Hello community, here is the log from the commit of package phpMyAdmin for openSUSE:Factory checked in at 2019-02-04 14:26:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/phpMyAdmin (Old) and /work/SRC/openSUSE:Factory/.phpMyAdmin.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "phpMyAdmin" Mon Feb 4 14:26:13 2019 rev:156 rq:671018 version:4.8.5 Changes: -------- --- /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin.changes 2018-12-12 17:31:52.146620088 +0100 +++ /work/SRC/openSUSE:Factory/.phpMyAdmin.new.28833/phpMyAdmin.changes 2019-02-04 14:26:15.365029759 +0100 @@ -1,0 +2,15 @@ +Fri Feb 1 19:10:59 UTC 2019 - andreas.stieger@gmx.de + +- phpMyAdmin 4.8.5: + * CVE-2019-6799: Arbitrary file read vulnerability (PMASA-2019-1, + bsc#1123272) + * CVE-2019-6798: SQL injection in the Designer interface + PMASA-2019-2, bsc#1123271) + * Fix rxport to SQL format not available + * Fix QR code not shown when adding two-factor authentication to + a user account + * Fix issue with adding a new user in MySQL 8.0.11 and newer + * Fix frozen interface relating to Text_Plain_Sql plugin + * Fix missing table level operations tab + +------------------------------------------------------------------- Old: ---- phpMyAdmin-4.8.4-all-languages.tar.xz phpMyAdmin-4.8.4-all-languages.tar.xz.asc New: ---- phpMyAdmin-4.8.5-all-languages.tar.xz phpMyAdmin-4.8.5-all-languages.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ phpMyAdmin.spec ++++++ --- /var/tmp/diff_new_pack.Q01RcU/_old 2019-02-04 14:26:16.141029391 +0100 +++ /var/tmp/diff_new_pack.Q01RcU/_new 2019-02-04 14:26:16.145029389 +0100 @@ -1,7 +1,7 @@ # # spec file for package phpMyAdmin # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -29,12 +29,12 @@ %define ap_grp nogroup %endif Name: phpMyAdmin -Version: 4.8.4 +Version: 4.8.5 Release: 0 Summary: Administration of MySQL over the web License: GPL-2.0-or-later Group: Productivity/Networking/Web/Frontends -Url: https://www.phpMyAdmin.net/ +URL: https://www.phpMyAdmin.net/ Source0: https://files.phpmyadmin.net/phpMyAdmin/%{version}/%{name}-%{version}-all-languages.tar.xz Source1: https://files.phpmyadmin.net/phpMyAdmin/%{version}/%{name}-%{version}-all-languages.tar.xz.asc # http://docs.phpmyadmin.net/en/latest/setup.html#verifying-phpmyadmin-release... @@ -47,6 +47,7 @@ # Fix-SUSE: auto config for pma storage Patch1: %{name}-pma.patch BuildRequires: apache2-devel +BuildRequires: fdupes BuildRequires: python-devel BuildRequires: xz # @@ -71,9 +72,7 @@ ### will be removed with php >= 7.2 ## boo#1050980 Suggests: php-mcrypt -BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch -BuildRequires: fdupes %description phpMyAdmin can manage a whole MySQL server (needs a super-user) as well as a @@ -127,7 +126,6 @@ # set proper shebang sed -i 's/env php/php/' vendor/phpmyadmin/sql-parser/bin/*-query -sed -i 's|\/usr\/bin\/env bash|\/bin\/bash|g' vendor/paragonie/random_compat/*.sh # permissions find . -type d -exec chmod 755 {} \; @@ -173,7 +171,7 @@ sed -i -e "s,@FQDN@,$(cat %{_sysconfdir}/HOSTNAME)," \ -e "s/\\\$cfg\['blowfish_secret'\] = ''/\$cfg['blowfish_secret'] = '`pwgen -s -1 46`'/" %{pma_config} # enable required apache modules -if [ -x /usr/sbin/a2enmod ]; then +if [ -x %{_sbindir}/a2enmod ]; then a2enmod -q version || a2enmod version # get installed php_version (5 or 7) php_version=$(php -v | sed -n 's/^PHP\ \([[:digit:]]\+\)\..*$/\1/p') @@ -189,7 +187,8 @@ %files -f FILELIST %defattr(644,root,root,755) %doc ChangeLog -%doc LICENSE README RELEASE-DATE* +%license LICENSE +%doc README RELEASE-DATE* %doc examples doc sql %dir %attr(0750,root,%{ap_grp}) %{_sysconfdir}/%{name} %dir %attr(0770,root,%{ap_grp}) %{ap_docroot}/%{name}/tmp @@ -198,6 +197,5 @@ %config(noreplace) %{ap_sysconfdir}/conf.d/%{name}.conf %config(noreplace) %{ap_sysconfdir}/conf.d/%{name}.inc %attr (755,root,root) %{ap_docroot}/%{name}/vendor/phpmyadmin/sql-parser/bin/*-query -%attr (755,root,root) %{ap_docroot}/%{name}/vendor/paragonie/random_compat/*.sh %changelog ++++++ phpMyAdmin-4.8.4-all-languages.tar.xz -> phpMyAdmin-4.8.5-all-languages.tar.xz ++++++ ++++ 13035 lines of diff (skipped)