./databases/phpmyadmin, Set of PHP-scripts to adminstrate MySQL over the WWW

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 4.6.4, Package name: phpmyadmin-4.6.4, Maintainer: pkgsrc-users

phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the Web. Currently it can:

- create and drop databases
- create, copy, drop and alter tables
- delete, edit and add fields
- execute any SQL-statement, even batch-queries
- manage keys on fields
- load text files into tables
- create and read dumps of tables
- export and import CSV data
- administer one single database as well as a whole database server
- communicate in 47 different languages


Required to run:
[textproc/php-json] [graphics/php-gd] [archivers/php-bz2] [archivers/php-zlib] [archivers/php-zip] [security/php-mcrypt] [devel/php-gettext] [converters/php-mbstring] [databases/php-mysqli]

Master sites:

SHA1: 9ae9e5a8d917960106f8359ea555e31097e12a77
RMD160: 445f08b898ad4255e94abfbc4035db3500114f12
Filesize: 5993.18 KB

Version history: (Expand)

CVS history: (Expand)

   2016-08-23 17:53:14 by Takahiro Kambe | Files touched by this commit (5) | Package updated
Log message:
Update phpmyadmin to 4.6.4.

pkgsrc changes:

* Overhaul Makefile.
  - Remove use of INSTALL_DIRS and simplify install process.
  - Utilize pkgsrc SUBST_*.
  - Stop other pkglint warninggs.
* Drop some dot files from installation.

Quote from Changes:

4.6.4 (2016-08-16)
- issue        [security] Weaknesses with cookie encryption, see PMASA-2016-29
- issue        [security] Improve session cookie code for openid.php and \ 
signon.php example files
- issue        [security] Full path disclosure in openid.php and signon.php \ 
example files
- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-30
- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-31
- issue        [security] Unsafe generation of BlowfishSecret (when not supplied \ 
by the user)
- issue        [security] Referrer leak when phpinfo is enabled
- issue        [security] PHP code injection, see PMASA-2016-32
- issue        [security] Full path disclosure, see PMASA-2016-33
- issue        [security] SQL injection attack, see PMASA-2016-34
- issue        [security] Local file exposure through LOAD DATA LOCAL INFILE, \ 
see PMASA-2016-35
- issue        [security] Local file exposure through symlinks with UploadDir, \ 
see PMASA-2016-36
- issue        [security] Path traversal with SaveDir and UploadDir, see \ 
- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-38
- issue        [security] SQL injection vulnerability as control user, see \ 
- issue        [security] SQL injection vulnerability, see PMASA-2016-40
- issue        [security] Denial-of-service attack through transformation \ 
feature, see PMASA-2016-41
- issue        [security] SQL injection vulnerability as control user, see \ 
- issue        [security] Verify data before unserializing, see PMASA-2016-43
- issue        [security] Use HTTPS for wiki links
- issue        Remove Swekey support
- issue        [security] SSRF in setup script, see PMASA-2016-44
- issue        [security] Denial-of-service attack with \ 
$cfg['AllowArbitraryServer'] = true and persistent connections, see \ 
- issue        [security] Improve SSL certificate handling
- issue        [security] Fix full path disclosure in debugging code
- issue        [security] Possible circumvention of IP-based allow/deny rules \ 
with IPv6 and proxy server, see PMASA-2016-47
- issue        [security] Detect if user is logged in, see PMASA-2016-48
- issue        [security] Bypass URL redirection protection, see PMASA-2016-49
- issue        [security] Referrer leak, see PMASA-2016-50
- issue        [security] Reflected File Download, see PMASA-2016-51
- issue        [security] ArbitraryServerRegexp bypass, see PMASA-2016-52
- issue        [security] Denial-of-service attack by entering long password, \ 
see PMASA-2016-53
- issue        [security] Remote code execution vulnerability when running as \ 
CGI, see PMASA-2016-054
- issue        [security] Administrators could trigger SQL injection attack \ 
against users
- issue        [security] Denial-of-service attack when PHP uses dbase \ 
extension, see PMASA-2016-55
- issue        [security] Remove tode execution vulnerability when PHP uses \ 
dbase extension, see PMASA-2016-56
- issue        [security] Denial-of-service attack by using for loops, see \ 
- issue        Include X-Robots-Tag header in responses
- issue        Enforce numeric field length when creating table
- issue        Fixed invalid Content-Length in some HTTP responses
- issue #12394 Create view should require a view name
- issue #12391 Message with 'Change password successfully' displayed, but does \ 
not take effect
- issue        Tighten control on PHP sessions and session cookies
- issue #12409 Re-enable overhead on server databases view
- issue #12414 Fixed rendering of Original theme
- issue #12413 Fixed deleting users in non English locales
- issue #12416 Fixed replication status output in Databases listing
- issue #12303 Avoid typecasting to float when not needed
- issue #12425 Duplicate message variable names in messages.inc.php
- issue #12399 Adding index to table shows wrong top navigation
- issue #12424 Fixed password change on MariaDB without auth plugin
- issue #12339 Do not error on unset server port
- issue #12422 Improvements to the original theme
- issue #12395 Do not try to load old transformation plugins
- issue #12423 Fixed replication status in database listing
- issue #12433 Copy table with prefix does not copy the indexes
- issue #12375 Search in database: Window content is not scrolling down when \ 
clicking first time on Browse link
- issue #12346 SQL Editor textareas can have their size increased from the top, \ 
distorting the page view
   2016-08-08 11:04:26 by Nils Ratusznik | Files touched by this commit (2)
Log message:
Fix PR pkg/51364.
This is not the suggested fix, but Makefile should be easier to read
this way.
   2016-06-28 15:32:35 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update phpmyadmin to 4.6.3, including security fixes.

pkgsrc change:
* Now allow php70.

Changes are too many to write here, please refer ChangeLog.
   2015-12-06 13:13:13 by Takahiro Kambe | Files touched by this commit (25)
Log message:
Explicitly restrict PHP_VERSIONS_ACCEPTED to 55 and 56 for packages which
use php-mysql package.
   2015-11-03 02:56:36 by Alistair G. Crooks | Files touched by this commit (368)
Log message:
Add SHA512 digests for distfiles for databases category

Problems found with existing distfiles:
No changes made to the cstore or mariadb55-client distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-05-15 19:36:06 by Matthias Scheler | Files touched by this commit (3)
Log message:
Reset maintainer.
   2015-03-18 22:25:28 by Matthias Scheler | Files touched by this commit (2) | Package updated
Log message:
Update "phpmyadmin" package to version 4.3.12. Changes since version 4.3.9:
- bug #4746 Right-aligned columns have left-aligned header
- bug #4779 PMA_Util::parseEnumSetValues fails on enums with UTF-8 values
- bug       Undefined index savedsearcheswork
- bug #4788 Inline edit of DATE fields with NULL, NULL checkbox is under
- bug #4790 DROP TABLE/VIEW IF EXISTS are not tracked
- bug       Compatibility with central columns of version 4.4
- bug #4758 Firefox with auth_type to http with multiple server doesn't
            work anymore
- bug #4789 Views aren't dropped when copying a database
- bug #4784 Incomplete bookmark saving
- bug #4786 SELECT width on relations page
- bug       [security] Risk of BREACH attack, see PMASA-2015-1
- bug #4774 SQL links are completely wrong
- bug #4768 MariaDB: version mismatch
- bug #4777 Some images are missing in Designer for original theme
- bug #4767 Drizzle: undefined index in mysql_charsets.inc.php
- bug #4753 Normal field and multi-line field have different margins
- bug #4760 Cannot re-import settings from local storage
- bug #4778 SQL error when database list is sorted by additional columns
- bug #4780 Notice when timestamp column does not have default value
- bug       Undefined index navwork
- bug #4744 Opening console scroll down the page
- bug       Remove extra column heading in view structure page
- bug       Add missing confirmation when deleting central columns
- bug       Undefined index DisableIS
- bug #4763 Database export with more than 512 tables fails
- bug #4769 Previously set column aliases are destroyed if returned to the
            same table
- bug #4752 Incorrect page after creating table
- bug #4771 Central Columns not working, showing error
   2015-02-18 22:28:10 by Matthias Scheler | Files touched by this commit (2) | Package updated
Log message:
Update "phpmyadmin" package to version 4.3.9. Changes since version 4.3.6:
- bug #4728 Incorrect headings in routine editor
- bug #4730 Notice while browsing tables when phpmyadmin pma database
            exists, but not all the tables
- bug #4729 Display original field when using "Relational display column"
            option and display column is empty
- bug #4734 Default values for binary fields do not support binary values
- bug #4736 Changing display options breaks query highlighting
- bug       Undefined index submit_type
- bug #4738 Header lose align when scrolling in Firefox
- bug #4741 in ./libraries/Advisor.class.php#184 vsprintf(): Too few arguments
- bug #4743 Unable to move cursor with keyboard in filter rows box
- bug       Incorrect link in doc
- bug #4745 Tracking does not handle views properly
- bug #4706 Schema export doesn't handle dots in db/table name
- bug #3935 Table Header not displayed correct (Safari 5.0.5 Mac)
- bug #4750 Disable renaming referenced columns
- bug #4748 Column name center-aligned instead of left-aligned in Relations
- bug       Undefined constant PMA_DRIZZLE
- bug #4712 Wrongly positioned date-picker while Grid-Editing
- bug #4714 Forced ORDER BY for own sql statements
- bug #4721 Undefined property: stdClass::$version
- bug #4719 'only_db' not working
- bug #4700 Error text: Internal Server Error
- bug #4722 Incorrect width table summary when favorite tables is disabled
- bug #4710 Nav tree error after filtering the tables
- bug #4716 Collapse all in navigation panel is sometimes broken
- bug #4724 Cannot navigate in filtered table list
- bug #4717 Database navigation menu broken when resolution/screen is changing
- bug #4727 Collation column missing in database list when DisableIS is true
- bug       Undefined index central_columnswork
- bug       Undefined index favorite_tables
- bug #4694 js error on marking table as favorite in Safari (in private mode)
- bug #4695 Changing $cfg['DefaultTabTable'] doesn't update link and title
- bug       Undefined index menuswork
- bug       Undefined index navwork
- bug       Undefined index central_columnswork
- bug #4697 Server Status refresh not behaving as expected
- bug       Null argument in array_multisort()
- bug #4699 Navigation panel should not hide icons based on
- bug #4703 Unsaved schema page exported as pdf.pdf
- bug #4707 Call to undefined method PMA_Schema_PDF::dieSchema()
- bug #4702 URL is non RFC-2396 compatible in get_scripts.js.php