summaryrefslogtreecommitdiffstats
path: root/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
Commit message (Collapse)AuthorAgeFilesLines
* phpmyadmin: upgrade to 4.6.3Jackie Huang2016-07-291-38/+0
| | | | | | | | | | | | | | * Compatible with PHP 5.5 to 7.0 and MySQL 5.5 and newer. * Release notes: http://www.phpmyadmin.net/files/4.6.3/ * Drop two CVE patches which have been fixed: CVE-2015-7873 and CVE-2015-8669 * Use PV in SRC_URI instead of hardcoded version number. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* recipes: Replace "cp -a" with "cp -R --no-dereference --preserve=mode,links"Martin Jansa2016-03-041-1/+1
| | | | | | | | | * Using "cp -a" leaks UID of user running the builds, causing many QA warnings. * See this thread for details: http://lists.openembedded.org/pipermail/openembedded-core/2015-November/112904.html Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* phpmyadmin: CVE-2015-8669Liu Jian2016-02-011-1/+3
| | | | | | | | | | | | libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. This patch is from https://github.com/phpmyadmin/phpmyadmin/commit/c4d649325b25139d7c097e56e2e46cc7187fae45 Signed-off-by: Jian Liu <jian.liu@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* phpmyadmin: fix CVE-2015-7873Wenzong Fan2015-12-181-0/+1
| | | | | | | | | | | | The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter. Backport upstream commit to fix it: https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706 Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* phpmyadmin: 4.4.9 -> 4.5.0.2Kai Kang2015-10-231-0/+35
Upgrade phpmyadmin from 4.4.9 to 4.5.0.2 and SRC_URI is updated. Accoring to release note, there is NO API changes for 4.5.0.x serial. So upgrade to 4.5.0.2 rather than 4.4.15 which will only support for security fixes only. And license file has some text update. See: https://github.com/phpmyadmin/phpmyadmin/commit/9d080a482fae73bde5049620088d4687da245163 Change files owner to fix [host-user-contaminated] warnings. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-22 04:18:21 +0000