phpmyadmin: fix for Security Advisory CVE-2014-7217

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7217 Signed-off-by: Roy Li <rongqing.li@windriver.com>
author: Roy Li <rongqing.li@windriver.com> 2014-10-30 13:37:27 +0800
committer: Paul Eggleton <paul.eggleton@linux.intel.com> 2014-10-31 11:35:25 +0000
commit: 6b530d936fcbf48bfe4a621d0ad2b3e61e728945 (patch)
tree: 15c9d78b901419097fda8a79331f47f40417ac95 /meta-webserver
parent: 7edda3d9267cc3561151a5611a2d215848824423 (diff)
download: meta-openembedded-6b530d936fcbf48bfe4a621d0ad2b3e61e728945.tar.gz
2 files changed, 30 insertions, 0 deletions
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-Bug-4544-additional-fix-for-4.2.x.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-Bug-4544-additional-fix-for-4.2.x.patch
new file mode 100644
index 000000000..e23f94b73
--- /dev/null
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-Bug-4544-additional-fix-for-4.2.x.patch
@@ -0,0 +1,29 @@
+From 304fb2b645b36a39e03b954fdbd567173ebe6448 Mon Sep 17 00:00:00 2001
+From: Marc Delisle <marc@infomarc.info>
+Date: Wed, 1 Oct 2014 08:09:12 -0400
+Subject: [PATCH] Bug 4544: additional fix for 4.2.x
+Upstream-Status: Backport
+Signed-off-by: Marc Delisle <marc@infomarc.info>
+---
+ libraries/TableSearch.class.php |    3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+diff --git a/libraries/TableSearch.class.php b/libraries/TableSearch.class.php
+index a0b3fa4..b7eb42f 100644
+--- a/libraries/TableSearch.class.php
+++ b/libraries/TableSearch.class.php
+@@ -992,7 +992,8 @@ EOT;
+             $html_output .= '<td>' . $properties['collation'] . '</td>';
+             $html_output .= '<td>' . $properties['func'] . '</td>';
+             // here, the data-type attribute is needed for a date/time picker
+-            $html_output .= '<td data-type="' . $properties['type'] . '"'
+            $html_output .= '<td data-type="'
+                . htmlspecialchars($properties['type']) . '"'
+                 . '>' . $properties['value'] . '</td>';
+             $html_output .= '</tr>';
+             //Displays hidden fields
+-- 
+1.7.10.4
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
index 447b77884..49ca7da4f 100644
--- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=eb723b61539feef013de476e68b5c50a \
 SRC_URI = "${SOURCEFORGE_MIRROR}/phpmyadmin/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \
           file://0001-bug-4504-security-Self-XSS-in-query-charts.patch \
           file://0001-bug-4505-security-XSS-in-view-operations-page.patch \
+           file://0001-Bug-4544-additional-fix-for-4.2.x.patch \
           file://apache.conf"
 SRC_URI[md5sum] = "0dcd755450dac819f33502590c88ad29"
author	Roy Li <rongqing.li@windriver.com>	2014-10-30 13:37:27 +0800
committer	Paul Eggleton <paul.eggleton@linux.intel.com>	2014-10-31 11:35:25 +0000
commit	6b530d936fcbf48bfe4a621d0ad2b3e61e728945 (patch)
tree	15c9d78b901419097fda8a79331f47f40417ac95 /meta-webserver
parent	7edda3d9267cc3561151a5611a2d215848824423 (diff)
download	meta-openembedded-6b530d936fcbf48bfe4a621d0ad2b3e61e728945.tar.gz

diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-Bug-4544-additional-fix-for-4.2.x.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-Bug-4544-additional-fix-for-4.2.x.patch new file mode 100644 index 000000000..e23f94b73 --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-Bug-4544-additional-fix-for-4.2.x.patch
@@ -0,0 +1,29 @@
		1	From 304fb2b645b36a39e03b954fdbd567173ebe6448 Mon Sep 17 00:00:00 2001
		2	From: Marc Delisle <marc@infomarc.info>
		3	Date: Wed, 1 Oct 2014 08:09:12 -0400
		4	Subject: [PATCH] Bug 4544: additional fix for 4.2.x
		5
		6	Upstream-Status: Backport
		7
		8	Signed-off-by: Marc Delisle <marc@infomarc.info>
		9	---
		10	libraries/TableSearch.class.php \| 3 ++-
		11	1 file changed, 2 insertions(+), 1 deletion(-)
		12
		13	diff --git a/libraries/TableSearch.class.php b/libraries/TableSearch.class.php
		14	index a0b3fa4..b7eb42f 100644
		15	--- a/libraries/TableSearch.class.php
		16	+++ b/libraries/TableSearch.class.php
		17	@@ -992,7 +992,8 @@ EOT;
		18	$html_output .= '<td>' . $properties['collation'] . '</td>';
		19	$html_output .= '<td>' . $properties['func'] . '</td>';
		20	// here, the data-type attribute is needed for a date/time picker
		21	- $html_output .= '<td data-type="' . $properties['type'] . '"'
		22	+ $html_output .= '<td data-type="'
		23	+ . htmlspecialchars($properties['type']) . '"'
		24	. '>' . $properties['value'] . '</td>';
		25	$html_output .= '</tr>';
		26	//Displays hidden fields
		27	--
		28	1.7.10.4
		29


diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb index 447b77884..49ca7da4f 100644 --- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=eb723b61539feef013de476e68b5c50a \
8	SRC_URI = "${SOURCEFORGE_MIRROR}/phpmyadmin/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \	8	SRC_URI = "${SOURCEFORGE_MIRROR}/phpmyadmin/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \
9	file://0001-bug-4504-security-Self-XSS-in-query-charts.patch \	9	file://0001-bug-4504-security-Self-XSS-in-query-charts.patch \
10	file://0001-bug-4505-security-XSS-in-view-operations-page.patch \	10	file://0001-bug-4505-security-XSS-in-view-operations-page.patch \
		11	file://0001-Bug-4544-additional-fix-for-4.2.x.patch \
11	file://apache.conf"	12	file://apache.conf"
12		13
13	SRC_URI[md5sum] = "0dcd755450dac819f33502590c88ad29"	14	SRC_URI[md5sum] = "0dcd755450dac819f33502590c88ad29"