svn commit: r407398 - branches/2016Q1/databases/phpmyadmin
Matthew Seaman
matthew at FreeBSD.org
Thu Jan 28 07:47:25 UTC 2016
Author: matthew
Date: Thu Jan 28 07:47:24 2016
New Revision: 407398
URL: https://svnweb.freebsd.org/changeset/ports/407398
Log:
MFH: r407397
Security Update to 4.5.4
This is a combination of feature- and security- updates. The PMA
project has not yet published the relevant advisories, so there is
very little information available about what the vulnerabilities are
and what versions they affect. PMSA-2016-1 to PMSA-2016-9 are
expected to be available at https://www.phpmyadmin.net/security/
shortly.
[Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-1
[Security] Unsafe generation of CSRF token, see PMASA-2016-2
[Security] Multiple XSS vulnerabilities, see PMASA-2016-3
[Security] Insecure password generation in JavaScript, see PMASA-2016-4
[Security] Unsafe comparison of CSRF token, see PMASA-2016-5
[Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-6
[Security] XSS vulnerability in normalization page, see PMASA-2016-7
[Security] Full path disclosure vulnerability in SQL parser, see PMASA-2016-8
[Security] XSS vulnerability in SQL editor, see PMASA-2016-9
VuXML entries to follow once the advisories are available.
Approved by: ports-secteam (miwi)
ChangeLog: https://www.phpmyadmin.net/files/4.5.4/
Security: https://www.phpmyadmin.net/security/PMASA-2016-1/
Security: https://www.phpmyadmin.net/security/PMASA-2016-2/
Security: https://www.phpmyadmin.net/security/PMASA-2016-3/
Security: https://www.phpmyadmin.net/security/PMASA-2016-4/
Security: https://www.phpmyadmin.net/security/PMASA-2016-5/
Security: https://www.phpmyadmin.net/security/PMASA-2016-6/
Security: https://www.phpmyadmin.net/security/PMASA-2016-7/
Security: https://www.phpmyadmin.net/security/PMASA-2016-8/
Security: https://www.phpmyadmin.net/security/PMASA-2016-9/
Modified:
branches/2016Q1/databases/phpmyadmin/Makefile
branches/2016Q1/databases/phpmyadmin/distinfo
Directory Properties:
branches/2016Q1/ (props changed)
Modified: branches/2016Q1/databases/phpmyadmin/Makefile
==============================================================================
--- branches/2016Q1/databases/phpmyadmin/Makefile Thu Jan 28 07:37:59 2016 (r407397)
+++ branches/2016Q1/databases/phpmyadmin/Makefile Thu Jan 28 07:47:24 2016 (r407398)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= phpMyAdmin
-DISTVERSION= 4.5.3.1
+DISTVERSION= 4.5.4
CATEGORIES= databases www
MASTER_SITES= https://files.phpmyadmin.net/${PORTNAME}/${DISTVERSION}/
DISTNAME= ${PORTNAME}-${DISTVERSION}-all-languages
Modified: branches/2016Q1/databases/phpmyadmin/distinfo
==============================================================================
--- branches/2016Q1/databases/phpmyadmin/distinfo Thu Jan 28 07:37:59 2016 (r407397)
+++ branches/2016Q1/databases/phpmyadmin/distinfo Thu Jan 28 07:47:24 2016 (r407398)
@@ -1,2 +1,2 @@
-SHA256 (phpMyAdmin-4.5.3.1-all-languages.tar.xz) = 75be3589b5e4800afb21581761478ddc5b888d6a09d5235a0ba997401d04fc00
-SIZE (phpMyAdmin-4.5.3.1-all-languages.tar.xz) = 5757736
+SHA256 (phpMyAdmin-4.5.4-all-languages.tar.xz) = 544670aea61d40c1a6e569f0955de2725c354f61c959870749b525d6b3d503dd
+SIZE (phpMyAdmin-4.5.4-all-languages.tar.xz) = 5810856
More information about the svn-ports-all
mailing list