diff options
author | Isaac Bennetch <bennetch@gmail.com> | 2016-11-24 18:59:16 +0300 |
---|---|---|
committer | Isaac Bennetch <bennetch@gmail.com> | 2016-11-24 18:59:16 +0300 |
commit | 0748384685693e3ecf97b021ccab075e295d4d65 (patch) | |
tree | 6b81f205ed652651f24d49fb443cd09f675f42f6 | |
parent | a9e3827b190c386fc6cc0389668545ff0e2b4fdb (diff) |
4.4.15.9 release and ChangeLogRELEASE_4_4_15_9
Signed-off-by: Isaac Bennetch <bennetch@gmail.com>
-rw-r--r-- | ChangeLog | 14 | ||||
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | doc/conf.py | 2 | ||||
-rw-r--r-- | libraries/Config.class.php | 2 |
4 files changed, 16 insertions, 4 deletions
@@ -1,8 +1,20 @@ phpMyAdmin - ChangeLog ====================== -4.4.15.8 (not yet released) +4.4.15.9 (2016-11-24) - issue #12485 Do not show warning about short blowfish_secret if none is set +- issue [security] Unsafe generation of $cfg['blowfish_secret'], see PMASA-2016-58 +- issue [security] phpMyAdmin's phpinfo functionality is removed, see PMASA-2016-59 +- issue [security] AllowRoot and allow/deny rule bypass with specially-crafted username, see PMASA-2016-60 +- issue [security] Username matching weaknesses with allow/deny rules, see PMASA-2016-61 +- issue [security] Possible to bypass logout timeout, see PMASA-2016-62 +- issue [security] Full path disclosure (FPD) weaknesses, see PMASA-2016-63 +- issue [security] Multiple XSS weaknesses, see PMASA-2016-64 +- issue [security] Multiple denial-of-service (DOS) vulnerabilities, see PMASA-2016-65 +- issue [security] Possible to bypass white-list protection for URL redirection, see PMASA-2016-66 +- issue [security] Multiple SQL injection vulnerabilities, see PMASA-2016-69 +- issue [security] Incorrect serialized string parsing, see PMASA-2016-70 +- issue [security] CSRF token not stripped from the URL, see PMASA-2016-71 4.4.15.8 (2016-08-16) - issue [security] Weaknesses with cookie encryption, see PMASA-2016-29 @@ -1,7 +1,7 @@ phpMyAdmin - Readme =================== -Version 4.4.15.8 +Version 4.4.15.9 A set of PHP-scripts to manage MySQL over the web. diff --git a/doc/conf.py b/doc/conf.py index 121ca827e5..8565ac7e94 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -51,7 +51,7 @@ copyright = u'2012 - 2014, The phpMyAdmin devel team' # built documents. # # The short X.Y version. -version = '4.4.15.8' +version = '4.4.15.9' # The full version, including alpha/beta/rc tags. release = version diff --git a/libraries/Config.class.php b/libraries/Config.class.php index 89d5ef114a..f2fdbe126d 100644 --- a/libraries/Config.class.php +++ b/libraries/Config.class.php @@ -114,7 +114,7 @@ class PMA_Config */ function checkSystem() { - $this->set('PMA_VERSION', '4.4.15.8'); + $this->set('PMA_VERSION', '4.4.15.9'); /** * @deprecated */ |