2 files changed, 49 insertions, 0 deletions
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch
new file mode 100644
index 000000000..1e6bcbda5
--- /dev/null
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch
@@ -0,0 +1,48 @@
+From ae7eae1cc88cbdf2d27a6f10f097ef731823689e Mon Sep 17 00:00:00 2001
+From: Wenzong Fan <wenzong.fan@windriver.com>
+Date: Sat, 14 Nov 2015 02:01:54 -0500
+Subject: [PATCH] Port content spoofing fix
+Backport upstream commit for fixing CVE-2015-7873:
+  https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706
+Upstream-Status: Backport
+Signed-off-by: Marc Delisle <marc@infomarc.info>
+Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
+---
+ ChangeLog | 4 ++++
+ url.php   | 3 ++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+diff --git a/ChangeLog b/ChangeLog
+index 4cb6708..96936c8 100644
+--- a/ChangeLog
+++ b/ChangeLog
+@@ -107,6 +107,10 @@ phpMyAdmin - ChangeLog
+ - issue #11448 Clarify doc about the MemoryLimit directive
+ - issue #11489 Cannot copy a database under certain conditions
+ 
+4.4.15.1 (2015-10-23)
+- issue #11464 phpMyAdmin suggests upgrading to newer version not usable on that system
+- issue [security] Content spoofing on url.php
+
+ 4.4.15.0 (not yet released)
+ - issue #11411 Undefined "replace" function on numeric scalar
+ - issue #11421 Stored-proc / routine - broken parameter parsing
+diff --git a/url.php b/url.php
+index eec78a5..9c4c884 100644
+--- a/url.php
+++ b/url.php
+@@ -32,6 +32,7 @@ if (! PMA_isValid($_REQUEST['url'])
+             }
+         </script>";
+     // Display redirecting msg on screen.
+-    printf(__('Taking you to %s.'), htmlspecialchars($_REQUEST['url']));
+    // Do not display the value of $_REQUEST['url'] to avoid showing injected content
+    echo __('Taking you to the target site.');
+ }
+ die();
+-- 
+1.9.1
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
index e28b66a23..9297d0c23 100644
--- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
                    file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c"
 SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \
+           file://Port-content-spoofing-fix-CVE-2015-7873.patch \
           file://apache.conf"
 SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"

diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch new file mode 100644 index 000000000..1e6bcbda5 --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch
@@ -0,0 +1,48 @@
		1	From ae7eae1cc88cbdf2d27a6f10f097ef731823689e Mon Sep 17 00:00:00 2001
		2	From: Wenzong Fan <wenzong.fan@windriver.com>
		3	Date: Sat, 14 Nov 2015 02:01:54 -0500
		4	Subject: [PATCH] Port content spoofing fix
		5
		6	Backport upstream commit for fixing CVE-2015-7873:
		7	https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706
		8
		9	Upstream-Status: Backport
		10
		11	Signed-off-by: Marc Delisle <marc@infomarc.info>
		12	Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
		13	---
		14	ChangeLog \| 4 ++++
		15	url.php \| 3 ++-
		16	2 files changed, 6 insertions(+), 1 deletion(-)
		17
		18	diff --git a/ChangeLog b/ChangeLog
		19	index 4cb6708..96936c8 100644
		20	--- a/ChangeLog
		21	+++ b/ChangeLog
		22	@@ -107,6 +107,10 @@ phpMyAdmin - ChangeLog
		23	- issue #11448 Clarify doc about the MemoryLimit directive
		24	- issue #11489 Cannot copy a database under certain conditions
		25
		26	+4.4.15.1 (2015-10-23)
		27	+- issue #11464 phpMyAdmin suggests upgrading to newer version not usable on that system
		28	+- issue [security] Content spoofing on url.php
		29	+
		30	4.4.15.0 (not yet released)
		31	- issue #11411 Undefined "replace" function on numeric scalar
		32	- issue #11421 Stored-proc / routine - broken parameter parsing
		33	diff --git a/url.php b/url.php
		34	index eec78a5..9c4c884 100644
		35	--- a/url.php
		36	+++ b/url.php
		37	@@ -32,6 +32,7 @@ if (! PMA_isValid($_REQUEST['url'])
		38	}
		39	</script>";
		40	// Display redirecting msg on screen.
		41	- printf(__('Taking you to %s.'), htmlspecialchars($_REQUEST['url']));
		42	+ // Do not display the value of $_REQUEST['url'] to avoid showing injected content
		43	+ echo __('Taking you to the target site.');
		44	}
		45	die();
		46	--
		47	1.9.1
		48


diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb index e28b66a23..9297d0c23 100644 --- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
6	file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c"	6	file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c"
7		7
8	SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \	8	SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \
		9	file://Port-content-spoofing-fix-CVE-2015-7873.patch \
9	file://apache.conf"	10	file://apache.conf"
10		11
11	SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"	12	SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"