-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-7329 2009-07-03 18:38:23 --------------------------------------------------------------------------------
Name : phpMyAdmin Product : Fedora 11 Version : 3.2.0.1 Release : 1.fc11 URL : http://www.phpmyadmin.net/ Summary : Web based MySQL browser written in php Description : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and is available in 50 languages
-------------------------------------------------------------------------------- Update Information:
The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - [core] better support for vendor customisation (based on what Debian needs) - [rfe] warn when session.gc_maxlifetime is less than cookie validity - [rfe] configurable default charset for import - [rfe] link to InnoDB status when error 150 occurs - [rfe] strip ` from column names on import - [rfe] LeftFrameDBSeparator can be an array - [privileges] Extra back reference when editing table-specific privileges - [display] Sortable database columns - [lang] Wrong string in setup script hints - [cleanup] XHTML cleanup, - [display] Possibility of disabling the sliders - [privileges] Create user for existing database - [privileges] Cleanup - [auth] AllowNoPasswordRoot error message is too vague - [XHTML] View table headers/footers completely - [core] support column name having square brackets - [lang] Lithuanian update - [auth] New setting AllowNoPassword (supercedes AllowNoPasswordRoot) that applies to all accounts (even the anonymous user) - [relation] Missing code with hashing for relationship editing - [rfe] Added option to disable mcrypt warning. - [bug] Request-URI Too Large error from Location header - [rfe] Check for relations support on main page. - [rfe] Explanation for using Host table. - [rfe] Link to download more themes. - [rfe] Add option to generate password on change password page. - [rfe] Allow logging of user status with Apache. - [patch] None default is different than other None in some languages. - [lang] Chinese Simplified update - [display] Sort arrows problem - [security] warn about existence of config directory on main page - [lang] Polish update - [export] Escape new line in CSV export - [patch] Optimizations for PHP loops - [import] SQL_MODE not saved during Partial Import - [auth] cache control missing (PHP-CGI) - [parser] Incorrect parsing of constraints in ALTER TABLE - [status] Server status - replication - [edit] Multi-row change with "]" improved - [rfe] Automatically copy generated password - [interface] Table with name 'log_views' is incorrectly displayed as a view - [patch] Detect mcrypt initialization failure - [lang] Galician update - [lang] Swedish update - [lang] Norwegian update - [lang] Catalan update - [lang] Finnish update - [lang] Hungarian update -------------------------------------------------------------------------------- ChangeLog:
* Tue Jun 30 2009 Robert Scheck robert@fedoraproject.org 3.2.0.1-1 - Upstream released 3.2.0.1 (#508879) * Tue Jun 30 2009 Robert Scheck robert@fedoraproject.org 3.2.0-1 - Upstream released 3.2.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #508879 - phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5) https://bugzilla.redhat.com/show_bug.cgi?id=508879 --------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org