aboutsummaryrefslogtreecommitdiffstats
path: root/meta-webserver/recipes-php
diff options
context:
space:
mode:
Diffstat (limited to 'meta-webserver/recipes-php')
-rw-r--r--meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4504-security-Self-XSS-in-query-charts.patch29
-rw-r--r--meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb1
2 files changed, 30 insertions, 0 deletions
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4504-security-Self-XSS-in-query-charts.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4504-security-Self-XSS-in-query-charts.patch
new file mode 100644
index 0000000000..27eac77629
--- /dev/null
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4504-security-Self-XSS-in-query-charts.patch
@@ -0,0 +1,29 @@
+From 90ddeecf60fc029608b972e490b735f3a65ed0cb Mon Sep 17 00:00:00 2001
+From: Madhura Jayaratne <madhura.cj@gmail.com>
+Date: Sun, 17 Aug 2014 08:52:05 -0400
+Subject: [PATCH] bug #4504 [security] Self-XSS in query charts
+
+Upstream-status: Backport
+
+Signed-off-by: Marc Delisle <marc@infomarc.info>
+---
+ js/tbl_chart.js | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+ 4.2.7.0 (2014-07-31)
+diff --git a/js/tbl_chart.js b/js/tbl_chart.js
+index 943d4ae..04c9c40 100644
+--- a/js/tbl_chart.js
++++ b/js/tbl_chart.js
+@@ -47,7 +47,7 @@ function PMA_queryChart(data, columnNames, settings) {
+ },
+ axes : {
+ xaxis : {
+- label : settings.xaxisLabel
++ label : escapeHtml(settings.xaxisLabel)
+ },
+ yaxis : {
+ label : settings.yaxisLabel
+--
+1.7.10.4
+
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
index 0de3f6d43c..c267d89621 100644
--- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=eb723b61539feef013de476e68b5c50a \
file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c"
SRC_URI = "${SOURCEFORGE_MIRROR}/phpmyadmin/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \
+ file://0001-bug-4504-security-Self-XSS-in-query-charts.patch \
file://apache.conf"
SRC_URI[md5sum] = "0dcd755450dac819f33502590c88ad29"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-01 07:05:58 +0000