From 3e95b08ceddaad36a3633920d7b0bcf85ce2f565 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Sat, 23 Jul 2011 08:03:58 -0400 Subject: [PATCH 1/7] 3.3.10.3 release --- Documentation.html | 4 ++-- README | 2 +- libraries/Config.class.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Documentation.html b/Documentation.html index 89640a123..f92b46bec 100644 --- a/Documentation.html +++ b/Documentation.html @@ -10,7 +10,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78 - phpMyAdmin 3.3.10.2 - Documentation + phpMyAdmin 3.3.10.3 - Documentation @@ -18,7 +18,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78 diff --git a/README b/README index 5bce68c4c..f5967ed42 100644 --- a/README +++ b/README @@ -5,7 +5,7 @@ phpMyAdmin - Readme A set of PHP-scripts to manage MySQL over the web. - Version 3.3.10.2 + Version 3.3.10.3 ---------------- http://www.phpmyadmin.net/ diff --git a/libraries/Config.class.php b/libraries/Config.class.php index 79a006b38..68b96635a 100644 --- a/libraries/Config.class.php +++ b/libraries/Config.class.php @@ -92,7 +92,7 @@ class PMA_Config */ function checkSystem() { - $this->set('PMA_VERSION', '3.3.10.2'); + $this->set('PMA_VERSION', '3.3.10.3'); /** * @deprecated */ From a6c8a8fe8ac03f4f36e5aaa7f7fb3bf0e11654f8 Mon Sep 17 00:00:00 2001 From: Herman van Rink Date: Fri, 5 Aug 2011 10:14:18 +0200 Subject: [PATCH 2/7] XSS fixes --- tbl_tracking.php | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/tbl_tracking.php b/tbl_tracking.php index b3ac4f322..1dc239704 100644 --- a/tbl_tracking.php +++ b/tbl_tracking.php @@ -288,17 +288,17 @@ if (isset($_REQUEST['snapshot'])) { ' . $field['Field'] . '' . "\n"; + echo '' . htmlspecialchars($field['Field']) . '' . "\n"; } else { - echo '' . $field['Field'] . '' . "\n"; + echo '' . htmlspecialchars($field['Field']) . '' . "\n"; } ?> - - - - - - + + + + + + - - + + - - - - - + + + + + Date: Fri, 5 Aug 2011 11:45:35 +0200 Subject: [PATCH 3/7] XSS fixes --- tbl_tracking.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tbl_tracking.php b/tbl_tracking.php index 1dc239704..82cb2aaed 100644 --- a/tbl_tracking.php +++ b/tbl_tracking.php @@ -379,7 +379,7 @@ if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { ?>

[]

-
+

@@ -390,9 +390,9 @@ if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { '' . '' . ''; - $str2 = ''; - $str3 = ''; - $str4 = ''; + $str2 = ''; + $str3 = ''; + $str4 = ''; $str5 = ''; printf($strTrackingShowLogDateUsers, $str1, $str2, $str3, $str4, $str5); From 9d54e57fc8946db9b04666a93541871c80867fe7 Mon Sep 17 00:00:00 2001 From: Herman van Rink Date: Fri, 5 Aug 2011 12:01:47 +0200 Subject: [PATCH 4/7] XSS fixes --- tbl_tracking.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tbl_tracking.php b/tbl_tracking.php index 82cb2aaed..a926993b1 100644 --- a/tbl_tracking.php +++ b/tbl_tracking.php @@ -480,8 +480,8 @@ if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { ?> - - + +
- - - - + + + + " . sprintf($strTrackingExportAs, $str_export1) . $str_export2 . "
"; ?> From e11e55cb0689b4a6de5f0d996166668a47f96da9 Mon Sep 17 00:00:00 2001 From: Herman van Rink Date: Fri, 5 Aug 2011 11:45:16 +0200 Subject: [PATCH 5/7] Make better use of PMA_generate_common_url to prevent XSS --- tbl_tracking.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/tbl_tracking.php b/tbl_tracking.php index a926993b1..34bc5dd40 100644 --- a/tbl_tracking.php +++ b/tbl_tracking.php @@ -382,7 +382,7 @@ if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) {

- + ' . @@ -500,7 +500,7 @@ if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { } ?> -
+ '; ?>
-
+ @@ -622,7 +622,11 @@ if ($last_version > 0) { - | + + | + Date: Mon, 8 Aug 2011 17:28:54 -0400 Subject: [PATCH 6/7] Sanitize filenames before using in Content-Disposition header --- transformation_wrapper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/transformation_wrapper.php b/transformation_wrapper.php index 011effeb3..6f06450d8 100644 --- a/transformation_wrapper.php +++ b/transformation_wrapper.php @@ -70,7 +70,7 @@ if (isset($ct) && !empty($ct)) { header($content_type); if (isset($cn) && !empty($cn)) { - header('Content-Disposition: attachment; filename=' . $cn); + header('Content-Disposition: attachment; filename=' . PMA_sanitize_filename($cn)); } if (!isset($resize)) { From a5716cb3892f1714a97d8808cde9229ccc8752c8 Mon Sep 17 00:00:00 2001 From: Herman van Rink Date: Fri, 19 Aug 2011 11:01:45 +0200 Subject: [PATCH 7/7] Slightly far fetched XSS prevention --- tbl_tracking.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tbl_tracking.php b/tbl_tracking.php index 34bc5dd40..ab5bd31cf 100644 --- a/tbl_tracking.php +++ b/tbl_tracking.php @@ -429,8 +429,8 @@ if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { ?> - - + + 0) { - - - + + +