diff options
| author | Isaac Bennetch <bennetch@gmail.com> | 2016-11-24 18:54:44 +0300 |
|---|---|---|
| committer | Isaac Bennetch <bennetch@gmail.com> | 2016-11-24 18:54:44 +0300 |
| commit | 8783113cec408ad9a81f17e3a97db6c4732e6164 (patch) | |
| tree | 110a9db1b0acf798c6c3fea9492da4b781390026 | |
| parent | 670359777263517b92908677fafc7e8dcd377ec5 (diff) | |
4.0.10.18 release and ChangeLogRELEASE_4_0_10_18
Signed-off-by: Isaac Bennetch <bennetch@gmail.com>
| -rw-r--r-- | ChangeLog | 14 | ||||
| -rw-r--r-- | README | 2 | ||||
| -rw-r--r-- | doc/conf.py | 2 | ||||
| -rw-r--r-- | libraries/Config.class.php | 2 |
4 files changed, 16 insertions, 4 deletions
@@ -1,8 +1,20 @@ phpMyAdmin - ChangeLog ====================== -4.0.10.18 (not yet released) +4.0.10.18 (2016-11-24) - issue #12485 Do not show warning about short blowfish_secret if none is set +- issue [security] Open redirection issue, see PMASA-2016-57 +- issue [security] Unsafe generation of $cfg['blowfish_secret'], see PMASA-2016-58 +- issue [security] phpMyAdmin's phpinfo functionality is removed, see PMASA-2016-59 +- issue [security] AllowRoot and allow/deny rule bypass with specially-crafted username, see PMASA-2016-60 +- issue [security] Username matching weaknesses with allow/deny rules, see PMASA-2016-61 +- issue [security] Full path disclosure (FPD) weaknesses, see PMASA-2016-63 +- issue [security] Multiple cross-site scripting (XSS) weaknesses, see PMASA-2016-64 +- issue [security] Multiple denial-of-service (DOS) vulnerabilities, see PMASA-2016-65 +- issue [security] Possible to bypass white-list protection for URL redirection, see PMASA-2016-66 +- issue [security] Multiple SQL injection vulnerabilities, see PMASA-2016-69 +- issue [security] Incorrect serialized string parsing, see PMASA-2016-70 +- issue [security] CSRF token not stripped from the URL, see PMASA-2016-71 4.0.10.17 (2016-08-16) - issue [security] Weaknesses with cookie encryption, see PMASA-2016-29 @@ -1,7 +1,7 @@ phpMyAdmin - Readme =================== -Version 4.0.10.17 +Version 4.0.10.18 A set of PHP-scripts to manage MySQL over the web. diff --git a/doc/conf.py b/doc/conf.py index a75e77b9d3..494711423c 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -49,7 +49,7 @@ copyright = u'2012 - 2013, The phpMyAdmin devel team' # built documents. # # The short X.Y version. -version = '4.0.10.17' +version = '4.0.10.18' # The full version, including alpha/beta/rc tags. release = version diff --git a/libraries/Config.class.php b/libraries/Config.class.php index 7f16a654d2..2d98a8d8f0 100644 --- a/libraries/Config.class.php +++ b/libraries/Config.class.php @@ -102,7 +102,7 @@ class PMA_Config */ function checkSystem() { - $this->set('PMA_VERSION', '4.0.10.17'); + $this->set('PMA_VERSION', '4.0.10.18'); /** * @deprecated */ |