From dd81a0fce80b7766e7305c16c7b2cf32207d80fd Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Wed, 24 Aug 2011 12:38:04 -0400 Subject: [PATCH 1/2] ChangeLog and 3.4.4 XSS fix --- ChangeLog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 551eb8d36..cc9c6f83a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,7 @@ phpMyAdmin - ChangeLog ====================== -3.4.4.0 (not yet released) +3.4.4.0 (2011-08-24) - bug #3323060 [parser] SQL parser breaks AJAX requests if query has unclosed quotes - bug #3323101 [parser] Invalid escape sequence in SQL parser - bug #3348995 [config] $cfg['Export']['asfile'] set to false does not select asText option @@ -19,6 +19,7 @@ phpMyAdmin - ChangeLog - bug #3372807 [interface] Fix security warning link in setup - bug #3374347 [display] Backquotes in normal text on import page - bug #3358750 [core] With Suhosin, urls are too long in edit links +- [security] Missing sanitization on the table, column and index names leads to XSS vulnerabilities, see PMASA-2011-13 3.4.3.2 (2011-07-23) - [security] Fixed XSS vulnerability, see PMASA-2011-9 From b5686c68ab98b2916f187daff90f8b8f392ce394 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Wed, 24 Aug 2011 12:43:12 -0400 Subject: [PATCH 2/2] 3.4.4 release --- Documentation.html | 4 ++-- README | 2 +- libraries/Config.class.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Documentation.html b/Documentation.html index 057c6c905..fd0f6b835 100644 --- a/Documentation.html +++ b/Documentation.html @@ -9,7 +9,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78 - phpMyAdmin 3.4.4-rc1 - Documentation + phpMyAdmin 3.4.4 - Documentation @@ -17,7 +17,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78 diff --git a/README b/README index 6e7197d1b..ab29c94ba 100644 --- a/README +++ b/README @@ -1,7 +1,7 @@ phpMyAdmin - Readme =================== -Version 3.4.4-rc1 +Version 3.4.4 A set of PHP-scripts to manage MySQL over the web. diff --git a/libraries/Config.class.php b/libraries/Config.class.php index a55bd025e..37356e080 100644 --- a/libraries/Config.class.php +++ b/libraries/Config.class.php @@ -96,7 +96,7 @@ class PMA_Config */ function checkSystem() { - $this->set('PMA_VERSION', '3.4.4-rc1'); + $this->set('PMA_VERSION', '3.4.4'); /** * @deprecated */