File phpMyAdmin.changes of Package phpMyAdmin
-------------------------------------------------------------------
Thu Jan 8 06:07:12 UTC 2015 - ecsos@opensuse.org
- update to 4.3.6 (2015-01-07)
- fix bug Undefined index notices while configuring recent and
favorite tables
- sf#4687 Designer breaks without configuration storage
- sf#4686 Select elements flicker and selects something else
- sf#4689 Setup tool creates "pma__favorites" incorrectly
- sf#4685 Call to a member function isUserType() on a non-object
- sf#4691 Do not include console when no server is selected
- sf#4688 File permissions in archive
- sf#4692 Dynamic javascripts gives 500 when db selected
-------------------------------------------------------------------
Mon Jan 5 23:54:17 UTC 2015 - chris@computersalat.de
- rework config patch
* fix for pma storage config (disabled by default)
- add phpMyAdmin-pma.patch
* fix create_tables.sql
- fix restart_on_update
-------------------------------------------------------------------
Mon Jan 5 16:03:43 UTC 2015 - ecsos@opensuse.org
- update to 4.3.5 (2015-01-05)
- fix bug Auto-configuration: tables were not created
automatically
- sf#4677 Advanced feature checker does not check for
favorite tables feature
- sf#4678 Some of the data stored in configuration storage
are not deleted upon db or table delete
- sf#4679 Setup does not allow providing a name for
favorites table
- sf#4680 Number of favorite table are not configurable in setup
- sf#4681 'Central columns table' field in setup does not have
a description
- sf#4318 Default connection collation and sorting
- sf#4683 Relational data is not properly updated on table rename
- sf#4655 Undefined index: collation_connection (second patch)
- sf#4682 4.3.3 & 4.3.4 Import sql created by mysqldump fails on
foreign keys
- sf#4676 Auto-configuration issues
- sf#4416 New lines are removed when grid editing (part two: TEXT)
-------------------------------------------------------------------
Mon Dec 29 18:03:15 UTC 2014 - ecsos@opensuse.org
- update to 4.3.4 (2014-12-29)
- sf#4653 Always connection error was shown, on /setup
at tab "configuration storage"
- sf#4661 Drag and drop file import always fails
- sf#4651 don't open console with esc
- sf#4664 select min() displays 1 row, but reports the table
amount of rows returned
- sf#4666 Undefined indexes in table stucture print view
of a view
- sf#4663 Export missing back ticks for order table name
- sf#4668 Remove from central columns error
- sf#4670 CSV import reads both commas and values into
first column after first row
- sf#4642 phpmyadmin often fails to load due to specific
load order
- sf#4671 Unable to move all columns
- sf#4645 Import of export created with mysqldump
- sf#4672 "Distinct values" does not page
- sf#4667 Consistency in borders
- sf#4658 Illegal string offset (Data_length, Index_length)
- sf#4655 Undefined index: collation_connection
- sf#4673 Delimiter causing page lock
-------------------------------------------------------------------
Sun Dec 21 12:27:09 UTC 2014 - ecsos@opensuse.org
- update to 4.3.3 (2014-12-21)
- fix bug The "Recently used tables" setting should be with
Nav panel
- sf#4647 Can't disable Favorites
- sf#4646 Version Check Broken
- sf#4630 AJAX request infinite loop
- sf#4649 Attributes field size smaller than others
- sf#4622 Cannot remove table ordering on a Mac
- fix bug Fix initial replication configuration
- fix bug Undefined index central_columnswork
- sf#4657 Don't have default blowfish_secret
- sf#4656 Some error popups fade away too quickly
- sf#4648 Consistency in borders
- fix bug $cfg['Error_Handler']['display'] no longer necessary
- sf#4659 Leading and trailing whitespace in column name
-------------------------------------------------------------------
Fri Dec 12 15:27:17 UTC 2014 - ecsos@opensuse.org
- update to 4.3.2 (2014-12-12)
- sf#4628 PHP error while exporting schema as PDF
- sf#4631 Server selector submits two server parameter values
- sf#4629 Problem with custom SQL queries using cookie
authentication
- fix bug Undefined index central_columnswork
- sf#4632 Notice in ./libraries/Util.class.php#1916
Undefined index: query
- sf#4633 Wrong parameter in fetchValue
- sf#4634 Error reporting creates an infinite loop
- sf#4635 Token mismatch while creating configuration storage
- sf#4640 Incorrect reference to PHP 6
- sf#3794 failure to handle repeating empty columns when
importing ODS
- sf#4638 Default Export Method setting broken
- sf#4639 Export SQL missing indentation first field
- sf#4637 Field Alignment
- sf#4644 Error when browsing tables
-------------------------------------------------------------------
Mon Dec 8 18:26:50 UTC 2014 - ecsos@opensuse.org
- update to 4.3.1 (2014-12-08)
- sf#4609 'Show all' checkbox label is not clickable
- sf#4610 JS error reporting: Hash fragment is reset
- fix bug Undefined index menuswork
- sf#4614 Separator between "Show All" and "Number of rows"
disappears
- sf#4615 SQL highlighting in process list breaks on auto refresh
- sf#4616 Warning in db structure print view page
- fix bug Undefined index navwork, savedsearcheswork, fields
- sf#4620 Undefined index while adding to the central
columns list
- sf#4618 Page scrolls while GIS visualization is zoomed in/out
with mousewheel
- sf#4613 HHVM: method 'ob_gzhandler' not found
- sf#4593 Manual "SELECT" doesn't change active table
- sf#4623 Incomplete PHP OpenSSL support
- sf#4626 Ctrl + click on a column not in sort triggers a server
call to erroneous url
- sf#4625 "Insufficient space to save the file" on export SQL to
file on server
- sf#4627 "file_get_contents(examples/create_tables.sql): failed
to open stream" after update
- sf#4617 UI issues with sortable tables
- sf#4619 SELECT LENGTH(`field`) FROM `table` does not sort
-------------------------------------------------------------------
Sat Dec 6 10:09:35 UTC 2014 - ecsos@opensuse.org
- update to 4.3.0 (2014-12-05)
+ rfe #1502 Smart sorting for int keys
+ rfe #1521 Confirmation message when dropping user(s)
+ rfe #1518 Confirm dialog on accidentally leaving a page
+ rfe #1445 Easy access to "SHOW CREATE ..."
+ rfe #1448 Allow clicking an approximate row count to get
a correct one
+ rfe #1487 "Browse foreign values" should be a modal dialog
+ rfe #1523 Better visual clue for table structure
primary key column
+ rfe #982 Support for editing binary fields in hexadecimal
- sf#4416 New lines are removed when grid editing
+ rfe #706 Multi-db privileges adding
+ rfe #1527 Charts for data in <x-axis, series, value> format
+ rfe Allow saving query charts as images
+ rfe #1145 Preview SQL instead of executing it
+ rfe #759 Use aliases in SQL export for tables and columns
- sf#4450 Query is duplicated on Ctrl+Enter
+ rfe #755 Export with table/column name changes
+ rfe #869 Run SQL query: Allow rollback for InnoDB tables
+ rfe #654 Range Search Capability
+ rfe #1490 Dynamic process list
+ rfe #1522 Drag and Drop SQL import
+ rfe #637 Custom Field Handlers
+ rfe #1488 User privilege tab not shown in all relevant cases
+ rfe #781 Privileges for non superuser
+ rfe #908 Improvements for the table editor (index creation)
+ rfe #1426 Navigation state lost on reload
- sf#4439 Table list in left panel doesn't expand
+ rfe Improved validation when inserting data
+ rfe #1491 Support InnoDB for database Query by example
+ rfe #345 Normalize a table
+ rfe #1123 Zeroconf PMA tables support
+ rfe #1492 Remove the distinct query window / Add SQL
log+history panel
+ rfe #919 Multiple-column foreign key relation
- sf#3165 Redundant foreign keys not supported
- fix bug Incorrect link to documentation
+ rfe #857 Regexp replace
- fix bug Incorrect path in change password when on reverse proxy
or
non-root directory
+ MariaDB 10+ multi-master replication support
+ rfe #1544 MySQL 5.7.5 compatibility
+ rfe #1529 Avoid session timeout when user is active
- sf#4528 Can't import dump via SQL field
+ rfe #1251 Show "Overhead" with same precision for all tables
+ rfe #1546 Improve the js printf library
+ rfe #1542 Better error reporting in Designer
- sf#4547 Micro history does not work in Users page
- sf#4551 Wrong test in source code
- sf#4537 BLOB inline-view JPG column transformation does
not work for anything except simple queries
+ rfe #1535 Keyword-based autocompletion in SQL query editors
- sf#4558 Unable to Add Rows while Creating Table
+ rfe #1547 Wrap No Tables Found message with message box
- sf#4559 Logging in causes 100% CPU usage
- sf#4564 Designer: spaces in table name with edit table link
generates bad links
- sf#4582 Debug SQL works only for the first page
- sf#3869 Count(*) on information_scheme.INNODB_BUFFER_PAGE
with a huge bufferpool
- sf#4495 Comment lines in multiquery
- sf#4535 Loads of Warnings/Notices in PMA_getServerSlaveStatus
on replication slave
- sf#4585 Multi query results not shown
+ rfe #1556 Disabling Show all
- sf#4513 phpmyadmin run very slow (information_schema)
- sf#4243 Super slow page rendering with tens of thousands of DBs
- sf#4391 Upgraded to 4.2.0, insanely slow now
+ rfe #1537 PHP OpenSSL support for cookie encryption/decryption
- sf#4227 Token mismatch when using HTTP AUTH and the SESSION
expires
- change all my old mail address in this changelog
from ecsos@old.domain to ecsos@opensuse.org
-------------------------------------------------------------------
Wed Dec 3 17:14:16 UTC 2014 - ecsos@opensuse.org
- update to 4.2.13.1 (2014-12-03)
This update fixes several vulnerabilities
- Security fixes:
* PMASA-2014-18 (CVE-2014-9219, CWE-661 CWE-79) [boo#908364]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php
- sf#4612 [security] XSS vulnerability in redirection mechanism
* PMASA-2014-17 (CVE-2014-9218, CWE-661 CWE-400) [boo#908363]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php
- sf#4611 [security] DOS attack with long passwords
-------------------------------------------------------------------
Sun Nov 30 22:47:22 UTC 2014 - ecsos@opensuse.org
- update to 4.2.13 (2014-11-30)
- sf#4604 Query history not being deleted
- sf#4057 db/table query string parameters no longer work
- sf#4605 Unseen messages in tracking
- sf#4606 Tracking report export as SQL dump does not work
- sf#4607 Syntax error during db_copy operation
- sf#4608 SELECT permission issues with relations and restricted
access
-------------------------------------------------------------------
Thu Nov 20 16:18:55 UTC 2014 - ecsos@opensuse.org
- update to 4.2.12 (2014-11-20)
This update fixes several vulnerabilities, as well as a number of
other bug fixes.
- Security fixes:
* PMASA-2014-16 (CVE-2014-8961, CWE-661 CWE-23) [boo#906488]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php
- sf#4595 [security] Path traversal can lead to leakage of
line count
* PMASA-2014-15 (CVE-2014-8960, CWE-661 CWE-79) [boo#906487]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php
- sf#4596 [security] XSS through exception stack
* PMASA-2014-14 (CVE-2014-8959, CWE-661 CWE-98) [boo#906486]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php
- sf#4594 [security] Path traversal in file inclusion of
GIS factory
* PMASA-2014-13 (CVE-2014-8958, CWE-661 CWE-79) [boo#906485]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
- sf#4578 [security] XSS vulnerability in table print view
- sf#4579 [security] XSS vulnerability in zoom search page
- sf#4598 [security] XSS in multi submit
- sf#4597 [security] XSS through pma_fontsize cookie
- Other bug fixes:
- sf#4574 Blank/white page when JavaScript disabled
- sf#4577 Multi row actions cause full page reloads
- fix ReferenceError: targeturl is not defined
- fix Incorrect text/icon display in Tracking report
- sf#4404 Recordset return from procedure display nothing
- sf#4584 Edit dialog for routines is too long for
smaller displays
- sf#4586 Javascript error after moving a column
- sf#4576 Issue with long comments on table columns
- sf#4599 Input field unnecessarily selected on focus
- sf#4602 Exporting selected rows exports all rows of the query
- sf#4444 No insert statement produced in SQL export for
queries with alias
- sf#4603 Field disabled when internal relations used
-------------------------------------------------------------------
Fri Oct 31 17:44:05 UTC 2014 - ecsos@opensuse.org
- update to 4.2.11 (2014-10-31)
- fix ReferenceError: Table_onover is not defined
- sf#4552 Incorrect routines display for database due to case
insensitive checks
- sf#4259 reCaptcha sound session expired problem
- sf#4557 PHP fatal error, undefined function __()
- sf#4568 Date displayed incorrectly when charting a timeline
- sf#4571 Database Privileges link does not work
- fix makegrid.js: where_clause is undefined
- sf#4572 missing trailing slash (import and open_basedir)
-------------------------------------------------------------------
Tue Oct 21 22:59:45 UTC 2014 - andreas.stieger@gmx.de
- phpMyAdmin 4.2.10.1 [boo#902154] [CVE-2014-8326]
This release fixes cross-site scripting vulnerabilities in the
SQL debug output and server monitor pages. This developer option
is not enabled by default.
- sf#4562 [security] XSS in debug SQL output
- sf#4563 [security] XSS in monitor query analyzer
-------------------------------------------------------------------
Sat Oct 11 15:34:28 UTC 2014 - ecsos@opensuse.org
- update to 4.2.10 (2014-10-11)
- sf#4361 Can't change font size
(when config.inc.php not present)
- sf#4542 Tab key in column name not shown
- fix bug PDF export: title not present in PDF
- sf#4543 Changing column name can break saved "order by" clause
- sf#4545 trying to favorite table while browser localStorage
is disabled throws JS error
- sf#4259 reCaptcha sound session expired problem
- sf#4548 Inline editing a field converts tab to spaces
- sf#4252 Database-level permission bug for db names containing
underscores
- sf#3120 Events are not exported when using xml
- sf#4554 Grid-editing timestamp column forces datepicker
- sf#4556 Fast filters for tables, views etc. should be governed
by NavigationTreeDisplayItemFilterMinimum
-------------------------------------------------------------------
Wed Oct 1 20:26:14 UTC 2014 - andreas.stieger@gmx.de
- phpMyAdmin 4.2.9.1 [bnc#899452] [CVE-2014-7217]
Contains a fix for a cross-site scripting vulnerability in the
table search and table structure pages which could be trigged
with a crafted ENUM value
- sf#4544 [security] XSS vulnerabilities in table search and
table structure pages
-------------------------------------------------------------------
Sat Sep 20 12:12:53 UTC 2014 - ecsos@opensuse.org
- update to 4.2.9 (2014-09-20)
- fix bug ajax.js responseHandler: cannot read property of null
- fix bug sql.js: str is undefined
- sf#4524 Allow for direct selection of "0"
on the "user overview" page
- sf#4529 Undefined index: pos
- sf#4523 tbl_change.js: insert as new row submit type on
multiple selected records does not set all AUTO_INCREMENTs
to 0 value
- fix bug ajax.js responseHandler: another "cannot read property"
- fix bug tbl_structure.js "cannot read property"
-------------------------------------------------------------------
Sun Sep 14 21:10:17 UTC 2014 - chris@computersalat.de
- fix for bnc#896635
* update to 4.2.8.1 (2014-09-13)
* PMASA-2014-10 (CVE-2014-6300, CWE-661 CWE-352)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
- sf#4530 [security] DOM based XSS that results to a CSRF
that creates a ROOT account in certain conditions
-------------------------------------------------------------------
Fri Sep 5 18:39:29 UTC 2014 - chris@computersalat.de
- rollback changes introduced by fix for bnc#894107 cause they
broke apache pkg.
-------------------------------------------------------------------
Sun Aug 31 21:52:38 UTC 2014 - ecsos@opensuse.org
- update to 4.2.8 (2014-08-31)
- sf#4516 Odd export behavior
- sf#4519 Uncaught TypeError: Cannot read property 'success'
of null
- sf#4520 sql.js: cannot read property
- sf#4521 Initially allowed chart types do not match selected
data
- sf#4518 Export to SQL: CREATE TABLE option AUTO_INCREMENT
ignored
- sf#4522 Duplicate column names while assigning index
- sf#4487 Export of partitioned table does not import
- fix bug server_privileges.js: cannot read property
- sf#4527 Importing ODS files with column names having trailing
spaces fails
- sf#4413 Navigation Error in Nav Tree for Search Results Past
the First Page
- fix bug functions.js: Cannot read property 'replace' of undefined
-------------------------------------------------------------------
Fri Aug 29 14:58:31 UTC 2014 - chris@computersalat.de
- fix for bnc#894107
* fix post/postun for systemd
-------------------------------------------------------------------
Tue Aug 19 21:46:14 UTC 2014 - chris@computersalat.de
- fix changes file
* add missing PMASA / CVE info
-------------------------------------------------------------------
Mon Aug 18 18:13:29 UTC 2014 - andreas.stieger@gmx.de
- fix for bnc#892401
* update to 4.2.7.1
* PMASA-2014-8 (CVE-2014-5273, CWE-661 CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php
- sf#4501 [security] XSS in table browse page
- sf#4502 [security] Self-XSS in enum value editor
- sf#4503 [security] Self-XSSes in monitor
- sf#4504 [security] Self-XSS in query charts
- sf#4517 [security] XSS in relation view
* PMASA-2014-9 (CVE-2014-5274, CWE-661 CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
- sf#4505 [security] XSS in view operations page
-------------------------------------------------------------------
Thu Jul 31 21:38:39 UTC 2014 - ecsos@opensuse.org
- update to 4.2.7 (2014-07-31)
- sf Broken links on home page
- sf#4494 Overlap in navigation panel
- sf#4427 Action icons not in horizontal order
- sf#4493 s_attention.png is missing
- sf#4499 Uncaught TypeError: Cannot call method 'substr' of undefined
- sf#4498 PMA 4.2.x and HHVM
- sf#4500 mysql_doc_template is not defined
-------------------------------------------------------------------
Fri Jul 18 17:24:08 UTC 2014 - ecsos@opensuse.org
- update to 4.2.6 (2014-07-17)
- sf#4471 Undefined index warning with referenced column.
- sf#4027 $cfg['MaxExactCount'] is ignored when BROWSING is
back
- sf#4482 Multi Column sorting (improved user experience)
- sf#4478 Server validation does not work while in setup/mysqli
- sf Undefined variable when grid editing a foreign key column
- sf#4481 mult_submits.inc.php Undefined variable Error
- sf#4485 Sorting breaks the copy column feature
- sf#4440 Javascript error when renaming table
- sf#4483 'New window' link (selflink) disappears, causing
Javascript error
- sf#4489 Incorrect detection of privileges for routine
creation
- sf#4459 First few characters of database name aren't
clickable when expanded
- fix for PMASA-2014-4 (CVE-2014-4954, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php
* sf#4486 [security] XSS injection due to unescaped table
comment
- fix for PMASA-2014-5 (CVE-2014-4955, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php
* sf#4488 [security] XSS injection due to unescaped table name
(triggers)
- fix for PMASA-2014-6 (CVE-2014-4986, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php
* sf#4492 [security] XSS in AJAX confirmation messages
- fix for PMASA-2014-7 (CVE-2014-4987, CWE-661)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php
* sf#4491 [security] Missing validation for accessing User
groups feature
-------------------------------------------------------------------
Thu Jun 26 19:34:06 UTC 2014 - ecsos@opensuse.org
- update to 4.2.5 (2014-06-26)
- sf#4467 shell_exec() has been disabled for security reasons
- sf#4470 Error while submitting empty query
- sf#4463 Fatal error: Class 'PMA_DatabaseInterface' not found
- sf#4469 Fixed cookie based login for installations without mcrypt
- sf#4473 incorrect result count when having clause is used
- mcrypt: remove the requirement (64-bit) and the related warning
-------------------------------------------------------------------
Sat Jun 21 07:20:18 UTC 2014 - ecsos@opensuse.org
- update to 4.2.4 (2014-06-20)
- sf#4449 Mediawiki export does not produce table header row;
also fix related PHP warnings
- sf#4442 New lines are added to query every time
- sf#4445 Fatal error on SQL Export of join query
- sf#4448 Dump binary columns in hexadecimal notation not working
- Regenerate cookie encryption IV for every session
- sf#4405 Cannot import (open_basedir): fix another case
- sf#4457 SQL tab - Insert queries not showing affected row count
- bug Missing warning about existing account, on multi-server config
- sf#4435 WHERE clause can be undefined
- bug SQL export views as tables option getting ignored
* fix for PMASA-2014-3 ( CVE-2014-4349, CWE-661, CWE-79 )
http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php
- sf#4464 [security] XSS injection due to unescaped db/table name
in navigation hiding
* fix for PMASA-2014-2 ( CVE-2014-4348, CWE-661, CWE-79 )
http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php
- sf#4465 [security] XSS injection due to unescaped db/table name
in recent/favorite tables
-------------------------------------------------------------------
Mon Jun 9 19:16:43 UTC 2014 - andreas.stieger@gmx.de
- update to 4.2.3:
- sf#4423 Moving fields not working
- sf#4424 Table indexes disappear after altering field
- sf#4432 Error while displaying chart at server level
- sf#4405 Cannot import (open_basedir)
- sf#4396 Problem copying constraints (such as Sakila)
- sf#4433 Missing privileges submenu
- sf#4394 Drop db confirmation message when dropping a user
- sf#4436 Insert form numeric field with function drop-down list
- sf#4437 Problems due to missing enforcement of the minimum
supported MySQL version
- Add enforcement of the minimum supported PHP version (5.3.0)
- bug: Query error on submitting a column change form containing
a disabled input field
- bug: Incorrect menu tab generation from usergroups
- bug: Missing space in index creation/edit generated query
- sf#4434 Unchecking 'Show SQL queries' results NaN
-------------------------------------------------------------------
Tue May 20 16:58:13 UTC 2014 - ecsos@opensuse.org
- update to 4.2.2 (2014-05-20)
- sf#4388 Disable database expansion when enabled throws Error 500
when database name is clicked in navigation tree
- sf#4414 table display of performance_schema DB structure
- sf#4411 Protect Binary Columns: many problems
- sf#4395 BLOB link transformation is broken
- sf Respect ['ShowCreateDb'] in the navi panel
- sf#4392 Cannot see databases in nav panel on databases grouping
when disabled database expansion
- sf#4419 No more calendar into search tab
- sf#4398 Monitor should fit into screen width
- sf#4418 When copying databases, primary key attributes get lost
- sf#4421 empty maxInputVars on js/messages.php
-------------------------------------------------------------------
Tue May 13 20:15:28 UTC 2014 - ecsos@opensuse.org
- update to 4.2.1 (2014-05-13)
- sf#4380 Cannot display table structure with enums
containing special characters
- sf#4381 Cannot remove the last remembered sorted column
- sf Correctly fetch length of user and host fields in MySQL tables
- sf#4364 examples/signon.php does not support
the SessionSavePath directive
- sf#4382 Missing source for OpenLayers library
- sf Incorrect attributes for number fields
- sf#4383 Cannot update values in Zoom search
- sf#4313 GIS Visualization Extension does not work
with PointFromText() function
- sf#4384 Incorrect "Rows" total shown when truncating
or dropping a table on DB Structure page
- sf#4385 Grid edit on sorted columns fails
- sf#4389 Null checkbox covering data input when editing
- sf#4390 Data type changing by itself
(no size but attribute present)
-------------------------------------------------------------------
Thu May 8 14:29:34 UTC 2014 - ecsos@opensuse.org
- update to 4.2.0 (2014-05-08)
+ rfe #1403 Export only triggers
+ rfe #1483 Export Server/Database/Table without triggers
+ rfe #1662 Add table comment tool tip in database structure page
+ rfe #1447 Single table for display Character Sets and Collations
+ rfe #1455 Display icons/text/both for the table row actions
+ rfe #1473 Transformation to convert Boolean value to text
- sf#4157 Changing users password will delete it
+ rfe #1474 Text transformation combines Append and Prepend
+ Added warning about the mysql extension being deprecated
and removed the extension directive
+ Added support for scatter charts
+ rfe #1478 Make Column Headings Sticky
+ rfe #1480 Enhance privileges initials table
+ rfe #1472 [interface] Break "Edit privileges" with sub-menus
+ rfe #1466 Minor refactoring required
+ rfe #1004 Create indexes at the end in SQL export
+ rfe #1479 Relations edit form for larger monitors
+ rfe #1475 Inline query box vertical resize
+ rfe #1500 [interface] Add bottom border to top menu container
+ rfe #1498 Add datepicker for 'TIME' type
- sf#4237 HTTP Referer disclosure in SQL links
+ rfe Show full names on navigation hover
+ rfe #1505 Behaviour on click on a routine in nav panel
+ rfe #1418 Support more than one separating character on CSV import
+ rfe #569 Load/Save Query By Example
- sf#4281 Grid edit ENUM field, dialog disappears when trying to select
- sf#4304 DB export using zip compression generates an empty archive
+ rfe #1508 confirmation message at the top
- sf#4306 breadcrubs wrong on table create
+ rfe #1511 better validate database name for copying
+ rfe #1510 Database tab "Drop" button should be a link
+ rfe #1513 Highlight required form fields after failed submission
+ rfe #1460 Redirect to login page after session has expired
- sf#4316 Grid edit: can't change month on date fields
+ rfe #1501 add maxlength by field with length-spec
+ rfe #1512 Import happily doesn't do anything with no file name provided
+ rfe #1514 Add function to all the insert boxes automatically
+ rfe #1515 Option to skip tables larger than n
+ rfe #1486 Possibility of disabling database expansion
+ rfe #1476 Favourite tables select box
+ rfe #420 $cfg['CharEditing']='textarea' for structure edit
+ rfe #1329 Avoid editing of fields which are part of relation
+ rfe [interface] Highlight active left menu item in setup
+ rfe Filter on-screen rows during Browse
Removed support for SQL Validator (SOAP service no longer offered)
- sf#4352 Settings > Manage: incorrect messages
- sf#4337 "More" in Actions area doesn't collapse to fit available space
- sf#4375 Group two DB, one's name is the prefix of the other one
- sf#4070 Confusing database/table grouping
- sf#4366 Creating Index doesn't update index-list
-------------------------------------------------------------------
Sat Apr 26 20:56:34 UTC 2014 - andreas.stieger@gmx.de
- phpMyAdmin 4.1.14
* sf#4365 Creating bookmark with multiple queries not working
* sf#4372 Changing browser transformation results in unnecessary
table rebuild
* sf#4375 Group two DB, one's name is the prefix of the other one
* sf#4376 [interface] Login fields show in separate line
-------------------------------------------------------------------
Sun Apr 13 14:14:42 UTC 2014 - ecsos@opensuse.org
- update to 4.1.13 (2014-04-13)
* sf#4279 CTRL + up or down moves 2 fields
* sf#4336 List server css style wrong
* sf Missing value on the Status > Server page
* sf#4347 Fixed PHP Parse error in Advisor
* sf#4350 Deleting the DB if it is renamed by the same name
* sf#4353 makeProfilingChart is not defined
* sf#4355 Precision specifier for DOUBLE type is truncated
* sf#4346 Incorrect "Export incomplete" message
* sf#4359 Notices on create table page
* sf#4356 GROUPed selects show number of rows as if not grouped
* sf#4357 JS Form submitted on "enter" even if focus
is inside a select field
-------------------------------------------------------------------
Thu Mar 27 16:12:55 UTC 2014 - ecsos@opensuse.org
- update to 4.1.12 (2014-03-27)
* sf#4334 Add event : datepicker won't open
* sf#4338 Fix missing value error while executing SQL query
* TCPDF library is now optional dependency
* sf#4326 Cannot find the import plugins which start with uppercase 'I'
-------------------------------------------------------------------
Sat Mar 22 21:44:48 UTC 2014 - andreas.stieger@gmx.de
- phpMyAdmin 4.1.11:
* sf#4335 reCaptcha problem (4.1.10 regression)
-------------------------------------------------------------------
Sat Mar 22 15:27:37 UTC 2014 - ecsos@opensuse.org
- update to 4.1.10 (2014-03-22)
* sf#4301 Grid edit: "SELECT" query is replaced by "UPDATE"
query after edit
* sf#4278 reCaptcha re-login requires double effort
* sf#4324 Datepicker not showing up on insert page
* sf#3991 Problem selecting item in select boxes
with the ENTER keystroke in some browsers
* sf#4323 QueryWindow ignores CodeMirror
* sf None of the live charts shown on "Status -> Monitor" (Chrome)
-------------------------------------------------------------------
Sat Mar 8 02:00:58 UTC 2014 - ecsos@opensuse.org
- update to 4.1.9 (2014-03-06)
* sf#4279 CTRL + up or down moves two fields (part one)
* sf#4294 output as text radio clickable for "OpenDocument Text" export
* sf#4297 DROP DATABASE tick box in export no longer works
* sf#4291 Unable to export comments in OpenDocument text format
* sf#4299 Deletion even when the user says "No" to the confirmation message
* sf#4303 "New" link in navi panel is shown even if no privileges
* sf#4302 Some params are being omitted from microhistory
* sf#4298 Missing validation on Import CSV: "Columns enclosed with"
and "Columns escaped with"
* sf#4040 Fatal error while resetting settings
* sf#4305 JS error when editing procedure from nav panel
* sf#4308 Edit routine form submitting when pressing enter
* sf#4307 Nav: "Columns" won't expand with specific schema
-------------------------------------------------------------------
Wed Feb 26 23:18:52 UTC 2014 - chris@computersalat.de
- fix changes file
-------------------------------------------------------------------
Sat Feb 22 13:35:15 UTC 2014 - ecsos@opensuse.org
- update to 4.1.8 (2014-02-22)
* sf#4276 Login loop on session expiry
* sf#4249 Incorrect number of result rows for SQL with subqueries
* sf#4275 Broken Link to php extension manual
* sf#4053 List of procedures is not displayed after executing with Enter
* sf#4081 Setup page content shifted to the right edge of its tabs
* sf#4284 Reordering a column erases comments for other columns
* sf#4286 Open "Browse" in a new tab
* sf#4287 Printview - Always one column too much
* sf#4288 Expand database (+ icon) after timeout doesn't do anything
* sf#4285 Fixed CSS for setup
* Fixed altering table to DOUBLE/FLOAT field
* sf#4292 Success message and failure message being shown together
* sf#4293 opening new tab (using selflink) for import.php based actions
results in error and logout
-------------------------------------------------------------------
Sun Feb 9 16:40:00 UTC 2014 - ecsos@opensuse.org
- fix for bnc#864917
* PMASA-2014-1 ( CVE-2014-1879, CWE-661 CWE-79)
* update to >= 4.1.7
- update to 4.1.7 (2014-02-09)
* sf#4245 initial Browse query does not match sorting order
* sf#4250 Notice on export page
* sf#4253 "New" text in navigation frame acts like a database
* sf#4262 Cannot define a column with fractional seconds
* sf#4265 Missing datepicker icon for DATETIME(length)
* sf#4257 Hide fractional seconds when applicable
* sf#4264 Uncheck "Ignore" while inserting, upon leaving a textarea
* sf#4260 reCaptcha is ignoring language settings
* sf#4259 reCaptcha sound session expired problem
* sf#4263 Japanese character encoding not working properly when exporting
* sf#4269 Notice on table relation page
* sf#4270 Bad text-color for table comments
* sf#4278 reCaptcha re-login requires double effort
* sf#4272 Incorrect tabindex
* sf#4271 Query by example and the second criteria line
* sf#4242 Wildcard-containing only_db failure in sidebar
-------------------------------------------------------------------
Sun Jan 26 12:56:25 UTC 2014 - ecsos@opensuse.org
- update to 4.1.6 (2014-01-26)
* sf#4232 User not found after creating the user
* sf#4241 Confusing dialog when trying to create an already existing user
* sf#4239 Missing LIMIT clause for some queries
* rfe #1489 Do not show create icon when user has no privileges
* sf#4218 Chrome behavior with date fields
* sf#3579 NOW() function incorrectly selected (regression)
* sf#4244 Advisor complaints about MariaDB 10.x is version less than 5.1
* sf#3889 When login fails and error display is active, login data is displayed (regression)
* sf#4247 open_basedir warnings on export page
* sf#4013 AJAX request waiting until version info is retrieved
* sf#4248 js error when changing number of columns in status monitor
-------------------------------------------------------------------
Fri Jan 17 21:42:20 UTC 2014 - andreas.stieger@gmx.de
- phpMyAdmin 4.1.5
* sf#3780 Allow aborting loading pages
* sf#4223 Database list: Create database misses collation column
* sf#4224 Empty table names when a table is "inuse"
* sf#4225 Partition maintenance broken
* sf#4219 Table list (left panel) does not reload when table renamed
* sf#4230 "in use" displayed for all views in database print view
* sf#4226 Notice: Undefined index: pma_config_loading
* sf#4221 Bzip2 export cannot be directly imported (so withdraw bz2 export)
* sf#4204 Reloading user privileges hides user groups submenu
* sf#4231 DATE columns quick edit decrement by one day
-------------------------------------------------------------------
Wed Jan 8 14:02:09 UTC 2014 - ecsos@opensuse.org
- update to 4.1.4 (2014-01-07)
* sf#3840 (additional fix) When exporting to gzip format, the data is compressed 2 times
* sf#4209 Missing compression in one case
* sf#4208 Can't browse tables after sorting on columns with fieldnames that have a '-'
* sf#4184 Switch to wrong page after adding an index
* sf#3885 Additional fix for this bug
* sf#4212 Table "disappears" if it has the same name as its tablegroup
* sf#4213 Datetime Quick Edit decrements by one day
* sf#4217 Current value not highlighted when browsing foreign values
* sf#4220 Incorrect key values in foreign key browser
* sf#4215 MariaDB 5.5: error in Drizzle detection
-------------------------------------------------------------------
Wed Jan 1 16:36:22 UTC 2014 - andreas.stieger@gmx.de
- add source URL, see https://en.opensuse.org/SourceUrls
-------------------------------------------------------------------
Wed Jan 1 12:59:03 UTC 2014 - ecsos@opensuse.org
- update to 4.1.3 (2013-12-31)
* sf#3938 PDFDefaultPageSize doc and easy configurability
* sf#4198 Hovering over pie chart gives fatal JS error
* sf#4200 Missing syntax highlighting
* sf#4201 Exports are not compressed
* sf#4131 Import: "number of rows to skip" is ambiguous
* sf#4205 Add a user shows additional "edit user group" link
* sf#4202 Cannot read property 'token' of undefined
* sf#4203 On refreshing designer, $.FullScreen is undefined
* sf#3920 Lost space in navigation area
- Fix python-bytecode-inconsistent-mtime
-------------------------------------------------------------------
Mon Dec 23 23:47:24 UTC 2013 - ecsos@opensuse.org
- update to 4.1.2 (2013-12-23)
* sf#4178 Quick edit for BIT type does not work
* sf#2760 Warn about incomplete exports
* sf#4190 Fractional seconds cause row update even if the value is not changed
* sf#4170 Overflow scroll for table grid is not a good solution
* sf#2961 Relations settings not updated on config change
* sf#4187 SQL query inline edit doesn't post changes on the first run
* rfe #1465 Docs for connections to IPv6 only MySQL instances
* rfe #1468 [interface] No floating for server breadcrumb menu
-------------------------------------------------------------------
Tue Dec 17 17:27:05 UTC 2013 - ecsos@opensuse.org
- update to 4.1.1 (2013-12-17)
* sf#4154 Error using UNION query
* sf#4173 Transformations overview not reachable
* sf#4149 Js freezes in the management of replication
* sf#3903 Query fails when using aliases after ordering result
* sf#4181 Adding columns in table creation clears existing columns
* sf#4023 Requires wildcard EXECUTE/ALTER ROUTINE on DB to allow
Procedures to be executed by user
* sf#4186 Adding a column when creating a table does not propagate index info
* sf#4185 Unable to execute create procedure statement from query window
-------------------------------------------------------------------
Sun Dec 15 18:51:58 UTC 2013 - ecsos@opensuse.org
- update to 4.1.0 (2013-12-11)
* rfe #499 On user creation, warn if the user already exists
* Use indeterminate check all checkbox in server privileges
* Break server_status.php functions into smaller functions
* PMA_DBI functions in database_interface.lib.php renamed to be compliant with PEAR standards
* [interface] Make warning about existing config directory clearer
* rfe #1414 Allow specifying controlport
* PMA_DBI functions in database interface libraries renamed to be compliant with PEAR standards
* rfe #1412 Creating a view from an empty set of results
* Improved layout on db and table operations pages
* rfe #1410 Added support for AES_ENCRYPT for blob fields
* rfe #1423 Clarify option text for icon/text settings
* [interface] Upgraded CodeMirror to 3.x series
* rfe #1363 Improved query profiler
* [interface] rfe #1429 Better suggestion for database name
* rfe #1433 Support relations with ndbcluster
* sf#3962 Proper escaping of JSON export
* rfe #1382 Optional ReCAPTCHA support
* rfe #1434 Improvements to the table browsing navigation bar
* rfe #1233 and rfe #1283 Improvements to Relation View interface
* rfe #1397 Use fractional seconds in time, datetime, and timestamp
* rfe #175 Allow cross-database relations
* [core] Dropped support for PHP 5.2.
* rfe #487 and rfe #1405 Find and Replacing column wise
* rfe #1373 Use same create view dialog for editing a view
* rfe #316 Configurable menus; allow user groups with customized menus per group
* sf#4024 Editing field a record is selected by makes pma load forever
* sf#4035 Query "inline" link disappears when turning off "Explain SQL" option
* rfe #1385 Hide tables, functions, procedures, events and views in navigation tree
* rfe #1321 Export view as if it was a table
* Dropped configuration directive: SQP
* Dropped configuration directive: MySQLManual*
* rfe #1041 and bug #2954 Improved support for SSL connections between MySQL and phpMyAdmin
* sf#4056 Language: Vague error message when adding a varchar field
* [setup] rfe #1452 Use type="password" for server passwords
* rfe #1451 HTML5 input tag enhancements
* sf#1193 Text field too small when editing a row longer than $cfg['LimitChars']
* Privileges tab for table level
* sf#4068 Headline in operations not readable in IE10
* sf#4000 "Table does not contain unique column" message appears after adding a unique column
* rfe #1428 add 'new database' entry to nav tree
* rfe #1457 Stone Age icon found
* rfe #1463 Filter tables and databases by regular expression
* Change the proxy variable names in the config to remove the VersionCheck prefix from them
* Added an Error Reporting Component
* Javascript files are no longer uglified
* sf#4145 Config screen fails to validate MemoryLimit = -1 (new default)
* sf#4123 Double config including
* sf#4134 After deleting all rows on a page, it returns to a blank page
* Dropped configuration directive: DisableIS, ShowDatabasesCommand
* sf#4152 Not possible to enter % for search in date fields
* sf#3931 IN Clause search does not permit multiple values
* sf#4086 Clicking OK from edit popup opens new tab
* sf#2983 unknown table status: TABLE_TYPE
* sf#4030 ORDER BY SUM(`field`) does not sort DESC
* sf#4133 CSV import breaks when no blank line at end of file
* sf#4153 Unable to import if newline encoding is MAC style
* sf#4096 horizontal scrollbar should not overflow on the left column
* sf#4159 bug with navigation between database and table filter
* sf#4119 Huge session data with $cfg['Error_Handler']['gather']
* sf#4169 Table list jumps to table on click
* sf#4168 Rename multiple columns is not working
-------------------------------------------------------------------
Fri Dec 6 14:58:34 UTC 2013 - ecsos@opensuse.org
- update to 4.0.10 (2013-12-04)
* sf#4150 Clicking database name in query window opens a new tab
* sf#4141 Wrong page is shown after editing; also, do not show a modal
dialog for multi-row edit
* sf#3939 PHP NavigationTree error when paging through list
* sf#4075 Support A10 Networks load balancer
* sf#4083 row deleting isn't binlogs friendly
* sf#4163 Setup script does not recognize manually-configured server
* sf#4158 Events page says no privileges with ALL PRIVILEGES
-------------------------------------------------------------------
Sun Nov 10 12:59:02 UTC 2013 - ecsos@opensuse.org
- update to 4.0.9 (2013-11-04)
* sf#4104 Can't edit updatable view when searching
* sf#4108 Missing refresh by deleting databases
* sf#3995 Drizzle server charset notice
* sf#3911 Filtering database names includes empty groupings
* sf#3678 Does not display or manipulate bit(64) fields appropriately
* sf#4129 Unneeded navi panel refresh
* sf#4120 SSL redirects to port 80
* sf#4144 DROP DATABASE displays wrong database name
* sf#4059 Running delete query asks for confirmation but says it was already executed
* sf#4147 Accessibility: Images without Alt nor title attribute
-------------------------------------------------------------------
Mon Oct 7 15:36:07 UTC 2013 - ecsos@opensuse.org
- update to 4.0.8 (2013-10-06)
* sf#3988 Rename view is not working
* sf#4041 Interaction between linkified fields and grid editing
* sf#3975 Table grouping isn't implemented properly
* sf#4060 Browser tries to remember wrong password when creating new user
* sf#4002 Edit Index on big table doesn't show "Loading" or any message
* sf#4098 Default table tab is ignored
* sf#4099 Server/library difference warning: setting is ignored
* sf#4100 table tree group strategy
* sf#4102 ALTER TABLE ORDER BY and InnoDB
* sf#4103 Tracking report: cannot delete a statement
* sf#3996 Drizzle navigation doesn't expand
* sf#4074 GIS column editor: point not displayed
* sf#4109 Drizzle tables in navigation are shown as views
* sf#4095 NUL symbols added to the end of database dump file
* sf#4105 More disappears in table Structure
* sf#3992 Multi-row edit doesn't clear values when checking NULL
-------------------------------------------------------------------
Sun Sep 29 11:13:39 UTC 2013 - ecsos@opensuse.org
- update to 4.0.7 (2013-09-23)
* sf#3993 Sorting in database overview with statistics doesn't work
* bug Handle the situation where PHP_SELF is not set
* sf#4080 Overwrite existing file not obeyed
* sf#3929 Database-specific privileges are not copied when cloning user
* sf#3997 Error handling in case MySQL extension is missing
* sf#4089 Moving Columns will alter column definition
* sf#4091 Insert ignore option does not work
* sf#4090 Downloading BLOB downloads page template
* sf#4092 Clicking on table name in view of information_schema redirects to wrong page
* sf#4079 Copy Table Add AUTO_INCREMENT value checkbox not working
* sf#4088 MySQL server version at index.php incorrect w/ controlhost
* sf#4001 Import error: Class 'ImportOds' not found
* sf#3986 Missing DROP VIEW button
-------------------------------------------------------------------
Sat Sep 7 15:42:13 UTC 2013 - ecsos@opensuse.org
- update to 4.0.6 (2013-09-05)
* sf#4036 Call to undefined function mb_detect_encoding (clarify the doc)
* sf Missing hints when changing a column's structure
* sf#4048 Cannot select foreign value in Search
* sf#4025 gzip export is not actually compressed with mod_deflate
* sf#4054 query analysis doesn't launch in status monitor
* Add pmahomme icon credits (FamFamFam silk icon set)
* sf#4064 Table structure statistics "Space usage" caption too small for l10n
* sf#4051 Wrong tabindex when inserting rows
* sf#4066 varchar field not truncated in table browse mode
* rfe #1435 Opening database should expand it in the navigation menu
* (performance) Removed ShowTooltip directive
* sf#4046 Exporting huge Tables causes memory-Problems
-------------------------------------------------------------------
Wed Aug 7 12:09:45 UTC 2013 - chris@computersalat.de
- fix for bnc#833731
* PMASA-2013-10 (CVE-2013-5029 CWE-661 CWE-693)
http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php
-------------------------------------------------------------------
Mon Aug 5 21:51:23 UTC 2013 - obs@ladisch.de
- update to 4.0.5 (2013-08-04)
* sf#3977 Not detected configuration storage
* sf#3970 Pressing enter in the filter field reloads page
* sf#3984 Cannot insert in this table (PHP < 5.4)
* sf#3989 Reloading privileges does not update the interface
* sf#3960 NavigationBarIconic config not honored
* sf#3985 Call to undefined function mb_detect_encoding
* sf#4007 Analyze option not shown for InnoDB tables
* sf#4015 Forcing a storage engine for configuration storage
* bug Incorrect Drizzle 7 detection
* sf#4019 Create database if not exists (export): add an option to the
interface to enable generating CREATE DATABASE and USE (false by default)
* sf#4012 Crash on CSV file import
* sf#4009 Statistic Monitor shows only last 3 digits in graph
* sf#3998 Non-permanent SQL history not working
* sf#3578 Transformations for text/plain on a BLOB column
* [security] Improved protection against cross framing, see PMASA-2013-10
(CVE-2013-5029 CWE-661 CWE-693)
* Reinstated configuration directive: AllowThirdPartyFraming
- fix for bug sf#4038: PMASA-2013-8 not mentioned in 4.0.4.2 changes
- add CVEs to 4.0.4.2 changes
-------------------------------------------------------------------
Mon Jul 29 20:07:45 UTC 2013 - chris@computersalat.de
- fix for bnc#831896
* multiple XSS issues (+ a SQL injection and full path disclosure flaw)
* fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79)
* fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79)
* fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200)
* fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79)
* fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269)
- update to 4.0.4.2 (2013-07-28)
* [security] fix unescaped parameter, see PMASA-2013-8
* [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
* [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
* [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
* [security] Fix full path disclosure, see PMASA-2013-12
* [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15
* [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15
* [security] Fix self-XSS in schema export, see PMASA-2013-14
* [security] Fix unencoded json object, see PMASA-2013-11
* [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13
-------------------------------------------------------------------
Wed Jul 3 21:40:23 UTC 2013 - obs@ladisch.de
- update to 4.0.4.1 (2013-06-30)
* [security] Global variables scope injection vulnerability
(PMASA-2013-7, CVE-2013-4729)
-------------------------------------------------------------------
Tue Jun 18 22:29:34 UTC 2013 - ecsos@opensuse.org
- update to 4.0.4 (2013-06-17)
* sf#3959 Using DefaultTabDatabase in NavigationTree for Database Click
* sf#3961 Avoid Suhosin warning when in simulation mode
* sf#3897 Row Statistics and Space usage bugs
* sf#3966 Only display "table has no unique column" message when applicable
* sf#3960 NavigationBarIconic config not honored
* sf#3965 Default language wrong with zh-TW
* sf#3921 Call to undefined function PMA_isSuperuser() if default server is not set
* sf#3971 Ctrl/shift + click opens links in same window
* sf#3964 Import using https does not work
* fix bug Missing removeCRLF option in ExportCsv and ExportExcel plugins
* sf#3631 Drop not working Visio schema export.
* sf#3645 Better handling of invalid ODS documents
* sf#3976 Number of pages
* sf#3922 User privileges, database name unescaped
-------------------------------------------------------------------
Wed Jun 12 21:59:40 UTC 2013 - chris@computersalat.de
- fix changelog
* add missing 'fix for bnc#xxxxxx
-------------------------------------------------------------------
Thu Jun 6 16:27:24 UTC 2013 - ecsos@opensuse.org
- update to 4.0.3 (2013-06-05)
* sf#3941 Recent tables list always empty
* sf#3933 Do not translate "Open Document" in export settings
* sf#3927 List of tables is missing after expanding in the navigation frame
* sf#3942 Warnings about reserved word for many non reserved words
* sf#3912 Exporting row selection, resulted by ORDER BY query
* sf#3957 Cookies must be enabled past this point
* sf#3956 "Browse foreign values" search filter / page selector not working
* sf#3579 NOW() function incorrectly selected (partial regression)
* [security] Javascript execution vulnerability in Create view,
reported by Maxim Rupp (see PMASA-2013-6)
- fix for bnc#824306
* PMASA-2013-6 (CVE-2013-3242)
-------------------------------------------------------------------
Sat May 25 17:33:09 UTC 2013 - ecsos@opensuse.org
- update to 4.0.2 (2013-05-24)
* sf#3902 Cannot browse when table name contains keyword "call"
* center loading indicator for navigation refresh, related to bug #3920
* sf#3925 Table sorting in navigation panel is case-sensitive
* sf#3915 Import of CSV file (Replace table data with file) with duplicate values
* sf#3907 undefined variables, function parameter problems
* sf#3898 Structure not refreshed after column drop
* sf#3926 View is not updatable
* sf#3919 PropertiesIconic not honored
* sf#3930 Databases to choose for specific privileges show up escaped
* sf#3910 Export database with empty table as a php array, does not produce valid PHP
* sf#3936 Query profiler chart not loading from SQL Query page
* sf#3946 Missing CSV import option "Do not abort on INSERT error"
* sf#3943 Missing Operations>Table options>AUTO_INCREMENT
* bug Missing CREATE DATABASE statement when exporting at database level
* sf#3924 Show warning when CSV file does not contain data for all columns
* sf#3947 Missing Sql Query after modify structure
* sf#3948 Server export problems
* sf#3917 CountTables directive is deprecated
-------------------------------------------------------------------
Wed May 15 08:00:00 UTC 2013 - ecsos@opensuse.org
- update to 4.0.1.0 (2013-05-14)
* sf#3879 Import broken for CSV using LOAD DATA
* sf#3889 When login fails and error display is active, login data is displayed
* sf#3890 [import] Web server upload directory import fails
* sf#3891 [import] Server upload folder import file name missing in success message
* rfe #1421 [auth] Add retry button on connection failure with config auth
* sf#3894 [interface] Provide feedback if no columns selected for multi-submit
* sf#3799 [interface] Incorrect select field change on ctrl key navigation in Firefox
* sf#3885 [browse] display_binary_as_hex option causes unexpected behavior
* sf#3899 Git commit links to Github missing
* sf#3900 CSP WARN in Firefox console
* sf#3901 Setup script warning for config auth (stored login data) shows link BBcode
* sf#3895 [browse] Fixed getting BLOB data
* sf#3905 [export] Custom Exporting exports all databases
* sf#3909 [import] Import of CSV FIle to selected table doesn't work
* sf#3904 Browsing an empty table should not display its Structure
* sf#3908 Calendar widget improperly redirects to home
* sf#3918 Greyed out tabs when there are no rows fixed
* sf#3916 [interface] Missing scrollbar (original theme)
* [vendor] add tcpdf path to vendor_config.php
* bug fix compat with tcpdf >= 6.0 (tested with 6.0.012)
-------------------------------------------------------------------
Fri May 3 17:32:42 UTC 2013 - ecsos@opensuse.org
- update to 4.0.0 (2013-05-03)
* Patch #3481047 for rfe #3480477 Insert as new row enhancement
* Patch #3480999 Activate codemirror in the query window
* Patch #3495284 XML Import - fix message and redirect
* rfe #3484063 Null checkbox behavior
* Patch #3497179 Contest-5: Add user: Allow create DB w/same name + grant u_%
* Patch #3498201 Contest-6: Export all privileges
* Patch #3502814 for rfe #3187077 Change password buttons should match
* rfe #3488640 Expand table-group in non-light navigation frame if only one
* Patch #3509360 Contest-3: Option "Truncate table" before "insert"
* Patch #3506552 Contest-2: Show index information in the data dictionary
* Patch #3510656 Contest-1: Ignoring foreign keys while dropping tables
* sf#3509686 Reverting sort on joined column does not work
* New transformation: append string
* rfe #3507804 Session upload progress (PHP 5.4)
* rfe #3488185 draggable columns vs copy column name
* Patch #3507001 Contest-4: Textarea for large character columns
* Removed the PHP version of the ENUM editor
* Patch #3507111 Display distinct results, linked to corresponding data rows
* sf#3507917 [export] JSON has unescaped values for allegedly numeric columns
* rfe #3516187 show tables creation, last update, last check timestamps in db_structure
* sf#3059806 Supporting running from CIFS/Samba shares
* sf#3516341 [export] Open Document Text, Word and Texy! Text show table structure twice
* sf [export] Texy! Text: Columns containing Pipe Character don't export properly
* [export] Show triggers in Open Document Text, Word and Texy! Text
* Patch #3415061 [auth] Login screen appears under the page
* rfe #3517354 [interface] Allow disabling CodeMirror with $cfg['CodemirrorEnable'] = false
* rfe #3475567 [interface] New directive $cfg['HideStructureActions']
* sf#3468272 [import] Fixed import of ODS with more paragraphs in a cell
* sf#3510196 [core] Improved redirecting with ForceSSL option
* rfe #3518852 [edit] edit blob but not other binary, new option $cfg['ProtectBinary'] = 'noblob'
* Hide language select box if there are no locales installed
* Removed some directives: verbose_check, SuggestDBName, LightTabs,
VerboseMultiSubmit, ReplaceHelpImg
* Patch #3500882 Fixing checkbox behaviour while editing identical rows
* rfe #3441722 [interface] Display description of datatypes
* rfe #3517835 [structure] Move columns easily
* Ajaxified "Create View" functionality
* [import] New plugin: import mediawiki
* New navigation system
* Discontinued the use of a frame-based layout
* rfe #3528994 [interface] Allow wrapping possibly long values in replication-status table
* [interface] Autoselect username input on cookie login page
* sf#3563799 [interface] Grid editing destroying huge amount of data
* [import] Remove support for the unactive docSQL import format
* sf#3577443 [edit] "Browse foreign values" does not show on ajax edit
* rfe #3522109 [browse] Grid editing: action to trigger it (or disable)
* sf#3526598 [interface] SQL query not shown when creating table
* Dropped configuration directive: AllowThirdPartyFraming
* Dropped configuration directive: LeftFrameLight
* Dropped configuration directive: DisplayDatabasesList
* Dropped configuration directives: ShowTooltipAliasDB and ShowTooltipAliasTB
* Dropped configuration directive: NaviDatabaseNameColor
* Added configuration directive: MaxNavigationItems
* Renamed configuration directive: LeftFrameDBTree => NavigationTreeEnableGrouping
* Renamed configuration directive: LeftFrameDBSeparator => NavigationTreeDbSeparator
* Renamed configuration directive: LeftFrameTableSeparator => NavigationTreeTableSeparator
* Renamed configuration directive: LeftFrameTableLevel => NavigationTreeTableLevel
* Renamed configuration directive: LeftPointerEnable => NavigationTreePointerEnable
* Renamed configuration directive: LeftDefaultTabTable => NavigationTreeDefaultTabTable
* Renamed configuration directive: LeftDisplayTableFilterMinimum => NavigationTreeDisplayTableFilterMinimum
* Renamed configuration directive: LeftDisplayLogo => NavigationDisplayLogo
* Renamed configuration directive: LeftLogoLink => NavigationLogoLink
* Renamed configuration directive: LeftLogoLinkWindow => NavigationLogoLinkWindow
* Renamed configuration directive: LeftDisplayServers => NavigationDisplayServers
* Renamed configuration directive: LeftRecentTable => NumRecentTables
* Renamed configuration directive: LeftDisplayDatabaseFilterMinimum => NavigationTreeDisplayDbFilterMinimum
* Removed the "Mark row on click" feature; must now click the checkbox to mark
* Removed the "Synchronize" feature
* Improved layout of server variables page
* rfe #1052091 [config] Double-underscores in PMA table names
* Improved the "More" dropdown on the table structure page
* [interface] Added "scroll to top" link in menubar
* [designer] Fullscreen mode for the designer
* Upgraded jquery to v1.8.3 and jquery-ui to v1.9.2
* Patch #3597529 [status] Add raw value as title on server status page
* Support MySQL 5.6 partitioning
* Removed the AjaxEnable directive
* rfe #3542567 Accept IPv6 ranges and IPv6 CIDR notations in $cfg['Servers'][$i]['AllowDeny']['rules']
* sf#3576788 Grid editing shows the value before silent truncation
* Upgraded jqPlot to 1.0.4 r1121
* Upgraded to jquery-ui-timepicker-addon 1.1.1
* rfe #3599046 [interface] Added comments for indexes
* Replaced qtip with jQuery UI tooltip
* Upgraded CodeMirror to 2.37
* sf#2951 [export] Correctly export decimal fields.
* sf#3762 [core] Make Advisor work on Windows withou COM extension.
* sf#3519 [export] Prevent infinite recursion in PDF export.
* sf#3827 Table specific privileges not displayed for db name containing underscore
* rfe #1386 Add IF NOT EXISTS clause when copying database
* No longer package .travis.yml configuration file when creating a release.
* sf#3830 Can't export custom query because it lowercases table names
* sf#3829 Enabling query profiling crashes javascript based navigation
* rfe #879 Reserved word warning
* Remove the database ordering sub-feature of the only_db directive
* sf#3840 When exporting to gzip format, the data is compressed 2 times
* rfe #1319 Permit to create index when creating foreign key
* sf#3703 Incorrect updating of the list of users
* sf#3853 Blowfish implementation might be broken (replace with phpseclib)
* sf#3865 Using like operator on each backslash needs 4 backslash protection
* sf#3860 Displayed git revision info is not set
* sf#3871 Check referential integrity broken across databases
* sf#3874 [export] No preselected option when exporting table
* sf#3873 Can't copy table to target database if table exists there
* sf#3683 Incorrect listing of records from to count
* sf#3876 [import] PHP 5.2 - unexpected T_PAAMAYIM_NEKUDOTAYIM
* [security] Local file inclusion vulnerability, reported by Janek Vind
(see PMASA-2013-4)
* [security] Global variables overwrite in export.php, reported by Janek Vind
(see PMASA-2013-5)
* sf#3892 [export] SQL Export files are empty
- fix for bnc#824304
* PMASA-2013-4 (CVE-2013-3240)
- fix for bnc#824305
* PMASA-2013-5 (CVE-2013-3241)
-------------------------------------------------------------------
Wed Apr 24 22:41:50 UTC 2013 - ecsos@opensuse.org
- update to 3.5.8.1 (2013-04-24)
* [security] Remote code execution (preg_replace), reported by Janek Vind
(see PMASA-2013-2)
* [security] Locally Saved SQL Dump File Multiple File Extension Remote Code
Execution, reported by Janek Vind (see PMASA-2013-3)
- fix for bnc#824301
* PMASA-2013-2 (CVE-2013-3238)
- fix for bnc#824302
* PMASA-2013-3 (CVE-2013-3239)
-------------------------------------------------------------------
Mon Apr 8 18:33:29 UTC 2013 - ecsos@opensuse.org
- update to 3.5.8 (2013-04-08)
* sf#3828 MariaDB reported as MySQL
* sf#3854 Incorrect header for Safari 6.0
* sf#3705 Attempt to open trigger for edit gives NULL
* Use HTML5 DOCTYPE
* [security] Self-XSS on GIS visualisation page, reported by Janek Vind
see PMASA-2013-1
* sf#3800 Incorrect keyhandler behaviour #2
- fix for bnc#814678
* PMASA-2013-1 (CVE-2013-1937)
-------------------------------------------------------------------
Fri Mar 15 19:51:32 UTC 2013 - chris@computersalat.de
- update to 3.5.7.0 (2013-02-15)
* sf#3779 [core] Problem with backslash in enum fields
* sf#3816 Missing server_processlist.php
* sf#3821 Safari: white page
* Correct detection of the Chrome browser
-------------------------------------------------------------------
Mon Feb 4 17:34:24 CET 2013 - draht@suse.de
- update to 3.5.6.0 (2013-01-28)
* sf#3593604 [status] Erroneous advisor rule
* sf#3596070 [status] localStorage broken in server status monitor
* sf#3598736 [routines] Editing a procedure with special characters
* sf#3600322 [core] Visualize GIS data throws Fatal Error
* sf#3599362 [core] Double-escaped error message
* sf#3776 [cookies] Login without auth on second server
-------------------------------------------------------------------
Wed Jan 16 23:17:50 UTC 2013 - chris@computersalat.de
- update to 3.5.5.0 (2012-12-21)
* sf#3563824 [export] Support Apache's mod_deflate
* sf#3585523 [interface] Inline query editing broken after row update
* sf#3586389 [setup] Cannot switch language in /setup
* sf#3585695 [CSS] Font size in inline query editor is way too big
* sf#3588354 [l10n] Portuguese Language not displaying correctly
* sf#3591412 [status] Live charts don't work for non-default server
* sf[core] Proxy ajax calls to pma.net to avoid browser notices
* sf#3593534 [tracking] Structure Snapshot on tracked view renders
invalid SQL
* sf#3544366 [events] Event comments not saved
-------------------------------------------------------------------
Sat Dec 15 15:23:00 UTC 2012 - chris@computersalat.de
- update to 3.5.4.0 (2012-11-16)
* sf#3570212 [edit] uuid_short() is a no-arguments function
* sf#3569577 [edit] Add routine parameter headers not valid for
"function"
* sf#3575799 [search] Various search operators not working as
expected
* sf#3576322 [search] Invalid select query generated for tables with
ENUM fields
* sf#3577468 [display] Incorrect imagejpeg Syntax Breaks Image
Transformation
* sf#3578776 [search] Editing SQL not possible when no records found
* sf#3571970 [interface] Display chart and number of rows to plot
* sf#3582631 [core] Wrong redirect url caused cookies error with
ForceSSL
-------------------------------------------------------------------
Mon Nov 5 11:40:16 UTC 2012 - chris@computersalat.de
- update to 3.5.3.0 (2012-10-08)
* sf#3539044 [interface] Browse mode "Show" button gives blank page
if no results anymore
* sf#3534979 [interface] Copy Database Ajax feedback vanishes long
before copying is done
* sf#3527531 [interface] GC-maxlifetime warning incorrectly
displayed
* sf#3526916 [interface] Search fails with JS error when tooltips
disabled
* sf#3544366 [interface] Event comments not saved
* sf#3549084 [edit] Can't enter date directly when editing inline
* sf#3548491 [interface] Inline query editor doesn't work from
search results
* sf#3547825 [edit] BLOB download no longer works
* sf#3541966 [config] Error in generated configuration arrray
* sf#3553551 [GUI] Invalid HTML code in multi submits confirmation
form
* [interface] Designer sometimes places tables on the top menu
* sf#3546277 [core] Call to undefined function __() when config file
has wrong permissions
* sf#3540922 [edit] Error searching table with many fields
* sf#3555104 [edit] Cannot copy a DB with table and views
* sf#3559925 [privileges] Incorrect updating of the list of users
* sf#3561224 [edit] cell edit date field with empty date fills in
current date
* sf#3559955 [edit] current_date from function drop down fails on
update
* sf#3562472 add support for Solaris and FreeBSD system load and
memory display in server status
* sf#3553068 [import] Table import from XML file fails
* replace Highcharts with jqplot for Display chart
* sf#3567684 [edit] Pasting value doesn't clear null checkbox
* sf#3570786 [edit] Datepicker for date and datetime fields is
broken
- fix for bnc#788103
* PMASA-2012-6 (CVE-2012-5339)
o http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php
* PMASA-2012-7 (CVE-2012-5368)
o http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php
-------------------------------------------------------------------
Tue Aug 21 14:30:51 UTC 2012 - chris@computersalat.de
- update to 3.5.2.2 (2012-08-12)
- [security] Fixed XSS vulnerabilities,
see PMASA-2012-4
- update to 3.5.2.1 (2012-08-03)
- [security] Fixed local path disclosure vulnerability,
see PMASA-2012-3
- fix for bnc#776701
* PMASA-2012-4 (CVE-2012-4345)
- fix for bnc#776698
* PMASA-2012-3 (CVE-2012-4219)
-------------------------------------------------------------------
Sun Jul 8 15:52:13 UTC 2012 - chris@computersalat.de
- udpate to 3.5.2 (2012-07-07)
* bug sf#3521416 [interface] JS error when editing index
* bug sf#3521313 [core] Call to undefined function __()
* bug sf#3521016 [edit] NOW() function incorrectly selected
* bug [GUI] Invalid HTML code on transformation_overview.php
* bug sf#3522930 [browse] Missing validation in Ajax mode
* bug Fix popup message on build SQL of import
* bug sf#3523499 [core] Make X-WebKit-CSP work better
* replace Highcharts with jqplot for query profiling, zoom search
* bug sf#3531584 [interface] No form validation in change password
dialog
* bug sf#3531585 [interface] Broken password validation in copy user
form
* bug sf#3531586 [unterface] Add user form prints JSON when user
presses enter
* bug sf#3534121 [config] duplicate line in config.sample.inc.php
* bug sf#3534311 [interface] Grid editing incorrectly parses
ENUM/SET values
* bug sf#3510196 [core] More clever URL rewriting with ForceSSL
- rebase config patch
-------------------------------------------------------------------
Sun Jun 3 22:00:45 UTC 2012 - chris@computersalat.de
- update to 3.5.1.0 (2012-05-03)
* bug sf#3510784 [edit] Limit clause ignored when sort order is
remembered
* bug sf#3511471 [interface] View name not seen in navi panel
(MySQL 5.1)
* bug sf#3512916 [display] Right frame reloads after displaying SQL
result(zero rows)
* bug [interface] Fixed missing Codemirror for inline query edit
when exporting a result set
* bug sf#3514490 [auth] Multiple Navigation panels bug still present
* bug sf#3515181 [users] Error in create user + underscore + create
database
* bug sf#3515666 [display] Profiling chart shows wrong data
* bug sf#3516037 [auth] JS includes missing in auth config error page
* bug sf#3516183 [display] Missing image extension
* bug [display] Added missing icons in original theme
* bug sf#3516761 [edit] Query error after search
* bug sf#3516405 [display] Chart title is getting wrong within chart
export
* bug sf#3517021 [interface] Header links except 'More' hide after
closing dialog
* bug sf#3516817 [interface] "More" actions in table structure
* bug sf#3518484 [privileges] PMA_sqlAddSlashes() does not quote the
table names correctly
* bug sf#3518983 [designer] Error messages do not appear in the
Designer
* bug sf#3519747 [interface] Suhosin patch warning incorrectly
displayed
* bug sf#3520107 [interface] Server status page: Incorrect dialog box
titles
* bug sf#3516089 [structure] DROP does not work on defective VIEWs
- rebase config patch
* remove version from patch name
* add missing options
-------------------------------------------------------------------
Thu Apr 26 19:49:16 UTC 2012 - chris@computersalat.de
- update to 3.4.11.0
* bug sf#3486970 [import] Exception on XML import
* bug sf#3488777 [navi] $cfg['ShowTooltipAliasTB'] and blank names
in navigation
* bug sf#3512565 [navi] Fixed missing word "Rows" in table list
tooltip after click
-------------------------------------------------------------------
Mon Apr 2 10:14:55 UTC 2012 - chris@computersalat.de
- update to 3.4.10.2 (fix for bnc#755211)
- [security] Fixed local path disclosure vulnerability,
see PMASA-2012-2
http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php
-------------------------------------------------------------------
Thu Feb 23 12:45:22 UTC 2012 - chris@computersalat.de
- fix changelog
* rename bugs , patches ("{bug,patch} #....") to fit into
bug naming scheme -> "sf#...."
-------------------------------------------------------------------
Mon Feb 20 09:50:54 UTC 2012 - chris@computersalat.de
- update to 3.4.10.1 (fix for bnc#747841)
* [security] XSS in replication setup, see PMASA-2012-1
- 3.4.10.0 (2012-02-14)
* sf#3460090 [interface] TextareaAutoSelect feature broken
* sf#3375984 [export] PHP Array export might generate invalid php
code
* sf#3049209 [import] Import from ODS ignores cell that is the same
as cell be fore
* sf#3463933 [display] SELECT DISTINCT displays wrong total records
found
* sf#3458944 [operations] copy table data missing
SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO'
* sf#3469254 [edit] Setting data to NULL and drop-downs
* sf#3477063 [edit] Missing set fields and values in generated
INSERT query
* sf#3460867 [libraries] license issue with TCPDF
(updated to 5.9.145), (fix for bnc#736698)
-------------------------------------------------------------------
Wed Dec 28 13:41:55 UTC 2011 - chris@computersalat.de
- update to 3.4.9
- sf#3442028 [edit] Inline editing enum fields with null shows no dropdown
- sf#3442004 [interface] DB suggestion not correct for user with underscore
- sf#3438420 [core] Magic quotes removed in PHP 5.4
- sf#3398788 [session] No feedback when result is empty (signon auth_type)
- sf#3384035 [display] Problems regarding ShowTooltipAliasTB
- sf#3306875 [edit] Can't rename a database that contains views
- sf#3452506 [edit] Unable to move tables with triggers
- sf#3449659 [navi] Fast filter broken with table tree
- sf#3448485 [GUI] Firefox favicon frameset regression
- [core] Better compatibility with mysql extension
- [security] Self-XSS on export options (export server/database/table),
see PMASA-2011-20
- [security] Self-XSS in setup (host parameter), see PMASA-2011-19
- fix for bnc#738411
* PMASA-2011-19 (CVE-2011-4780)
* PMASA-2011-20 (CVE-2011-4782)
- rework config patch
-------------------------------------------------------------------
Fri Dec 16 08:34:11 UTC 2011 - chris@computersalat.de
- fix changelog
* add missing info for bnc#736772
- fix fdupes
* reduce fdupes to affected files only (./libraries,./themes)
-------------------------------------------------------------------
Tue Dec 13 14:25:45 UTC 2011 - chris@computersalat.de
- update to 3.4.8
- sf#3425230 [interface] enum data split at space char (more space to edit)
- sf#3426840 [interface] ENUM/SET editor can't handle commas in values
- sf#3427256 [interface] no links to browse/empty views and tables
- sf#3430377 [interface] Deleted search results remain visible
- sf#3428627 [import] ODS import ignores memory limits
- sf#3426836 [interface] Visual column separation
- sf#3428065 [parser] TRUE not recognized by parser
+ sf#3433770 [config] Make location of php-gettext configurable
- sf#3430291 [import] Handle conflicts in some open_basedir situations
- sf#3431427 [display] Dropdown results - setting NULL does not work
- sf#3428764 [edit] Inline edit on multi-server configuration
- sf#3437354 [core] Notice: Array to string conversion in PHP 5.4
- [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the
view name in main panel db Structure page
- sf#3439292 [core] Fail to synchronize column with name of keyword
- sf#3425156 [interface] Add column after drop
- [interface] Avoid showing the password in phpinfo()'s output
- sf#3441572 [GUI] 'newer version of phpMyAdmin' message not shown in IE8
- sf#3407235 [interface] Entering the key through a lookup window does not
reset NULL
- [security] Self-XSS on database names (Synchronize), see PMASA-2011-18
- [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18
- [security] Self-XSS on column type (Create index), see PMASA-2011-18
- [security] Self-XSS on column type (table Search), see PMASA-2011-18
- [security] Self-XSS on invalid query (table overview), see PMASA-2011-18
- fix for bnc#736772 (CVE-2011-4634, PMASA-2011-18)
-------------------------------------------------------------------
Mon Nov 14 20:22:30 UTC 2011 - chris@computersalat.de
- update to 3.4.7.1 (fix for bnc#728243)
- [security] Fixed possible local file inclusion in XML import
(CVE-2011-4107), see PMASA-2011-17
http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php
-------------------------------------------------------------------
Wed Oct 26 10:49:15 UTC 2011 - chris@computersalat.de
- update to 3.4.7
- sf#3418610 [interface] Links in navigation when
$cfg['MainPageIconic'] = false
- sf#3418849 [interface] Inline edit shows dropdowns even after closing
- bug [view] View renaming did not work
- bug [navi] Wrong icon for view (MySQL 5.5)
- sf#3420229 [doc] Missing documentation section
- sf#3423725 [pdf] Broken PDF file when exporting database to PDF
- [core] Allow to set language in URL
- sf#3425184 [doc] Fix links to PHP documentation
- sf#3426031 [export] Export to bzip2 is not working
- 3.4.6.0 (2011-10-16)
- sf#3404173 InnoDB comment display with tooltips/aliases
- sf#3404886 [navi] Edit SQL statement after error
- sf#3403165 [interface] Collation not displayed for long enum fields
- sf#3399951 [export] Config for export compression not used
- sf#3400690 [privileges] DB-specific privileges won't submit
- sf#3410604 [config] Configuration storage incorrect suggested table name
- sf#3383572 [interface] Cannot execute saved query
- sf#3411535 [display] Full text button unchecks results display options
- sf#3411224 [display] Broken binary column when 'Show binary contents'
is not set
- sf#3411633 [core] Call to undefined function PMA_isSuperuser()
- sf#3413743 [interface] Display options link missing after search
- sf#3324161 [core] CSP policy causing designer JS buttons to fail
- sf#3412862 [relation] Relations/constraints are dropped/created
on every change
- sf#3390832 [display] Delete records from last page breaks search
- sf#3392150 [schema] PMA_User_Schema::processUserChoice() is broken
- sf#3414744 [core] External link fails in 3.4.5
- sf#3314626 [display] CharTextareaRows is not respected
- sf#3417089 [synchronize] Extraneous db choices
- [security] Fixed local path disclosure vulnerability, see PMASA-2011-15
- [security] Fixed XSS in setup (host/verbose parameter), see PMASA-2011-16
-------------------------------------------------------------------
Tue Oct 4 21:36:48 UTC 2011 - chris@computersalat.de
- update to 3.4.5
- sf#3375325 [interface] Page list in navigation frame looks odd
- sf#3313235 [interface] Error div misplaced
- sf#3374802 [interface] Comment on a column breaks inline editing
- sf#3383711 [display] Order by a column in a view doesn't work
in some cases
- sf#3386434 [interface] Add missing space to server status
- [core] Remove library PHPExcel, due to license issues
- [export] Remove native Excel export modules (xls and xlsx formats)
- [import] Remove native Excel import modules (xls and xlsx formats)
- sf#3392920 [edit] BLOB emptied after editing another column
- [security] Fixed XSS in Inline Edit on save action, see PMASA-2011-14
- [security] Fixed XSS with db/table/column names, see PMASA-2011-14
-------------------------------------------------------------------
Sat Aug 27 17:17:27 UTC 2011 - chris@computersalat.de
- update to 3.4.4
- sf#3323060 [parser] SQL parser breaks AJAX requests if query has unclosed
quotes
- sf#3323101 [parser] Invalid escape sequence in SQL parser
- sf#3348995 [config] $cfg['Export']['asfile'] set to false does not select
as Text option
- sf#3340151 [export] Working SQL query exports error page
- sf#3353649 [interface] "Create an index on X columns" form not validated
- sf#3350790 [interface] JS error in Table->Structure->Index->Edit
- sf#3353811 [interface] Info message has "error" class
- sf#3357837 [interface] TABbing through a NULL field in the inline mode
resets NULL
- remove version number in /setup
- sf#3367993 [usability] Missing "Generate Password" button
- sf#3363221 [display] Missing Server Parameter on inline sql query
- sf#3367986 [navi] Drop field -> lost active table
- remove misleading comment on the "Rename database" interface
- sf#3374374 [interface] Fix footnote for inexact count while browsing
- sf#3372807 [interface] Fix security warning link in setup
- sf#3374347 [display] Backquotes in normal text on import page
- sf#3358750 [core] With Suhosin, urls are too long in edit links
- [security] Missing sanitization on the table, column and index names leads to
XSS vulnerabilities, see PMASA-2011-13
-------------------------------------------------------------------
Fri Jul 29 14:57:01 UTC 2011 - chris@computersalat.de
- update to 3.4.3.2
o PMASA-2011-9 to PMASA-2011-12
http://www.phpmyadmin.net/home_page/security/
-------------------------------------------------------------------
Mon Jul 4 13:27:10 UTC 2011 - chris@computersalat.de
- update to 3.4.3.1
- [security] Fixed possible session manipulation in swekey
authentication, see PMASA-2011-5
- [security] Fixed possible code injection incase session variables
are compromised, see PMASA-2011-6
- [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
- [security] Fixed filtering of a file path, which allowed for
directory traversal, see PMASA-2011-8
- 3.4.3.0 (2011-06-27)
- sf#3311170 [sync] Missing helper icons in Synchronize
- sf#3304473 [setup] Redefine a lable that was wrong
- sf#3304544 [parser] master is not a reserved word
- sf#3307616 [edit] Inline edit updates multiple duplicate rows
- sf#3311539 [edit] Inline edit does not escape backslashes
- sf#3313210 [interface] Columns class sometimes changed for nothing
- sf#3313326 [interface] Some tooltips do not disappear
- sf#3315720 [search] Fix search in non unicode tables
- sf#3315741 [display] Inline query edit broken
- sf#3317206 [privileges] Generate password option missing on new accounts
- sf#3317293 [edit] Inline edit places HTML line breaks in edit area
- sf#3319466 [interface] Inline query edit does not escape special characters
- minor XSS (require a valid token)
- add restart_on_update apache to post
-------------------------------------------------------------------
Wed Jun 22 09:01:52 UTC 2011 - chris@computersalat.de
- fix changelog
o update to 3.4.2.0 -> update to 3.4.2
- fix bnc#697748 (suhosin customization)
o moved from spec's %post to http_conf file
-------------------------------------------------------------------
Thu Jun 09 14:41:00 UTC 2011 - jweberhofer@weberhofer.at
- update to 3.4.2
- sf#3301249 [interface] Iconic table operations does not remove inline edit label
- sf#3303869 [interface] Unnecessary scrolling on Databases page
- sf#3303813 [setup] Define a label that was missing
- sf#3305606 [interface] Show all button wraps on privileges page
- sf#3305517 [config] Config for export compression not used
- sf#3305883 [interface] Table is dropped regardless of confirmation
- [auth] Fixed error handling for signon auth method.
- sf#3276001 [core] Avoid caching of index.php.
- sf#3306958 [interface] Unnecessary Details slider
- sf#3308476 [interface] "Show all" not persistent after a sort
- sf#3308072 [auth] Version disclosure to anonymous visitors
- sf#3306981 [interface] pmahomme and table statistics
-------------------------------------------------------------------
Tue May 24 16:06:05 UTC 2011 - chris@computersalat.de
- update to 3.4.1
- bug sf#3301108 [interface] Synchronize and already configured host
- bug sf#3302457 Inline edit and $cfg['PropertiesIconic']
- Patch #3302313 Show a translated label
- bug sf#3300981 [navi] Table filter is case sensitive
- bug sf#3285929 [privileges] Revert temporary fix
- bug sf#3302872 [synchronize] Synchronize and user name
- bug sf#3302733 [core] Some browsers report an insecure https connection
- [security] Make redirector require valid token
- rework config patch
- removed 3.3.8, added 3.4.1 config patch
- added conftrib to doc
- mod post section
o modify suhosin.ini
-------------------------------------------------------------------
Sat Mar 19 19:17:57 UTC 2011 - chris@computersalat.de
- update to 3.3.10
- patch sf#3147400 [structure] Aria table size printed as unknown,
thanks to erickoh75 - erickoh75
- patch sf#3150164 [structure] Ordering by size gives incorrect results,
thanks to Madhura Jayaratne - madhuracj
- bug sf#3153409 [core] 0 row(s) affected
- bug sf#3155842 [core] Edit relational page and page number
- [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10
- [lang] German update, thanks to jannicars@users.sourceforge.net.
-------------------------------------------------------------------
Wed Feb 23 12:10:46 UTC 2011 - chris@computersalat.de
- update to 3.3.9.2
- [security] SQL injection, see PMASA-2011-2
- 3.3.9.1 (2011-02-08)
- [security] Path disclosure, see PMASA-2011-1
- add macros for ap_usr, ap_grp
- fix perm on sysconfdir
o 0750,root,www
-------------------------------------------------------------------
Thu Jan 27 20:14:40 UTC 2011 - chris@computersalat.de
- update to 3.3.9
- bug [doc] Fix references to MySQL doc
- sf#3101490 Default function for TIMESTAMP, thanks to jirand - jirand
- sf#3103853 [js] Double quotes were not escaped in generated js
- sf#3077463 [core] Events were not copied when copying/renaming database
- sf#1762306 [core] Copy database with view of a view
- sf#3117535 [replication] Add quotes to database in initial statement,
thanks to Craig Duncan - duncan3dc
- sf#3112614 [pdf schema] Scratchboard for PDF pages not working
- sf#3125606 [parser] Query for table "level" causes strange display
- sf#3127904 [parser] Close all opened round brackets indents
- removed Authors from spec
-------------------------------------------------------------------
Fri Dec 3 23:04:41 UTC 2010 - chris@computersalat.de
- update to 3.3.8.1
- sf#3115519 (private) [security] XSS on db search, see PMASA-2010-8
- rework config patch
o add AllowNoPassword
-------------------------------------------------------------------
Wed Oct 27 10:23:50 UTC 2010 - javier@opensuse.org
- update to 3.3.8
- sf#3059311 [import] BIGINT field type added to table analysis
- [core] Update library PHPExcel to version 1.7.4
- sf#3062455 [core] copy procedures and routines before tables
- sf#3062455 [export] with SQL, export procedures and routines before tables
- sf#3056023 [import] USE query not working
- sf#3038193 [display] Error when editing row with GEOMETRY column
- sf#3062454 [interface] Display routines/events also when no tables are defin
ed
- support ARIA storage engine as well as its previous name MARIA
-------------------------------------------------------------------
Wed Sep 22 14:03:14 CEST 2010 - mcihar@suse.cz
- update to 3.3.7
-------------------------------------------------------------------
Wed Jul 7 14:48:50 UTC 2010 - chris@computersalat.de
- update to version 3.3.4
- sf#2996161 [import] properly escape import value
- sf#2998889 [import] Import button does not work in Catalan
- [browse] Fix handling of sort order if only column is specified.
+ [lang] Greek update, thanks to Panagiotis Papazoglou - panos78
+ [lang] Updated lot of translation based on work done in master branch.
- sf#3008411 [databases] Last dropped database remains active in navi
- sf#2986383 [parser] Not all data being shown / counted
- bug [synchronize] Rows were deleted in target table regardless of the
"Would you like to delete..." option
- bug [privileges] List of tables not shown when the db name has a wildcard
- sf#3011126 [display] Edit link missing after long query
- sf#3013264 [doc] FAQ 1.40 uses a comma instead of a period,
thanks to Isaac Bennetch - ibennetch
- [engines] Fix getting InnoDB status.
- sf#2986422 [import] Results for query are not displayed
-------------------------------------------------------------------
Fri May 21 16:59:50 UTC 2010 - chris@computersalat.de
- update to version 3.3.3
- sf#2982480 [navi] Do not group if there would be one table in group
- sf#2983492 [sync] When asking to synchronize Structure and Data,
only Structure is done
- sf#2984893 [engines] InnoDB storage page emits a warning
- sf#2974687, sf#2974692 [compatibility] PHPExcel : IBM AIX iconv() does not work
- sf#2983066 [interface] Flush table on table operations shows the query twice
- sf#2983060, sf#2987900 [interface] Fix initial state of tables in
designer
- sf#2983062, sf#2989408 [engines] Fix warnings when changing table
engine to Maria
- sf#2974067 [display] non-binary fields shown as hex
- sf#2983065 [operations] Error when changing from Maria to MyISAM engine
- sf#2975408 [tracking] Data too long for column data_sql
- bug [tracking] Tracking report should obey MaxCharactersInDisplayedSQL
- bug [edit] Avoid selecting UNHEX function by default for a BLOB column for
which editing is protected
- sf#2994168 [structure] Show auto_increment in uppercase
- sf#2993970 [pdf schema] Page numbering in Table of Contents
- 3.3.2.0 (2010-04-13)
- sf#2969449 [core] Name for MERGE engine varies depending on the
MySQL version, thanks to Dieter Adriaenssens - ruleant
- sf#2966078 [browse] Incorrect LIMIT is saved and sticks while browsing
- sf#2967366 [Structure] Some results of Propose table structure are
shown in hex
- sf#2967565 [insert] UNHEX not selected by default when inserting BINARY
- [navi] Changed link to git repository on main page
- sf#2972232 [menu] Import menu tab not present on main page
- sf#2976790 [menu] Go to the upper level after table DROP,
thanks to Kaarel Nummert - kaarelnu
- sf#2978815 [pdf] Fix generating PDF with table dimensions, thanks to BlinK_
- sf#2977725 [export] XML wrongly encoded, thanks to Victor Volkov - hanut
- sf#2979234 [import] Create tables with current charset and collation.
- sf#2979234, sf#2960105 [import] Properly import unicode text from ODS.
- sf#2973280 [export] Proper handling of temporary directory in XLS export.
- sf#2980582 [interface] Properly format server status parameter.
- sf#2973949 [session] SQL History broken (revert sf#2899969),
thanks to Dieter Adriaenssens - ruleant
- [doc] Be more specific about problems with Suhosin.
-------------------------------------------------------------------
Fri Mar 26 00:41:30 UTC 2010 - chris@computersalat.de
- update to version 3.3.1
- sf#2941037 [core] Database structure not sorted by table correctly
- sf#2948492 [interface] Slide effect masks some fields on search page
- sf#2959746 [interface] Unknown table status: TABLE_TYPE
- sf#2953050 [export] export VIEW as SQL includes INSERT statement
- sf#2942032 [core] Cannot detect PmaAbsoluteUri correctly on Windows
- sf#2961609 [auth] Potential information disclosure at login page
- sf#2961540 [export] Do not export data of MERGE table,
thanks to Dieter Adriaenssens - ruleant
- sf#2961198 [parser] Querying a table named "data"
- sf#2931429 [structure] Editing long triggers
- sf#2970769 [structure] Incorrect reference to mootools-more.js
- cleanup spec
- fixed HEADER
- sort TAGS
- some macros (ap_...)
- updated description
- added postun
o restart_on_update apache2
- some rpmlint stuff
- fdupes
- reworked patches
- removed blowfish_secret
- removed mysqli.patch
- added config patch
o mods to vendor_config
- replaced Source1
phpmyadmin.conf > phpMyAdmin.http
- config.inc.php to /etc/phpMyAdmin
-------------------------------------------------------------------
Wed Mar 10 21:41:47 UTC 2010 - javier@opensuse.org
- Updated to 3.3.0
+ rfe #2308632 [edit] Use hex for (var)binary fields
+ sf#2794819 [navi] Filter for displayed table names
- sf#2794840 [core] Cannot redeclare pma_tableheader()
- rfe #2726479 [core] configurable maximal length of URL
+ sf#2724755 [display] Full/partial text links (big T) are back
- bug [display] handle NavigationBarIconic as documented for navi buttons
+ rfe #2726479 [export] Export tables preselect
+ sf#2805828 [export] PHP array export plugin
+ sf#2798592 [import] Progress bar
- bug [gui] Generate Password not working for 'Change Login Information', only for 'Change password'
+ [lang] Arabic update
+ rfe #2822190 [structure] BOOLEAN is standard SQL
+ [lang] German update
+ rfe #2813867 [structure] Default sorting order in list of tables
+ [import] Added MySQL type-detection functionality to import library
+ [import] Added ODS, Excel XLS, Excel XLSX, and XML import modules
+ [export] Added Excel XLSX export module
+ [core] Added ability for tracking changes made through phpMyAdmin
+ rfe #2839504 [engines] Support InnoDB plugin's new row formats
+ [core] Added ability for synchronizing databases among servers.
+ [lang] #2843101 Dutch update
+ [lang] Galician update
+ [export] Added MediaWiki export module
+ [lang] Turkish update
+ [auth] Add custom port configuration in signon
- [core] Removed context from the error handler
- sf#2883633 [export] Export of InnoDB table is incomplete
+ rfe #2862575 [status] Order query statistics by % desc, skip rows with 0
+ rfe #2823686 [interface] Increase default height of query window
+ rfe #2129902 [structure] Don't hide indexes
+ sf#2812070 [interface] Allow selecting a range of rows by holding shift
+ [lang] Russian update, thanks to Victor Volkov
+ [lang] Greek update, thanks to Panagiotis Papazoglou
+ [lang] Norwegian update, thanks to Sven-Erik Andersen
- sf#2929958 [import] Cannot import (French interface)
- [security] Use X-Frame-Options header to protect against ClickJacking.
+ [lang] Finnish update, thanks to Jouni Kahkonen
+ [lang] Lithuanian update, thanks to Rytis Slatkevicius - rytis_s
- sf#2931939 [status] Seeing "m" as unit is confusing
- sf#2926613 [edit] Copy database shows errors when DB has foreign key
+ [lang] Catalan update, thanks to Xavier Navarro
-------------------------------------------------------------------
Wed Jan 20 17:18:45 UTC 2010 - javier@opensuse.org
- Updated to 3.2.5
- sf#2903400 [bookmarks] Status of bookmark table,
thanks to Virsacer - virsacer
- bug [history] QueryHistoryDB is not respected
- sf#2905629 [auth] Blowfish secret is not hashed
- sf#2910000 [gui] ShowServerInfo should hide all server info from main page
- sf#2910568 [structure] Table size for ARCHIVE tables is not displayed
- sf#2899969 [core] Session lock blocks working from a second window,
thanks to Greg Roach - fisharebest
- sf#2915168 [import] Incorrect parsing of DELIMITER keyword,
thanks to Greg Roach - fisharebest
- sf#2918831 [export] Missing backquotes on reserved words,
thanks to Virsacer - virsacer
- [core] Fix broken cleanup of $_GET
- sf#2924357 [operations] Cannot rename a database that has foreign key
constraints
- sf#869006 [structure] Ignore number of records for MRG_MyISAM tables
- bug [browse] "Show BLOB contents" should display HTML code that is present
in a BLOB, thanks to Vincent van der Tuin
- [privileges] Improve escaping of hostname
-------------------------------------------------------------------
Tue Nov 10 01:45:00 UTC 2009 - javier@opensuse.org
- sf#2856664 [export] Date, time, and datetime column types now export correctly to OpenOffice Spreadsheet
- sf#2859788 [parser] Double-character delimiters (sf#2846239)
- sf#2832600 [export] Slow export when having lots of databases
- sf#2537766 [import] Comments are stripped when editing store procedures
- sf#2852370 [operations] Renaming database deletes triggers
- sf#2872247 [interface] Failed opening required 'mysql_charsets.lib.php'
- bug [structure] "In use" table incorrectly reported as "view"
- sf#2879909 [interface] Removed double htmlspecialchars when editing enum column
- sf#2868328 [relations] Adding foreign key when table name contains a dot
- sf#2883381 [doc] Side effects of MemoryLimit setting
- sf#2826128 [display] Inverting sort order when expression contains a function name
-------------------------------------------------------------------
Sat Sep 19 00:50:10 CEST 2009 - javier@opensuse.org
- sf#2825293 [structure] Default value for a BIT column
- bug [display] Red arrows were reversed in the list of tables
- sf#2813879 [export] Duplicate empty lines when exporting without comments
- sf#2825919 [export] Trigger export with database name
- sf#2823996 [data] Cannot edit row with no PK and a BIT field
- bug [export] Exporting results of a query which contains a LIMIT clause
inside a subquery
- sf#2837722 [export] Run complex SQL then export does not work
- sf#2839548 [export] Triggers order on export
- sf#2826986 [display] Order by BLOB and range display
- bug [display] After clicking on Show Function or Function, the UPDATE query
is not shown after execution
- bug [structure] Missing validation for BINARY and VARBINARY
-------------------------------------------------------------------
Sun Aug 16 06:13:35 UTC 2009 - javier@opensuse.org
- sf#2799009 Login with ipv6 IP address breaks redirect
- sf#2796066 [priv] Inconsistent display of databases list
- sf#2802870 [display] Incorrect overhead value for InnoDB
- bug [display] Incorrect display in replication status
- sf#1601625 [display] The Ignore checkbox is not unchecked for ENUM
- sf#2809930 [setup] Notice: Undefined variable: k in setup/index.php
- bug [features] Incorrect report of missing relational features
- [security] XSS: Insufficient output sanitizing (not exploitable without a vali
d token)
thanks to Sven Vetsch/Disenchant for informing us in a responsible manner
- sf#2634827 [import] Using DELIMITER produces infinite cycle
+ new language files: uzbek_cyrillic and urbek_latin
- sf#2814109 [search] Right frame is blank
- sf#2816840 [priv] Cannot change a user's details
- sf#2816165 [display] Executed query not always displayed
- sf#2819944 [setup] Incorrect mention of designer_coords
- sf#2821757 [insert] "Insert another new row" no longer worked
+ [lang] Norwegian update
- bug [core] PMA_pow() can support negative exponents in the pow() case
+ [lang] Brazilian Portuguese update
- sf#2822384 [docs] Missing auth_type in docs-example
- sf#2819728 [display] Slider effect jumping to top of page
- bug [display] Incorrect computation of overhead stats in server view
for tables under the InnoDB engine
+ [lang] Swedish update
-------------------------------------------------------------------
Fri Jul 24 15:51:24 UTC 2009 - javier@opensuse.org
- First security release for phpMyAdmin 3.2.0
-------------------------------------------------------------------
Sun Jun 28 04:17:23 UTC 2009 - javier@opensuse.org
- update to 3.2.0
-------------------------------------------------------------------
Sun May 4 16:19:43 UTC 2008 - crrodriguez@suse.de
- phpMyAdmin package misses files (favicon.ico, scripts/*) [BNC #381747]
- phpMyAdmin setup.php missing [BNC #335306]
- update to version 2.11.6, bug fix only release
- sf#1903724 [interface] Displaying of very large queries
in error message
- sf#1905711 [compatibility] Functions deprecated in PHP 5.3:
is_a() and get_magic_quotes_gpc()
- bug [lang] catalan wrong accented characters
- sf#1893034 [Export] SET NAMES for importing with command-line
client
+ [lang] Russian update
- sf#1910485 [core] Unsetting the whitelist during the loop
- sf#1906980 [Export] Import of VIEWs fails if temp table exists
- sf#1812763 [Copy] Table copy when server is in ANSI_QUOTES
sql_mode
- sf#1918531 [compatibility] Navigation isn't w3.org valid
- sf#1926357 [data] BIT defaults displayed incorrectly
- sf#1930057 [auth] colon in password prevents HTTP login
on CGI/IIS
- sf#1929553 [lang] Don't output BOM character in Swedish
language file
- sf#1895796 [lang] Typo in Japanese lang files
- sf#1935652 [auth] Access denied (show warning about mcrypt
on login page)
- sf#1906983 [export] Reimport of FUNCTION fails
- sf#1919808 [operations] Renaming a database fails to handle
functions
- sf#1934401 [core] Cannot force a language
- sf#1944077 [core] Config file containing a BOM
- sf#1947189 [scripts] Missing head tag in scripts/signon.php
- [lang] Romanian update
-------------------------------------------------------------------
Mon Apr 7 11:27:24 UTC 2008 - crrodriguez@suse.de
- pmd folder is missing in phpmyadmin 2.11.5.1 [bnc #376616]
-------------------------------------------------------------------
Sat Mar 29 15:53:44 UTC 2008 - crrodriguez@suse.de
- update to version 2.11.5.1
* sf#1909711 [security] Sensitive data in session files
-------------------------------------------------------------------
Mon Mar 10 04:13:27 UTC 2008 - crrodriguez@suse.de
- phpMyAdmin tries to access non-existing print.css [#307966]
-------------------------------------------------------------------
Sat Mar 1 23:34:52 UTC 2008 - crrodriguez@suse.de
- version 2.11.5
- sf#1862661 [GUI] Warn about rename deleting database
- sf#1866041 [interface] Incorrect sorting with AS
- sf#1871038 [import] Notice: undefined variable first_sql_delimiter
- sf#1873110 [export] Problem exporting with a LIMIT clause
- sf#1871164 [GUI] Empty and navigation frame synch.
- sf#1873188 [GUI] Making db pager work when js is disabled,
thanks to Jürgen Wind - windkiel
- sf#1875010 [auth] MySQL server and client version mismatch
(mysql ext.)
- sf#1879031 [transform] dateformat transformation
and UNIX timestamps, thanks to Tim Steiner - spam38
- bug [import] Do not verify a missing enclosing character for CSV,
because files generated by Excel don't have any enclosing character
- sf#1799691 [export] "Propose table structure" and Export
- sf#1884911 [GUI] Space usage
- sf#1863326 [GUI] Wrong error message / no edit (Suhosin)
- sf#1887204 [GUI] Order columns in result list messing up query
- sf#1893538 [GUI] Display issues on Opera 9.50,
thanks to Jürgen Wind - windkiel
- bug [GUI] Do not display the database name used by the
previous user, thanks to Ronny Görner
- bug [security] Remove cookies from Array for better coexistence with
other applications, thanks to Richard Cunningham. See PMASA-2008-1.
-------------------------------------------------------------------
Sun Jan 13 11:02:14 UTC 2008 - crrodriguez@suse.de
- do not BuildRequire apache2-devel libapr-util1-devel pcre-devel
- PreReq coreutils sed and grep
- update to version 2.11.4
- sf#1843428 [GUI] Space issue with DROP/DELETE/ALTER TABLE
- sf#1807816 [search] regular expression search doesn't work with
backslashes
- sf#1843463 [GUI] DROP PROCEDURE does not show alert
- sf#1835904 [GUI] Back link after a SQL error forgets the query
- sf#1835654 [core] wrong escaping when using double quotes
- sf#1817612 [cookies] Wrong cookie path on IIS with PHP-CGI,
thanks to Carsten Wiedmann
- sf#1848889 [export] export trigger should use
DROP TRIGGER IF EXISTS
- sf#1851833 [display] Sorting forgets an explicit LIMIT
(fix for sorting on column headers)
- sf#1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin
- sf#1798786 [import] Wrong error when a string contains semicolon
- sf#1813508 [login] Missing parameter: field after re-login
- sf#1710144 [parser] Space after COUNT breaks Export but not Query
- sf#1783620 [parser] Subquery results without "as" are ignored
- sf#1821264 [display] MaxTableList and INFORMATION_SCHEMA
- sf#1859460 [display] Operations and many databases
- sf#1814679 [display] Database selection pagination when
switching servers
- sf#1861717 [export] CSV Escape character not exported right,
thanks to nicolasdigraf
- sf#1864468 [display] Theme does not switch to darkblue_orange
- sf#1847409 [security] Path disclosure on
darkblue_orange/layout.inc.php,
thanks to Jürgen Wind - windkiel
-------------------------------------------------------------------
Wed Aug 22 12:36:22 UTC 2007 - crrodriguez@suse.de
- 2.11.0-rc1 -> 2.11.0 final
- mod_php_any is enough to get a webserver do not explicitly require apache2
- update phpmyadmin.conf adding the session save path to open_basedir as well
ensuring some additional and possible conflicting php settings are set the way we want
-------------------------------------------------------------------
Mon Aug 6 21:59:16 UTC 2007 - anosek@suse.cz
- updated to version 2.11.0-rc1
-------------------------------------------------------------------
Mon Jul 30 11:38:44 UTC 2007 - anosek@suse.cz
- updated to version 2.11.0-beta1
+ [import] support handling of DELIMITER to mimic mysql CLI, thanks to fb1
+ improved PHP 6 compatibility
- sf#1674914 [structure] changing definition of a TIMESTAMP field
- sf#1615530 [upload] added more specific error message if field upload fails
- sf#1627210, #1083301, #1482401 [data] warning on duplicate indexes
- sf#1668724 JavaScript focus login Opera
- sf#1666657 [auth] Cookie password delete on timeout / inactivity
- sf#1648802 different mysql library and server version
- sf#1662976 [auth] Authentication fails when controluser/pass is set
- sf#1643758 [import] Error #1264 importing NULL values in MySQL 5.0
- sf#1523747 [innodb] make warning about row count more visible
- sf#1676012 [auth] strip non-US-ASCII characters (RFC2616)
- sf#1679440 Added FAQ entry about header errors under IIS caused by
an end-of-line character
- [gui] avoid displaying a wide selector in server selection
- sf#1614004 [relation] foreign key spanning multiple columns are
incorrectly displayed
- sf#1681598 [interface] Edit next row
- sf#1688053 [export] Wrong export of binary character fields
- sf#1498281 [parser] Wrong primary key used for displaying results
with subquery
- sf#1699772 Visual space bug in table name (in browser)
- sf#1699532 Cause of data manipulation issues: implemented changes
as suggested by crisp_; still have to work on updating an ENUM value
+ [doc] changed all documentation in config.inc.php to phpDocumentor style
+ [data] support for CREATE VIEW from query results
+ [gui] dropped css/ folder and moved into root of PMA
+ [l10n] new: Sinhala, Macedonian
+ [export] YAML export (see yaml.org), thanks to Bryce Thornton
+ [server] improved display of binary logs
+ [data] better error handling in tbl_create.php
+ [routines] from Patch #1649881, thanks to Mike Beck
+ [querywindow] store sql history in session
+ [querywindow] sql history now without db too
+ [querywindow] tweaks in sql history view
+ [export] Native Excel (Spreadsheet_Excel_Writer) improvements,
thanks to Christian Schmidt
+ [doc] requirement of mcrypt on 64-bit, thanks to Isaac Bennetch
+ RFE #1435922 [gui] navigation frame shows listing of databases when none selected
+ [data] support BIT datatype (under mysqli), thanks to Christian Schmidt
+ [display] automatic confirmation for sort by key, thanks to Juergen Wind
+ [data] can now choose the number of insert rows
+ RFE #1704779 [gui] link documentation from login page
+ [structure] TRIGGERS: display/edit/drop/SQL export
+ [browse] store browse state in session per query
+ [gui] Insert/Edit: no longer display the Go button each 15 lines
but just at the end of a row
+ [gui] Query window: use verbose server name if any
+ [auth] sf#1712514 specify host for single signon, thanks to Thierry
+ [gui] Navigator for the db list in the navigation panel
+ [gui] Navigator for the table list in the content panel
- sf#1727138 HTML not encoded (more than 1000 characters)
+ [display] Support for MySQL 5.0.37 profiling
+ RFE #1743983 [gui] Replace $max_characters by a configurable param:
$cfg['MaxCharactersInDisplayedSQL']
- sf#1746186 LeftLogoLink fails if set to some external site
. [transformations]: remove "auto-detect" MIME-type that was never implemented
+ [display] sf#1749705, Allow multibyte characters in number formatting,
thanks to garas
- sf#1747215 Export emits blanks at line ends
- sf#1751172 Do not export data when exporting a single VIEW
+ [privileges] Support password hashing on the Edit Privileges interface
- sf#1755339 Warn about rename dataase actually being copy/delete
- sf#1746921 Left frame shrinks on db change, thanks to Juergen Wind
+ [gui] Export: Select All/Unselect All over the choices,
thanks to Florian Schmitz
-------------------------------------------------------------------
Wed Jul 25 14:31:02 UTC 2007 - anosek@suse.cz
- updated to version 2.10.3
- sf#1734285 Copy database with VIEWs
- sf#1722502 DROP TABLE in export VIEW
- sf#1729027 Sorting results of VIEW browsing
- sf#1733012 Unwanted table alias in delete button
- sf#1736405 Pretty printer and HTML line breaks
- sf#1745257 Invalid DB name is still displayed
- sf#1730367 Calendar "Go" has no effect
- sf#1748633 Incorrect parameter validation for VIEWs
+ [lang] Russian revision, thanks to Victor Volkov and the users
of php-myadmin.ru
- Do not try to delete an internal relation if we just deleted
an InnoDB one
-------------------------------------------------------------------
Tue Jun 19 03:39:00 UTC 2007 - anosek@suse.cz
- updated to version 2.10.2
+ [data] display all warnings, not only last one
- typo in fix for sf#1671813
- sf#1714908 Inserted Row Count is wrong
- sf#1712570 Deleting last record freezes
- sf#1717339 Missing header when deleting a checked column,
thanks to Michael Keck
- sf#1717477 Warning on Query page when db is empty
- sf#1721002 db rename -> undefined cfgRelation,
thanks to Jürgen Wind
- sf#1721571 CREATE database privilege not always detected,
thanks to Gordon McNaughton
- sf#1715709 export in SQL format always includes procedures
and functions
- sf#1722502 DROP TABLE in export view structure
- sf#1718787 Multi-server setup breaks Designer
- sf#1724401 Column truncation in repair table output
- sf#1726500 Wrong position of , thanks to Jürgen Wind
- sf#1728590 Detected failing session_start fails,
thanks to Jürgen Wind
- RFE #1714760 Obey ShowCreateDb on the Databases tab
- sf#1733762 Typo in message "INSERT DELAY",
thanks to Victor Volkov
- sf#1730171 Dead message strLanguageFileNotFound,
thanks to Victor Volkov
- sf#1731280 Avoid negative exponent in gmp_pow(),
thanks to anosek
-------------------------------------------------------------------
Tue Jun 12 21:48:10 UTC 2007 - anosek@suse.cz
- updated to version 2.10.2-rc1
+ [data] display all warnings, not only last one
- typo in fix for sf#1671813
- sf#1714908 Inserted Row Count is wrong
- sf#1712570 Deleting last record freezes
- sf#1717339 Missing header when deleting a checked column,
thanks to Michael Keck
- sf#1717477 Warning on Query page when db is empty
- sf#1721002 db rename -> undefined cfgRelation, thanks to Jürgen Wind
- sf#1721571 CREATE database privilege not always detected,
thanks to Gordon McNaughton
- sf#1715709 export in SQL format always includes procedures and functions
- sf#1722502 DROP TABLE in export view structure
- sf#1718787 Multi-server setup breaks Designer
- sf#1724401 Column truncation in repair table output
- sf#1726500 Wrong position of </tbody>, thanks to Jürgen Wind
- sf#1728590 Detected failing session_start fails, thanks to Jürgen Wind
- RFE #1714760 Obey ShowCreateDb on the Databases tab
-------------------------------------------------------------------
Tue Jun 5 00:56:30 UTC 2007 - anosek@suse.cz
- fixed warning: gmp_pow(): Negative exponent not supported in
common.lib.php [#271746] (gmp_pow.patch)
-------------------------------------------------------------------
Tue Apr 24 08:46:01 UTC 2007 - anosek@suse.cz
- updated to version 2.10.1
* bugfix release
-------------------------------------------------------------------
Tue Mar 6 16:34:13 UTC 2007 - anosek@suse.cz
- updated to version 2.10.0.2
* default value for $cfg['Servers'][$i]['ssl'] changed to false
* fixes PHP Executor Deep Recursion Stack Overflow [#251757]
-------------------------------------------------------------------
Wed Feb 28 14:16:10 UTC 2007 - anosek@suse.cz
- updated to version 2.10.0
* Designer: new graphical relation manager
* Improved speed on servers with thousands of databases/tables
* Vertical field editor (optional)
* Option to avoid counting rows for views
* Calendar on search page
* DOS-style end-of-lines in setup-generated files
-------------------------------------------------------------------
Wed Jan 17 12:14:04 UTC 2007 - anosek@suse.cz
- updated to version 2.9.2
* improved support for web clusters
* deleting a user under MySQL 4.1.x
* DELIMITER in export no longer commented out
* export of query results and procedure definitions
* detection of a binary column
* problem on 64-bit systems
* granting all privileges on a wildcard name
* verification on encrypted zip files
* security fixes
-------------------------------------------------------------------
Sat Dec 2 21:16:07 UTC 2006 - mmarek@suse.cz
- fix previous update which wrongly moved the config.inc.php
file to the libraries subdirectory [#223721]
-------------------------------------------------------------------
Thu Nov 23 16:01:59 UTC 2006 - anosek@suse.cz
- security update to version 2.9.1.1 [#222594] [#222622]
-------------------------------------------------------------------
Wed Nov 8 04:04:15 UTC 2006 - anosek@suse.cz
- added suggestions from [#216213]
* phpMyAdmin now uses mysqli extension not mysql (mysqli.patch)
* added Required: php5-mbstring
* phpMyAdmin now uses open_basedir for increased security
-------------------------------------------------------------------
Tue Oct 17 15:25:56 UTC 2006 - postadal@suse.cz
- updated to 2.9.0.2
* Improved readability of setup panels
* PDF schema: automatic layout for InnoDB
* Font size selector on main page
* Export: support for procedures and functions
* Can hide "Create Database" dialog
* Customizable link under left logo
* Export: "Open Document Text", "Open Document spreadsheet" formats
* Export: new plugin architecture
* User management: can create a db with the same name as created user
* Use IEC binary units (KiB, MiB, ...)
* Import: SQL compatibility selector
* Possibility of using external authentication and use an empty MySQL password
* Display MySQL warnings
* Links to language-specific MySQL doc whenever possible
* Security fixes
-------------------------------------------------------------------
Thu Sep 21 06:18:48 UTC 2006 - anosek@suse.cz
- updated to 2.9.0
* Improved readability of setup panels
* PDF schema: automatic layout for InnoDB
* Font size selector on main page
* Export: support for procedures and functions
* Can hide "Create Database" dialog
* Customizable link under left logo
* Export: "Open Document Text", "Open Document spreadsheet"
formats
* Export: new plugin architecture
* User management: can create a db with the same name as created
user
* Use IEC binary units (KiB, MiB, ...)
* Import: SQL compatibility selector
* Possibility of using external authentication and use an empty
MySQL password
* Display MySQL warnings
* Links to language-specific MySQL doc whenever possible
-------------------------------------------------------------------
Wed Aug 23 21:06:46 UTC 2006 - anosek@suse.cz
- updated to 2.8.2.4
* fixed cookie login on IIS with IE6
* fixed switching from scripts/setup.php to the main script
in case of register_globals enabled
-------------------------------------------------------------------
Tue Aug 15 20:48:22 UTC 2006 - anosek@suse.cz
- update to 2.8.2.2
* fixed config not loaded on install (MySQL error code 2002
or 2003)
-------------------------------------------------------------------
Thu Aug 3 18:53:02 UTC 2006 - mskibbe@suse.de
- update to 2.8.2.1
* XSS vulnerability from requests not containing a token
* reenabled XML option in Export
* added a user with password containing a backslash
* setup script: compatibility with security tokens
* setup script: detection of writable config
* reading the database list with MySQL wildcards
-------------------------------------------------------------------
Thu Jun 1 12:57:37 UTC 2006 - postadal@suse.cz
- updated to 2.8.1 (bugfix-only release) [#177091]
* fixes some XSS vulnerabilities
- removed obsoleted patches (2006-1804.patch, 2006-2031.patch)
-------------------------------------------------------------------
Tue May 2 17:32:14 UTC 2006 - mmarek@suse.cz
- fixed XSS in error messages
[#170529] (CVE-2006-2031.patch)
-------------------------------------------------------------------
Thu Apr 20 16:02:37 UTC 2006 - mmarek@suse.cz
- fixed XSS in sql.php (and other scripts): add a secret token to
each link and form to prevent linking to sql.php from outside
[#165772] (CVE-2006-1804)
-------------------------------------------------------------------
Thu Apr 13 14:52:47 UTC 2006 - mmarek@suse.cz
- updated to 2.8.0.3
* fixes some XSS vulnerabilities
* improves php-5.1.2 compatibility
[#165772]
- moved $cfg['blowfish_secret'] to separate file, so that config.inc.php
isn't edited during install
(blowfish_secret.patch)
-------------------------------------------------------------------
Wed Jan 25 20:19:55 UTC 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Tue Jan 17 16:53:13 UTC 2006 - postadal@suse.cz
- added php-session to Requires [#137368]
-------------------------------------------------------------------
Thu Jan 5 01:41:48 UTC 2006 - postadal@suse.cz
- update to version 2.7.0-pl2 (security fixes)
[#136015, 137368, 137797]
- removed all patches
-------------------------------------------------------------------
Tue Nov 22 19:00:46 UTC 2005 - postadal@suse.cz
- fixed XSS on HTTP_HOST (HTTP_HOST.patch) [#133818]
-------------------------------------------------------------------
Mon Nov 21 21:04:25 UTC 2005 - postadal@suse.cz
- update to version 2.6.4-pl4
* fixes PMASA-2005-6 [#133818] (PMASA-2005-6.patch)
- removed obsoleted patches: CVE-2005-2869.patch, PMASA-2005-4_and_5.patch,
lang-utf8-fix.patch
-------------------------------------------------------------------
Mon Nov 14 15:26:43 UTC 2005 - postadal@suse.cz
- fixed CVE-2005-2869 (XSS on the cookie-based login panel)
[#130226] (CVE-2005-2869.patch)
-------------------------------------------------------------------
Tue Nov 1 12:26:05 UTC 2005 - postadal@suse.cz
- fixed PMASA-2005-4 and PMASA-2005-5 [#130226] (PMASA-2005-4_and_5.patch)
-------------------------------------------------------------------
Tue Aug 23 19:55:32 UTC 2005 - postadal@suse.cz
- disabled auto-switch the lang to its UTF-8 version when Lang is set
[#104600]
-------------------------------------------------------------------
Thu Jul 28 03:26:13 UTC 2005 - postadal@suse.cz
- update to 2.6.3-pl1
-------------------------------------------------------------------
Mon Jun 6 19:38:14 UTC 2005 - cthiel@suse.de
- update to 2.6.2-pl1
-------------------------------------------------------------------
Tue Mar 8 01:35:42 UTC 2005 - mcihar@suse.cz
- generate shorter key to make it work with mcrypt, see
https://sourceforge.net/tracker/index.php?func=detail&aid=1115327&group_id=23067&atid=377408
-------------------------------------------------------------------
Fri Mar 4 15:58:09 UTC 2005 - mcihar@suse.cz
- update to pl3, it includes previous fix and fixes editing fields with special names (sf#70864)
-------------------------------------------------------------------
Thu Mar 3 05:33:39 UTC 2005 - mcihar@suse.cz
- fix bad setting of privileges (sf#67276)
-------------------------------------------------------------------
Tue Mar 1 18:25:09 UTC 2005 - mcihar@suse.cz
- depend on mod_php_any
-------------------------------------------------------------------
Thu Feb 24 12:47:49 UTC 2005 - mcihar@suse.cz
- update to 2.6.1-p2 to fix several vulnerabilities (sf#66264)
-------------------------------------------------------------------
Wed Feb 9 12:08:38 UTC 2005 - mcihar@suse.cz
- depend on unversioned php modules, to allow both php4 and php5 installation
-------------------------------------------------------------------
Mon Jan 24 17:11:01 UTC 2005 - mcihar@suse.cz
- update to 2.6.1
- require php4-mcrypt for faster cookie encryption
-------------------------------------------------------------------
Wed Oct 13 10:27:49 UTC 2004 - mcihar@suse.cz
- update to 2.6.0-pl2 (sf#47160)
- require php4-iconv as it seems to be on all arches now (sf#36642)
-------------------------------------------------------------------
Tue Oct 5 13:52:43 UTC 2004 - mcihar@suse.cz
- drop php4-recode dependency (sf#46817)
-------------------------------------------------------------------
Mon Sep 6 04:07:57 UTC 2004 - mcihar@suse.cz
- update to 2.6.0-rc2
-------------------------------------------------------------------
Fri Sep 3 08:17:25 UTC 2004 - mcihar@suse.cz
- update to 2.6.0-rc1
- use pwgen for secret generating
- don't ship scripts, as they're not needed for most users
-------------------------------------------------------------------
Tue Apr 27 19:17:52 UTC 2004 - ro@suse.de
- build using apache2
-------------------------------------------------------------------
Wed Mar 31 15:33:40 UTC 2004 - mcihar@suse.cz
- require php4-recode for charset conversion (better solution for bugs
[#36642] and #36560)
-------------------------------------------------------------------
Mon Mar 22 09:15:44 UTC 2004 - mcihar@suse.cz
- dropped php-4iconv dependency at all (sf#36642)
-------------------------------------------------------------------
Fri Mar 19 15:34:42 UTC 2004 - mcihar@suse.cz
- do not require php4-iconv on achitectures where it isn't built (sf#36560)
-------------------------------------------------------------------
Mon Mar 8 10:37:50 UTC 2004 - mcihar@suse.cz
- require all needed php modules
-------------------------------------------------------------------
Mon Mar 1 09:16:37 UTC 2004 - mcihar@suse.cz
- update to 2.5.6
-------------------------------------------------------------------
Mon Jan 5 16:29:39 UTC 2004 - mcihar@suse.cz
- updated to 2.5.5-pl1
-------------------------------------------------------------------
Mon Oct 20 07:30:55 UTC 2003 - mcihar@suse.cz
- updated to 2.5.4
-------------------------------------------------------------------
Thu Oct 16 14:52:30 UTC 2003 - mcihar@suse.cz
- do not build as root
- little spec file cleanup
-------------------------------------------------------------------
Tue Sep 9 00:29:29 UTC 2003 - mcihar@suse.cz
- automatically generate blowfish_secret on rpm installation
- mark config file as %%config(noreplace) (this in conjuction with
previous means that it will be never replaced on upgrade, this is
okay as phpMyAdmin supports loading of old config files)
-------------------------------------------------------------------
Mon Sep 8 11:19:25 UTC 2003 - mcihar@suse.cz
- updated to 2.5.3:
- many bugs fixed
- messages about missing variables were displayed wrongly
- more export bugs
- confirmation of some dangerous SQL (TRUNCATE,DROP DATABASE)
- new nice icons for actions
-------------------------------------------------------------------
Thu Sep 4 12:46:38 UTC 2003 - mcihar@suse.cz
- include documentation stylesheet
-------------------------------------------------------------------
Fri Aug 29 19:27:03 UTC 2003 - mcihar@suse.cz
- depend on mod_php rather that http_daemon as this needs php
-------------------------------------------------------------------
Thu Aug 28 13:56:05 UTC 2003 - mcihar@suse.cz
- include stylesheets
-------------------------------------------------------------------
Thu Aug 7 01:51:18 UTC 2003 - mcihar@suse.cz
- updated to 2.5.2-pl1
-------------------------------------------------------------------
Mon Mar 24 21:57:02 UTC 2003 - postadal@suse.cz
- removed mysql from Requires, becouse can access to MySQL remotely [#25797]
-------------------------------------------------------------------
Mon Feb 24 10:17:25 UTC 2003 - postadal@suse.cz
- updated to verison 2.4.0
* new server/user management interface with sub-pages
* export to LaTeX format
* display UPDATE SQL statement after a row edit
* (experimental) support for compressed connections to the MySQL server
* upload of binary file into a field
* show blob size
* a lot of fixes
-------------------------------------------------------------------
Wed Jan 29 19:43:40 UTC 2003 - postadal@suse.cz
- updated to version 2.3.3pl1
* upload of compressed dumps
* inform the user who does not have privileges to create a db
* new internal analyzer for db, table, column and alias
* a lot of fixes
-------------------------------------------------------------------
Mon Aug 12 10:03:41 UTC 2002 - postadal@suse.cz
- update to release 2.3.0
-------------------------------------------------------------------
Fri Aug 2 19:59:10 UTC 2002 - ro@suse.de
- adapt server-root
-------------------------------------------------------------------
Thu Aug 1 14:48:47 UTC 2002 - postadal@suse.cz
- fixed required perl path
-------------------------------------------------------------------
Wed Jul 31 22:38:40 UTC 2002 - postadal@suse.cz
- update to version 2.3.0-rc4
* can specify a different charset for MySQL and HTML
* utf-8 charset support
* full database search
* XML export
* faster table delete under MySQL 4
* new language: slovenian
* fixes
-------------------------------------------------------------------
Mon Jul 1 05:53:47 UTC 2002 - ro@suse.de
- fixed directory permissions
-------------------------------------------------------------------
Thu Jan 10 12:09:07 UTC 2002 - rvasice@suse.cz
- update to version 2.2.3
-------------------------------------------------------------------
Tue Sep 4 10:23:05 UTC 2001 - rvasice@suse.cz
- update to version 2.2.0 final
- dynamic multiple language support, with automatic detection
- database usage statistics
- table maintenance features (repair, check, optimize)
- made package noarch
-------------------------------------------------------------------
Thu Aug 2 23:51:57 UTC 2001 - rvasice@suse.cz
- update to version 2.2.0rc3
-------------------------------------------------------------------
Mon Jun 18 09:49:14 UTC 2001 - rvasice@suse.cz
- initial package release (version 2.1.0)
