Sun Jul 27 06:37:19 2014 UTC ()
Pullup ticket #4464 - requested by tron
databases/phpmyadmin: security update

Revisions pulled up:
- databases/phpmyadmin/Makefile                                 1.131
- databases/phpmyadmin/PLIST                                    1.37
- databases/phpmyadmin/distinfo                                 1.88

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Sat Jul 26 10:33:02 UTC 2014

   Modified Files:
   	pkgsrc/databases/phpmyadmin: Makefile PLIST distinfo

   Log Message:
   Update "phpmyadmin" package to version 4.2.6. The following bugs have
   been fixed since version 4.2.5:
   - bug #4471 Undefined index warning with referenced column.
   - bug #4027 $cfg['MaxExactCount'] is ignored when BROWSING is back
   - bug #4482 Multi Column sorting (improved user experience)
   - bug #4478 Server validation does not work while in setup/mysqli
   - bug       Undefined variable when grid editing a foreign key column
   - bug #4481 mult_submits.inc.php Undefined variable Error
   - bug #4485 Sorting breaks the copy column feature
   - bug #4440 Javascript error when renaming table
   - bug #4483 'New window' link (selflink) disappears, causing Javascript err=
   or
   - bug #4489 Incorrect detection of privileges for routine creation
   - bug #4459 First few characters of database name aren't clickable when
               expanded
   - bug #4486 [security] XSS injection due to unescaped table comment
   - bug #4488 [security] XSS injection due to unescaped table name (triggers)
   - bug #4492 [security] XSS in AJAX confirmation messages
   - bug #4491 [security] Missing validation for accessing User groups feature

   To generate a diff of this commit:
   cvs rdiff -u -r1.130 -r1.131 pkgsrc/databases/phpmyadmin/Makefile
   cvs rdiff -u -r1.36 -r1.37 pkgsrc/databases/phpmyadmin/PLIST
   cvs rdiff -u -r1.87 -r1.88 pkgsrc/databases/phpmyadmin/distinfo


(spz)
diff -r1.129.2.1 -r1.129.2.2 pkgsrc/databases/phpmyadmin/Makefile
diff -r1.36 -r1.36.2.1 pkgsrc/databases/phpmyadmin/PLIST
diff -r1.86.2.1 -r1.86.2.2 pkgsrc/databases/phpmyadmin/distinfo
cvs diff -r1.129.2.1 -r1.129.2.2 pkgsrc/databases/phpmyadmin/Makefile (expand / switch to unified diff)

--- pkgsrc/databases/phpmyadmin/Makefile 2014/07/15 06:53:41 1.129.2.1
+++ pkgsrc/databases/phpmyadmin/Makefile 2014/07/27 06:37:19 1.129.2.2
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: Makefile,v 1.129.2.1 2014/07/15 06:53:41 spz Exp $ 1# $NetBSD: Makefile,v 1.129.2.2 2014/07/27 06:37:19 spz Exp $
2 2
3DISTNAME= phpMyAdmin-${DIST_VERSION}-all-languages 3DISTNAME= phpMyAdmin-${DIST_VERSION}-all-languages
4PKGNAME= phpmyadmin-${DIST_VERSION:S/-//} 4PKGNAME= phpmyadmin-${DIST_VERSION:S/-//}
5CATEGORIES= databases www 5CATEGORIES= databases www
6MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=phpmyadmin/} 6MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=phpmyadmin/}
7EXTRACT_SUFX= .tar.xz 7EXTRACT_SUFX= .tar.xz
8 8
9OWNER= tron@NetBSD.org 9OWNER= tron@NetBSD.org
10HOMEPAGE= http://www.phpmyadmin.net/ 10HOMEPAGE= http://www.phpmyadmin.net/
11COMMENT= Set of PHP-scripts to adminstrate MySQL over the WWW 11COMMENT= Set of PHP-scripts to adminstrate MySQL over the WWW
12LICENSE= gnu-gpl-v2 12LICENSE= gnu-gpl-v2
13 13
14DEPENDS+= ${PHP_PKG_PREFIX}-bz2>=5.3.0:../../archivers/php-bz2 14DEPENDS+= ${PHP_PKG_PREFIX}-bz2>=5.3.0:../../archivers/php-bz2
@@ -18,27 +18,27 @@ DEPENDS+= ${PHP_PKG_PREFIX}-mbstring>=5. @@ -18,27 +18,27 @@ DEPENDS+= ${PHP_PKG_PREFIX}-mbstring>=5.
18DEPENDS+= ${PHP_PKG_PREFIX}-gettext>=5.3.0:../../devel/php-gettext 18DEPENDS+= ${PHP_PKG_PREFIX}-gettext>=5.3.0:../../devel/php-gettext
19DEPENDS+= ${PHP_PKG_PREFIX}-mysqli>=5.3.0:../../databases/php-mysqli 19DEPENDS+= ${PHP_PKG_PREFIX}-mysqli>=5.3.0:../../databases/php-mysqli
20DEPENDS+= ${PHP_PKG_PREFIX}-gd>=5.3.0:../../graphics/php-gd 20DEPENDS+= ${PHP_PKG_PREFIX}-gd>=5.3.0:../../graphics/php-gd
21DEPENDS+= ${PHP_PKG_PREFIX}-mcrypt>=5.3.0:../../security/php-mcrypt 21DEPENDS+= ${PHP_PKG_PREFIX}-mcrypt>=5.3.0:../../security/php-mcrypt
22DEPENDS+= ${PHP_PKG_PREFIX}-json>=5.3.0:../../textproc/php-json 22DEPENDS+= ${PHP_PKG_PREFIX}-json>=5.3.0:../../textproc/php-json
23 23
24FILES_SUBST+= APACHE_GROUP=${APACHE_GROUP} APACHE_USER=${APACHE_USER} 24FILES_SUBST+= APACHE_GROUP=${APACHE_GROUP} APACHE_USER=${APACHE_USER}
25FILES_SUBST+= PMSETUPDIR=${PMSETUPDIR} PMSETUPFILE=${PMSETUPFILE} 25FILES_SUBST+= PMSETUPDIR=${PMSETUPDIR} PMSETUPFILE=${PMSETUPFILE}
26PLIST_SUBST+= DIST_VERSION=${DIST_VERSION:Q} 26PLIST_SUBST+= DIST_VERSION=${DIST_VERSION:Q}
27MESSAGE_SUBST+= CONF_INC_PHP=${CONF_INC_PHP} PMCONFFILE=${PMCONFFILE:Q} \ 27MESSAGE_SUBST+= CONF_INC_PHP=${CONF_INC_PHP} PMCONFFILE=${PMCONFFILE:Q} \
28 EXDIR=${EXDIR:Q} 28 EXDIR=${EXDIR:Q}
29 29
30CONF_INC_PHP= ${PREFIX}/share/phpmyadmin/config.inc.php 30CONF_INC_PHP= ${PREFIX}/share/phpmyadmin/config.inc.php
31DIST_VERSION= 4.2.5 31DIST_VERSION= 4.2.6
32DOC_FILES= ChangeLog LICENSE README RELEASE-DATE-${DIST_VERSION} 32DOC_FILES= ChangeLog LICENSE README RELEASE-DATE-${DIST_VERSION}
33 33
34APACHE_USER?= www 34APACHE_USER?= www
35APACHE_GROUP?= www 35APACHE_GROUP?= www
36PKG_GROUPS= ${APACHE_GROUP} 36PKG_GROUPS= ${APACHE_GROUP}
37PKG_USERS= ${APACHE_USER}:${APACHE_GROUP} 37PKG_USERS= ${APACHE_USER}:${APACHE_GROUP}
38BUILD_DEFS+= APACHE_USER APACHE_GROUP 38BUILD_DEFS+= APACHE_USER APACHE_GROUP
39 39
40PKG_USERS_VARS+= APACHE_USER 40PKG_USERS_VARS+= APACHE_USER
41PKG_GROUPS_VARS+= APACHE_GROUP 41PKG_GROUPS_VARS+= APACHE_GROUP
42 42
43EXDIR= ${PREFIX}/share/examples/phpmyadmin 43EXDIR= ${PREFIX}/share/examples/phpmyadmin
44PMCONFFILE= ${PKG_SYSCONFDIR}/config.inc.php 44PMCONFFILE= ${PKG_SYSCONFDIR}/config.inc.php
cvs diff -r1.36 -r1.36.2.1 pkgsrc/databases/phpmyadmin/PLIST (expand / switch to unified diff)

--- pkgsrc/databases/phpmyadmin/PLIST 2014/06/04 20:40:33 1.36
+++ pkgsrc/databases/phpmyadmin/PLIST 2014/07/27 06:37:19 1.36.2.1
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.36 2014/06/04 20:40:33 tron Exp $ 1@comment $NetBSD: PLIST,v 1.36.2.1 2014/07/27 06:37:19 spz Exp $
2share/doc/phpmyadmin/ChangeLog 2share/doc/phpmyadmin/ChangeLog
3share/doc/phpmyadmin/LICENSE 3share/doc/phpmyadmin/LICENSE
4share/doc/phpmyadmin/README 4share/doc/phpmyadmin/README
5share/doc/phpmyadmin/RELEASE-DATE-${DIST_VERSION} 5share/doc/phpmyadmin/RELEASE-DATE-${DIST_VERSION}
6share/examples/phpmyadmin/apache.conf 6share/examples/phpmyadmin/apache.conf
7share/examples/phpmyadmin/config.inc.php 7share/examples/phpmyadmin/config.inc.php
8share/examples/phpmyadmin/config.manyhosts.inc.php 8share/examples/phpmyadmin/config.manyhosts.inc.php
9share/examples/phpmyadmin/create_tables.sql 9share/examples/phpmyadmin/create_tables.sql
10share/examples/phpmyadmin/create_tables_drizzle.sql 10share/examples/phpmyadmin/create_tables_drizzle.sql
11share/examples/phpmyadmin/openid.php 11share/examples/phpmyadmin/openid.php
12share/examples/phpmyadmin/signon-script.php 12share/examples/phpmyadmin/signon-script.php
13share/examples/phpmyadmin/signon.php 13share/examples/phpmyadmin/signon.php
14share/examples/phpmyadmin/swekey.sample.conf 14share/examples/phpmyadmin/swekey.sample.conf
@@ -77,27 +77,26 @@ share/phpmyadmin/file_echo.php @@ -77,27 +77,26 @@ share/phpmyadmin/file_echo.php
77share/phpmyadmin/gis_data_editor.php 77share/phpmyadmin/gis_data_editor.php
78share/phpmyadmin/import.php 78share/phpmyadmin/import.php
79share/phpmyadmin/import_status.php 79share/phpmyadmin/import_status.php
80share/phpmyadmin/index.php 80share/phpmyadmin/index.php
81share/phpmyadmin/js/OpenStreetMap.js 81share/phpmyadmin/js/OpenStreetMap.js
82share/phpmyadmin/js/ajax.js 82share/phpmyadmin/js/ajax.js
83share/phpmyadmin/js/canvg/MIT-LICENSE.txt 83share/phpmyadmin/js/canvg/MIT-LICENSE.txt
84share/phpmyadmin/js/canvg/canvg.js 84share/phpmyadmin/js/canvg/canvg.js
85share/phpmyadmin/js/chart.js 85share/phpmyadmin/js/chart.js
86share/phpmyadmin/js/codemirror/LICENSE 86share/phpmyadmin/js/codemirror/LICENSE
87share/phpmyadmin/js/codemirror/addon/runmode/runmode.js 87share/phpmyadmin/js/codemirror/addon/runmode/runmode.js
88share/phpmyadmin/js/codemirror/lib/codemirror.js 88share/phpmyadmin/js/codemirror/lib/codemirror.js
89share/phpmyadmin/js/codemirror/mode/sql/sql.js 89share/phpmyadmin/js/codemirror/mode/sql/sql.js
90share/phpmyadmin/js/columndelete.js 
91share/phpmyadmin/js/common.js 90share/phpmyadmin/js/common.js
92share/phpmyadmin/js/config.js 91share/phpmyadmin/js/config.js
93share/phpmyadmin/js/cross_framing_protection.js 92share/phpmyadmin/js/cross_framing_protection.js
94share/phpmyadmin/js/db_operations.js 93share/phpmyadmin/js/db_operations.js
95share/phpmyadmin/js/db_qbe.js 94share/phpmyadmin/js/db_qbe.js
96share/phpmyadmin/js/db_search.js 95share/phpmyadmin/js/db_search.js
97share/phpmyadmin/js/db_structure.js 96share/phpmyadmin/js/db_structure.js
98share/phpmyadmin/js/doclinks.js 97share/phpmyadmin/js/doclinks.js
99share/phpmyadmin/js/error_report.js 98share/phpmyadmin/js/error_report.js
100share/phpmyadmin/js/export.js 99share/phpmyadmin/js/export.js
101share/phpmyadmin/js/functions.js 100share/phpmyadmin/js/functions.js
102share/phpmyadmin/js/get_image.js.php 101share/phpmyadmin/js/get_image.js.php
103share/phpmyadmin/js/get_scripts.js.php 102share/phpmyadmin/js/get_scripts.js.php
@@ -187,26 +186,27 @@ share/phpmyadmin/js/jquery/src/jquery/ma @@ -187,26 +186,27 @@ share/phpmyadmin/js/jquery/src/jquery/ma
187share/phpmyadmin/js/jquery/src/jquery/offset.js 186share/phpmyadmin/js/jquery/src/jquery/offset.js
188share/phpmyadmin/js/jquery/src/jquery/outro.js 187share/phpmyadmin/js/jquery/src/jquery/outro.js
189share/phpmyadmin/js/jquery/src/jquery/queue.js 188share/phpmyadmin/js/jquery/src/jquery/queue.js
190share/phpmyadmin/js/jquery/src/jquery/selector-native.js 189share/phpmyadmin/js/jquery/src/jquery/selector-native.js
191share/phpmyadmin/js/jquery/src/jquery/serialize.js 190share/phpmyadmin/js/jquery/src/jquery/serialize.js
192share/phpmyadmin/js/jquery/src/jquery/sizzle-jquery.js 191share/phpmyadmin/js/jquery/src/jquery/sizzle-jquery.js
193share/phpmyadmin/js/jquery/src/jquery/support.js 192share/phpmyadmin/js/jquery/src/jquery/support.js
194share/phpmyadmin/js/jquery/src/jquery/traversing.js 193share/phpmyadmin/js/jquery/src/jquery/traversing.js
195share/phpmyadmin/js/jquery/src/jquery/wrap.js 194share/phpmyadmin/js/jquery/src/jquery/wrap.js
196share/phpmyadmin/js/keyhandler.js 195share/phpmyadmin/js/keyhandler.js
197share/phpmyadmin/js/line_counts.php 196share/phpmyadmin/js/line_counts.php
198share/phpmyadmin/js/makegrid.js 197share/phpmyadmin/js/makegrid.js
199share/phpmyadmin/js/messages.php 198share/phpmyadmin/js/messages.php
 199share/phpmyadmin/js/multi_column_sort.js
200share/phpmyadmin/js/navigation.js 200share/phpmyadmin/js/navigation.js
201share/phpmyadmin/js/openlayers/OpenLayers.js 201share/phpmyadmin/js/openlayers/OpenLayers.js
202share/phpmyadmin/js/openlayers/img/blank.gif 202share/phpmyadmin/js/openlayers/img/blank.gif
203share/phpmyadmin/js/openlayers/img/cloud-popup-relative.png 203share/phpmyadmin/js/openlayers/img/cloud-popup-relative.png
204share/phpmyadmin/js/openlayers/img/drag-rectangle-off.png 204share/phpmyadmin/js/openlayers/img/drag-rectangle-off.png
205share/phpmyadmin/js/openlayers/img/drag-rectangle-on.png 205share/phpmyadmin/js/openlayers/img/drag-rectangle-on.png
206share/phpmyadmin/js/openlayers/img/east-mini.png 206share/phpmyadmin/js/openlayers/img/east-mini.png
207share/phpmyadmin/js/openlayers/img/layer-switcher-maximize.png 207share/phpmyadmin/js/openlayers/img/layer-switcher-maximize.png
208share/phpmyadmin/js/openlayers/img/layer-switcher-minimize.png 208share/phpmyadmin/js/openlayers/img/layer-switcher-minimize.png
209share/phpmyadmin/js/openlayers/img/marker-blue.png 209share/phpmyadmin/js/openlayers/img/marker-blue.png
210share/phpmyadmin/js/openlayers/img/marker-gold.png 210share/phpmyadmin/js/openlayers/img/marker-gold.png
211share/phpmyadmin/js/openlayers/img/marker-green.png 211share/phpmyadmin/js/openlayers/img/marker-green.png
212share/phpmyadmin/js/openlayers/img/marker.png 212share/phpmyadmin/js/openlayers/img/marker.png
cvs diff -r1.86.2.1 -r1.86.2.2 pkgsrc/databases/phpmyadmin/distinfo (expand / switch to unified diff)

--- pkgsrc/databases/phpmyadmin/distinfo 2014/07/15 06:53:41 1.86.2.1
+++ pkgsrc/databases/phpmyadmin/distinfo 2014/07/27 06:37:19 1.86.2.2
@@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
1$NetBSD: distinfo,v 1.86.2.1 2014/07/15 06:53:41 spz Exp $ 1$NetBSD: distinfo,v 1.86.2.2 2014/07/27 06:37:19 spz Exp $
2 2
3SHA1 (phpMyAdmin-4.2.5-all-languages.tar.xz) = 5fb995b9e8d0239ad2d2f7f536bb67f7ca46177f 3SHA1 (phpMyAdmin-4.2.6-all-languages.tar.xz) = 8cf175f19ed820444501a68f94c3349be607941a
4RMD160 (phpMyAdmin-4.2.5-all-languages.tar.xz) = 2dff82dcba61cdadad9d29e57a47734654b7e0b3 4RMD160 (phpMyAdmin-4.2.6-all-languages.tar.xz) = 7695fc90c3d33bfa1908a06eaa93066f2a76110f
5Size (phpMyAdmin-4.2.5-all-languages.tar.xz) = 5200328 bytes 5Size (phpMyAdmin-4.2.6-all-languages.tar.xz) = 5134224 bytes
6SHA1 (patch-libraries_vendor_config.php) = af587496e999bf1e92d6c5a9ab8053fe6e92a0f2 6SHA1 (patch-libraries_vendor_config.php) = af587496e999bf1e92d6c5a9ab8053fe6e92a0f2