4.4.15.9 release and ChangeLogRELEASE_4_4_15_9

Signed-off-by: Isaac Bennetch <bennetch@gmail.com>
author: Isaac Bennetch <bennetch@gmail.com> 2016-11-24 18:59:16 +0300
committer: Isaac Bennetch <bennetch@gmail.com> 2016-11-24 18:59:16 +0300
commit: 0748384685693e3ecf97b021ccab075e295d4d65 (patch)
tree: 6b81f205ed652651f24d49fb443cd09f675f42f6
parent: a9e3827b190c386fc6cc0389668545ff0e2b4fdb (diff)
4 files changed, 16 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index c85bad5c00..ac89e16052 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,20 @@
 phpMyAdmin - ChangeLog
 ======================
 
-4.4.15.8 (not yet released)
+4.4.15.9 (2016-11-24)
 - issue #12485 Do not show warning about short blowfish_secret if none is set
+- issue        [security] Unsafe generation of $cfg['blowfish_secret'], see PMASA-2016-58
+- issue        [security] phpMyAdmin's phpinfo functionality is removed, see PMASA-2016-59
+- issue        [security] AllowRoot and allow/deny rule bypass with specially-crafted username, see PMASA-2016-60
+- issue        [security] Username matching weaknesses with allow/deny rules, see PMASA-2016-61
+- issue        [security] Possible to bypass logout timeout, see PMASA-2016-62
+- issue        [security] Full path disclosure (FPD) weaknesses, see PMASA-2016-63
+- issue        [security] Multiple XSS weaknesses, see PMASA-2016-64
+- issue        [security] Multiple denial-of-service (DOS) vulnerabilities, see PMASA-2016-65
+- issue        [security] Possible to bypass white-list protection for URL redirection, see PMASA-2016-66
+- issue        [security] Multiple SQL injection vulnerabilities, see PMASA-2016-69
+- issue        [security] Incorrect serialized string parsing, see PMASA-2016-70
+- issue        [security] CSRF token not stripped from the URL, see PMASA-2016-71
 
 4.4.15.8 (2016-08-16)
 - issue        [security] Weaknesses with cookie encryption, see PMASA-2016-29
diff --git a/README b/README
index 935d046a8c..c24228295a 100644
--- a/README
+++ b/README
@@ -1,7 +1,7 @@
 phpMyAdmin - Readme
 ===================
 
-Version 4.4.15.8
+Version 4.4.15.9
 
 A set of PHP-scripts to manage MySQL over the web.
 
diff --git a/doc/conf.py b/doc/conf.py
index 121ca827e5..8565ac7e94 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -51,7 +51,7 @@ copyright = u'2012 - 2014, The phpMyAdmin devel team'
 # built documents.
 #
 # The short X.Y version.
-version = '4.4.15.8'
+version = '4.4.15.9'
 # The full version, including alpha/beta/rc tags.
 release = version
 
diff --git a/libraries/Config.class.php b/libraries/Config.class.php
index 89d5ef114a..f2fdbe126d 100644
--- a/libraries/Config.class.php
+++ b/libraries/Config.class.php
@@ -114,7 +114,7 @@ class PMA_Config
      */
     function checkSystem()
     {
-        $this->set('PMA_VERSION', '4.4.15.8');
+        $this->set('PMA_VERSION', '4.4.15.9');
         /**
          * @deprecated
          */
author	Isaac Bennetch <bennetch@gmail.com>	2016-11-24 18:59:16 +0300
committer	Isaac Bennetch <bennetch@gmail.com>	2016-11-24 18:59:16 +0300
commit	0748384685693e3ecf97b021ccab075e295d4d65 (patch)
tree	6b81f205ed652651f24d49fb443cd09f675f42f6
parent	a9e3827b190c386fc6cc0389668545ff0e2b4fdb (diff)