aboutsummaryrefslogtreecommitdiffstats
path: root/meta-webserver/recipes-php/phpmyadmin/phpmyadmin
AgeCommit message (Collapse)Author
2015-01-07phpmyadmin: update to 4.3.4paule/phpPaul Eggleton
Drop patches merged upstream. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-10-31phpmyadmin: fix for Security Advisory CVE-2014-7217Roy Li
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the (1) table search or (2) table structure page, related to libraries/TableSearch.class.php and libraries/Util.class.php. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7217 Signed-off-by: Roy Li <rongqing.li@windriver.com>
2014-10-31phpmyadmin: fix for Security Advisory CVE-2014-5274Roy Li
Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5274 Signed-off-by: Roy Li <rongqing.li@windriver.com>
2014-10-31phpmyadmin: fix for Security Advisory CVE-2014-5273Roy Li
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) browse table page, related to js/sql.js; (2) ENUM editor page, related to js/functions.js; (3) monitor page, related to js/server_status_monitor.js; (4) query charts page, related to js/tbl_chart.js; or (5) table relations page, related to libraries/tbl_relation.lib.php. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5273 Signed-off-by: Roy Li <rongqing.li@windriver.com>
2012-10-09phpmyadmin: add new recipePaul Eggleton
Add new recipe for phpMyAdmin 3.5.2.2, borrowing the apache.conf file from Debian (with the addition of "Require all granted" to enable access). Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>