meta-openembedded

mirrors/meta-openembedded

Fork 0

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00

Commit Graph

Author	SHA1	Message	Date
Dragos-Marian Panait	99047e44ce	phpmyadmin: fix CVE-2023-25727 In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-25727 Upstream patch: https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com> Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2023-04-04 09:04:49 -04:00
Khem Raj	312832a3c5	recipes: Update LICENSE variable to use SPDX license identifiers Signed-off-by: Khem Raj <raj.khem@gmail.com>	2022-03-04 17:41:45 -08:00
Zheng Ruoqin	0733019d04	phpmyadmin: upgrade 5.1.2 -> 5.1.3 Changelog: ========= - Fix broken pagination links in the navigation sidebar - Fix MariaDB has no support for system variable "disabled_storage_engines" - Fix unsupported operand types in Results.php when running "SHOW PROCESSLIST" SQL query - Fixed importing browser settings question box after login when having no pmadb - Fix "First day of calendar" user override has no effect - Fixed repeating headers are not working - Fixed import of email-adresses or links from ODS results in empty contents - Fixed a type error on ODS import with non string values - Fixed header row show/hide columns buttons on each line after hover are shown on each row - [security] Fix for path disclosure under certain server configurations (if display_errors is on, for instance) Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>	2022-02-23 09:25:19 -08:00

Author

SHA1

Message

Date

Dragos-Marian Panait

99047e44ce

phpmyadmin: fix CVE-2023-25727

In phpMyAdmin before 4.9.11 and 5.x before 5.2.1,
an authenticated user can trigger XSS by
uploading a crafted .sql file through the drag-and-drop interface.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-25727

Upstream patch:
https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e

Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

2023-04-04 09:04:49 -04:00

Khem Raj

312832a3c5

recipes: Update LICENSE variable to use SPDX license identifiers

Signed-off-by: Khem Raj <raj.khem@gmail.com>

2022-03-04 17:41:45 -08:00

Zheng Ruoqin

0733019d04

phpmyadmin: upgrade 5.1.2 -> 5.1.3

Changelog:
=========
- Fix broken pagination links in the navigation sidebar
- Fix MariaDB has no support for system variable "disabled_storage_engines"
- Fix unsupported operand types in Results.php when running "SHOW PROCESSLIST" SQL query
- Fixed importing browser settings question box after login when having no pmadb
- Fix "First day of calendar" user override has no effect
- Fixed repeating headers are not working
- Fixed import of email-adresses or links from ODS results in empty contents
- Fixed a type error on ODS import with non string values
- Fixed header row show/hide columns buttons on each line after hover are shown on each row
- [security] Fix for path disclosure under certain server configurations (if display_errors is on, for instance)

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>

2022-02-23 09:25:19 -08:00

3 Commits