sf#4224 Empty table names when a table is "inuse" - - sf#4225 Partition maintenance broken - - sf#4219 Table list (left panel) does not reload when table renamed - - sf#4230 "in use" displayed for all views in database print view - - sf#4226 Notice: Undefined index: pma_config_loading - - sf#4221 Bzip2 export cannot be directly imported (so withdraw bz2 export) - - sf#4204 Reloading user privileges hides user groups submenu - - sf#4231 DATE columns quick edit decrement by one day + * sf#3780 Allow aborting loading pages + * sf#4223 Database list: Create database misses collation column + * sf#4224 Empty table names when a table is "inuse" + * sf#4225 Partition maintenance broken + * sf#4219 Table list (left panel) does not reload when table renamed + * sf#4230 "in use" displayed for all views in database print view + * sf#4226 Notice: Undefined index: pma_config_loading + * sf#4221 Bzip2 export cannot be directly imported (so withdraw bz2 export) + * sf#4204 Reloading user privileges hides user groups submenu + * sf#4231 DATE columns quick edit decrement by one day @@ -76,10 +84,10 @@ - - sf#3840 (additional fix) When exporting to gzip format, the data is compressed 2 times - - sf#4209 Missing compression in one case - - sf#4208 Can't browse tables after sorting on columns with fieldnames that have a '-' - - sf#4184 Switch to wrong page after adding an index - - sf#3885 Additional fix for this bug - - sf#4212 Table "disappears" if it has the same name as its tablegroup - - sf#4213 Datetime Quick Edit decrements by one day - - sf#4217 Current value not highlighted when browsing foreign values - - sf#4220 Incorrect key values in foreign key browser - - sf#4215 MariaDB 5.5: error in Drizzle detection + * sf#3840 (additional fix) When exporting to gzip format, the data is compressed 2 times + * sf#4209 Missing compression in one case + * sf#4208 Can't browse tables after sorting on columns with fieldnames that have a '-' + * sf#4184 Switch to wrong page after adding an index + * sf#3885 Additional fix for this bug + * sf#4212 Table "disappears" if it has the same name as its tablegroup + * sf#4213 Datetime Quick Edit decrements by one day + * sf#4217 Current value not highlighted when browsing foreign values + * sf#4220 Incorrect key values in foreign key browser + * sf#4215 MariaDB 5.5: error in Drizzle detection @@ -96,9 +104,9 @@ - - sf#3938 PDFDefaultPageSize doc and easy configurability - - sf#4198 Hovering over pie chart gives fatal JS error - - sf#4200 Missing syntax highlighting - - sf#4201 Exports are not compressed - - sf#4131 Import: "number of rows to skip" is ambiguous - - sf#4205 Add a user shows additional "edit user group" link - - sf#4202 Cannot read property 'token' of undefined - - sf#4203 On refreshing designer, $.FullScreen is undefined - - sf#3920 Lost space in navigation area + * sf#3938 PDFDefaultPageSize doc and easy configurability + * sf#4198 Hovering over pie chart gives fatal JS error + * sf#4200 Missing syntax highlighting + * sf#4201 Exports are not compressed + * sf#4131 Import: "number of rows to skip" is ambiguous + * sf#4205 Add a user shows additional "edit user group" link + * sf#4202 Cannot read property 'token' of undefined + * sf#4203 On refreshing designer, $.FullScreen is undefined + * sf#3920 Lost space in navigation area @@ -111,8 +119,8 @@ - - sf#4178 Quick edit for BIT type does not work - - sf#2760 Warn about incomplete exports - - sf#4190 Fractional seconds cause row update even if the value is not changed - - sf#4170 Overflow scroll for table grid is not a good solution - - sf#2961 Relations settings not updated on config change - - sf#4187 SQL query inline edit doesn't post changes on the first run - + rfe #1465 Docs for connections to IPv6 only MySQL instances - + rfe #1468 [interface] No floating for server breadcrumb menu + * sf#4178 Quick edit for BIT type does not work + * sf#2760 Warn about incomplete exports + * sf#4190 Fractional seconds cause row update even if the value is not changed + * sf#4170 Overflow scroll for table grid is not a good solution + * sf#2961 Relations settings not updated on config change + * sf#4187 SQL query inline edit doesn't post changes on the first run + * rfe #1465 Docs for connections to IPv6 only MySQL instances + * rfe #1468 [interface] No floating for server breadcrumb menu @@ -124,6 +132,6 @@ - - sf#4154 Error using UNION query - - sf#4173 Transformations overview not reachable - - sf#4149 Js freezes in the management of replication - - sf#3903 Query fails when using aliases after ordering result - - sf#4181 Adding columns in table creation clears existing columns - - sf#4023 Requires wildcard EXECUTE/ALTER ROUTINE on DB to allow + * sf#4154 Error using UNION query + * sf#4173 Transformations overview not reachable + * sf#4149 Js freezes in the management of replication + * sf#3903 Query fails when using aliases after ordering result + * sf#4181 Adding columns in table creation clears existing columns + * sf#4023 Requires wildcard EXECUTE/ALTER ROUTINE on DB to allow @@ -131,2 +139,2 @@ - - sf#4186 Adding a column when creating a table does not propagate index info - - sf#4185 Unable to execute create procedure statement from query window + * sf#4186 Adding a column when creating a table does not propagate index info + * sf#4185 Unable to execute create procedure statement from query window @@ -138,61 +146,61 @@ - + rfe #499 On user creation, warn if the user already exists - + Use indeterminate check all checkbox in server privileges - + Break server_status.php functions into smaller functions - + PMA_DBI functions in database_interface.lib.php renamed to be compliant with PEAR standards - + [interface] Make warning about existing config directory clearer - + rfe #1414 Allow specifying controlport - + PMA_DBI functions in database interface libraries renamed to be compliant with PEAR standards - + rfe #1412 Creating a view from an empty set of results ++++ 618 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin.changes ++++ and /work/SRC/openSUSE:Factory/.phpMyAdmin.new/phpMyAdmin.changes ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ phpMyAdmin-config.patch ++++++ --- /var/tmp/diff_new_pack.HAIFfr/_old 2014-03-07 07:05:55.000000000 +0100 +++ /var/tmp/diff_new_pack.HAIFfr/_new 2014-03-07 07:05:55.000000000 +0100 @@ -29,8 +29,7 @@ * This is needed for cookie based authentication to encrypt password in * cookie + * YOU MUST FILL IN THIS FOR COOKIE AUTH! - */ --$cfg['blowfish_secret'] = 'a8b7c6d'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ ++ */ +$cfg['blowfish_secret'] = ''; + +/* @@ -50,7 +49,8 @@ + * Disable the default warning that is displayed if Suhosin is detected + * + * @global boolean $cfg['SuhosinDisableWarning'] -+ */ + */ +-$cfg['blowfish_secret'] = 'a8b7c6d'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ +$cfg['SuhosinDisableWarning'] = true; /* @@ -135,34 +135,12 @@ * phpMyAdmin configuration storage settings. */ +$cfg['Servers'][$i]['controlhost'] = 'localhost'; - --/* User used to manipulate with storage */ --// $cfg['Servers'][$i]['controlhost'] = ''; --// $cfg['Servers'][$i]['controlport'] = ''; --// $cfg['Servers'][$i]['controluser'] = 'pma'; --// $cfg['Servers'][$i]['controlpass'] = 'pmapass'; ++ +// MySQL control user settings (this user must have read-only +// access to the "mysql/user" and "mysql/db" tables). +// The controluser is also used for all relational features (pmadb) +$cfg['Servers'][$i]['controluser'] = ''; - --/* Storage database and tables */ --// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; --// $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark'; --// $cfg['Servers'][$i]['relation'] = 'pma__relation'; --// $cfg['Servers'][$i]['table_info'] = 'pma__table_info'; --// $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords'; --// $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages'; --// $cfg['Servers'][$i]['column_info'] = 'pma__column_info'; --// $cfg['Servers'][$i]['history'] = 'pma__history'; --// $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs'; --// $cfg['Servers'][$i]['tracking'] = 'pma__tracking'; --// $cfg['Servers'][$i]['designer_coords'] = 'pma__designer_coords'; --// $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig'; --// $cfg['Servers'][$i]['recent'] = 'pma__recent'; --// $cfg['Servers'][$i]['users'] = 'pma__users'; --// $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups'; --// $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding'; ++ +// The password needed for the controluser to login +// (see $cfg['Servers'][$i]['controluser']) +$cfg['Servers'][$i]['controlpass'] = ''; @@ -240,12 +218,12 @@ +// Without configuring the storage, you can still access the recently +// used tables, but it will disappear after you logout. +// DEFAULT: 'pma_recent' -+$cfg['Servers'][$i]['recent'] = 'pma__recent'; -+ ++$cfg['Servers'][$i]['recent'] = 'pma__recent'; ++ +// You can create different user groups with menu items attached to them. -+// Users can be assigned to these groups and the logged in user ++// Users can be assigned to these groups and the logged in user +// would only see menu items configured to the usergroup he is assigned to. -+// To do this it needs two tables “usergroups” (storing allowed menu items for each user group) ++// To do this it needs two tables “usergroups” (storing allowed menu items for each user group) +// and “users” (storing users and their assignments to user groups). +// DEFAULT: 'pma_users' +// DEFAULT: 'pma_usergroups' @@ -255,7 +233,30 @@ +// You can hide/show items in the navigation tree. +// DEFAULT: 'pma_navigationhiding' +$cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding'; -+ + +-/* User used to manipulate with storage */ +-// $cfg['Servers'][$i]['controlhost'] = ''; +-// $cfg['Servers'][$i]['controlport'] = ''; +-// $cfg['Servers'][$i]['controluser'] = 'pma'; +-// $cfg['Servers'][$i]['controlpass'] = 'pmapass'; +- +-/* Storage database and tables */ +-// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; +-// $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark'; +-// $cfg['Servers'][$i]['relation'] = 'pma__relation'; +-// $cfg['Servers'][$i]['table_info'] = 'pma__table_info'; +-// $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords'; +-// $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages'; +-// $cfg['Servers'][$i]['column_info'] = 'pma__column_info'; +-// $cfg['Servers'][$i]['history'] = 'pma__history'; +-// $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs'; +-// $cfg['Servers'][$i]['tracking'] = 'pma__tracking'; +-// $cfg['Servers'][$i]['designer_coords'] = 'pma__designer_coords'; +-// $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig'; +-// $cfg['Servers'][$i]['recent'] = 'pma__recent'; +-// $cfg['Servers'][$i]['users'] = 'pma__users'; +-// $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups'; +-// $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding'; /* Contrib / Swekey authentication */ -// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; +// The name of the file containing Swekey ids and login names for @@ -292,12 +293,12 @@ +$cfg['Servers'][$i]['AllowDeny']['order'] = ''; +$cfg['Servers'][$i]['AllowDeny']['rules'] = array(); +*/ -+ -+/* -+ * phpMyAdmin configuration storage settings. -+ */ /* ++ * phpMyAdmin configuration storage settings. ++ */ ++ ++/* +$cfg['Servers'][$i]['controlhost'] = 'localhost'; +$cfg['Servers'][$i]['controluser'] = ''; +$cfg['Servers'][$i]['controlpass'] = ''; @@ -334,9 +335,9 @@ +/*************************************** * End of servers configuration */ - + Index: libraries/vendor_config.php -=================================================================== +=================================================================== --- libraries/vendor_config.php.orig +++ libraries/vendor_config.php @@ -17,18 +17,18 @@ if (! defined('PHPMYADMIN')) { -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org