Release 4.6.4RELEASE_4_6_4

Signed-off-by: Isaac Bennetch <bennetch@gmail.com>
author: Isaac Bennetch <bennetch@gmail.com> 2016-08-16 23:38:46 +0300
committer: Isaac Bennetch <bennetch@gmail.com> 2016-08-16 23:38:46 +0300
commit: b9a6a9993e175ff13375462333ce1139095d01e1 (patch)
tree: 540a7ed03dfda8d29423799f1c8f718cb9defbb6
parent: 0f6b76b57844af5b43675c9ff5489d1a3a6baa63 (diff)
4 files changed, 41 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 2e73d97104..0a60f203aa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,44 @@
 phpMyAdmin - ChangeLog
 ======================
 
-4.6.4 (not yet released)
+4.6.4 (2016-08-16)
+- issue        [security] Weaknesses with cookie encryption, see PMASA-2016-29
+- issue        [security] Improve session cookie code for openid.php and signon.php example files
+- issue        [security] Full path disclosure in openid.php and signon.php example files
+- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-30
+- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-31
+- issue        [security] Unsafe generation of BlowfishSecret (when not supplied by the user)
+- issue        [security] Referrer leak when phpinfo is enabled
+- issue        [security] PHP code injection, see PMASA-2016-32
+- issue        [security] Full path disclosure, see PMASA-2016-33
+- issue        [security] SQL injection attack, see PMASA-2016-34
+- issue        [security] Local file exposure through LOAD DATA LOCAL INFILE, see PMASA-2016-35
+- issue        [security] Local file exposure through symlinks with UploadDir, see PMASA-2016-36
+- issue        [security] Path traversal with SaveDir and UploadDir, see PMASA-2016-37
+- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-38
+- issue        [security] SQL injection vulnerability as control user, see PMASA-2016-39
+- issue        [security] SQL injection vulnerability, see PMASA-2016-40
+- issue        [security] Denial-of-service attack through transformation feature, see PMASA-2016-41
+- issue        [security] SQL injection vulnerability as control user, see PMASA-2016-42
+- issue        [security] Verify data before unserializing, see PMASA-2016-43
+- issue        [security] Use HTTPS for wiki links
+- issue        Remove Swekey support
+- issue        [security] SSRF in setup script, see PMASA-2016-44
+- issue        [security] Denial-of-service attack with $cfg['AllowArbitraryServer'] = true and persistent connections, see PMASA-2016-45
+- issue        [security] Improve SSL certificate handling
+- issue        [security] Fix full path disclosure in debugging code
+- issue        [security] Possible circumvention of IP-based allow/deny rules with IPv6 and proxy server, see PMASA-2016-47
+- issue        [security] Detect if user is logged in, see PMASA-2016-48
+- issue        [security] Bypass URL redirection protection, see PMASA-2016-49
+- issue        [security] Referrer leak, see PMASA-2016-50
+- issue        [security] Reflected File Download, see PMASA-2016-51
+- issue        [security] ArbitraryServerRegexp bypass, see PMASA-2016-52
+- issue        [security] Denial-of-service attack by entering long password, see PMASA-2016-53
+- issue        [security] Remote code execution vulnerability when running as CGI, see PMASA-2016-054
+- issue        [security] Administrators could trigger SQL injection attack against users
+- issue        [security] Denial-of-service attack when PHP uses dbase extension, see PMASA-2016-55
+- issue        [security] Remove tode execution vulnerability when PHP uses dbase extension, see PMASA-2016-56
+- issue        [security] Denial-of-service attack by using for loops, see PMASA-2016-46
 - issue        Include X-Robots-Tag header in responses
 - issue        Enforce numeric field length when creating table
 - issue        Fixed invalid Content-Length in some HTTP responses
diff --git a/README b/README
index 52733e4578..b68c4c4bd9 100644
--- a/README
+++ b/README
@@ -1,7 +1,7 @@
 phpMyAdmin - Readme
 ===================
 
-Version 4.6.4-dev
+Version 4.6.4
 
 A web interface for MySQL and MariaDB.
 
diff --git a/doc/conf.py b/doc/conf.py
index 03c053f595..b13b14e1f2 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -51,7 +51,7 @@ copyright = u'2012 - 2016, The phpMyAdmin devel team'
 # built documents.
 #
 # The short X.Y version.
-version = '4.6.4-dev'
+version = '4.6.4'
 # The full version, including alpha/beta/rc tags.
 release = version
 
diff --git a/libraries/Config.php b/libraries/Config.php
index c1ed5b67ba..eaa493705a 100644
--- a/libraries/Config.php
+++ b/libraries/Config.php
@@ -101,7 +101,7 @@ class Config
      */
     public function checkSystem()
     {
-        $this->set('PMA_VERSION', '4.6.4-dev');
+        $this->set('PMA_VERSION', '4.6.4');
         /**
          * @deprecated
          */
author	Isaac Bennetch <bennetch@gmail.com>	2016-08-16 23:38:46 +0300
committer	Isaac Bennetch <bennetch@gmail.com>	2016-08-16 23:38:46 +0300
commit	b9a6a9993e175ff13375462333ce1139095d01e1 (patch)
tree	540a7ed03dfda8d29423799f1c8f718cb9defbb6
parent	0f6b76b57844af5b43675c9ff5489d1a3a6baa63 (diff)