Subject: CVS commit: [pkgsrc-2008Q2] pkgsrc/databases/phpmyadmin
From: Tyler R. Retzlaff
Date: 2008-07-18 12:05:00
Message id: 20080718100500.4A26C175D0@cvs.netbsd.org

Log Message:
pullup ticket #2451 requested by tron
phpmyadmin: package update for bug and security fixes

revisions pulled up:
pkgsrc/databases/phpmyadmin/Makefile	1.73
pkgsrc/databases/phpmyadmin/distinfo	1.36

Module Name:	pkgsrc
Committed By:	tron
Date:		Thu Jul 17 15:55:16 UTC 2008

   Modified Files:
   	pkgsrc/databases/phpmyadmin: Makefile distinfo

   Log Message:
   Updatep "phpmyadmin" package to version 2.11.7.1. Changes since 2.11.7:
   - bug #1908719 [interface] New field cannot be auto-increment and
     primary key
   - [dbi] Incorrect interpretation for some mysqli field flags
   - bug #1910621 [display] part 1: do not display a TEXT utf8_bin
     as BLOB (fixed for mysqli extension only)
   - [interface] sanitize the after_field parameter,
     thanks to Norman Hippert
   - [structure] do not remove the BINARY attribute in drop-down
   - bug #1955386 [session] Overriding session.hash_bits_per_character
   - [interface] sanitize the table comments in table print view,
     thanks to Norman Hippert
   - bug #1939031 Auto_Increment selected for TimeStamp by Default
   - patch #1957998 [display] No tilde for InnoDB row counter when
     we know it for sure, thanks to Vladyslav Bakayev - dandy76
   - bug #1955572 [display] alt text causes duplicated strings
   - bug #1762029 [interface] Cannot upload BLOB into existing row
   - bug #1981043 [export] HTML in exports getting corrupted,
     thanks to Jason Judge - jasonjudge
   - bug #1936761 [interface] BINARY not treated as BLOB:
     update/delete issues
   - protection against XSS when register_globals is on and .htaccess
     has no effect, thanks to Tim Starling
   - bug #1996943 [export] Firefox 3 and .sql.gz (corrupted);
     detect Gecko 1.9, thanks to Juergen Wind
   - (2.11.7.1)  [security] XSRF/CSRF by manipulating the db,
     convcharset and collation_connection parameters,
     thanks to YGN Ethical Hacker Group

   This update fixes the security vulnerability reported in PMASA-2008-5.

Files:
RevisionActionfile
1.72.4.1modifypkgsrc/databases/phpmyadmin/Makefile
1.35.4.1modifypkgsrc/databases/phpmyadmin/distinfo