Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: MAINT_3_3_10
Fetching contributors…

Cannot retrieve contributors at this time

file 268 lines (243 sloc) 13.651 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268
----------------------
phpMyAdmin - ChangeLog
----------------------

$Id$
$HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $

3.3.10.5 (2011-11-10)
- [security] Fixed possible local file inclusion in XML import
(CVE-2011-4107).

3.3.10.4 (2011-08-24)
- [security] Missing sanitization on the table, column and index names leads to XSS vulnerabilities, see PMASA-2011-13

3.3.10.3 (2011-07-23)
- [security] Fixed XSS vulnerability, see PMASA-2011-9
- [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-12

3.3.10.2 (2011-07-02)
- [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-5
- [security] Fixed possible code injection incase session variables are compromised, see PMASA-2011-6
- [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
- [security] Fixed filtering of a file path, which allowed for directory traversal, see PMASA-2011-8

3.3.10.1 (2011-05-20)
- [security] XSS on Tracking page

3.3.10.0 (2011-03-19)
- patch #3147400 [structure] Aria table size printed as unknown,
  thanks to erickoh75 - erickoh75
- patch #3150164 [structure] Ordering by size gives incorrect results,
  thanks to Madhura Jayaratne - madhuracj
- bug #3153409 [core] 0 row(s) affected
- bug #3155842 [core] Edit relational page and page number
- [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10
- [lang] German update, thanks to to jannicars@users.sourceforge.net.

3.3.9.2 (2011-02-11)
- [security] SQL injection, see PMASA-2011-2

3.3.9.1 (2011-02-08)
- [security] Path disclosure, see PMASA-2011-1

3.3.9.0 (2011-01-03)
- bug [doc] Fix references to MySQL doc
- patch #3101490 Default function for TIMESTAMP, thanks to jirand - jirand
- bug #3103853 [js] Double quotes were not escaped in generated js
- bug #3077463 [core] Events were not copied when copying/renaming database
- bug #1762306 [core] Copy database with view of a view
- patch #3117535 [replication] Add quotes to database in initial statement,
  thanks to Craig Duncan - duncan3dc
- bug #3112614 [pdf schema] Scratchboard for PDF pages not working
- bug #3125606 [parser] Query for table "level" causes strange display
- bug #3127904 [parser] Close all opened round brackets indents

3.3.8.1 (2010-11-29)
- bug #3115519 (private) [security] XSS on db search, see PMASA-2010-8

3.3.8.0 (2010-10-25)
- bug #3059311 [import] BIGINT field type added to table analysis
- [core] Update library PHPExcel to version 1.7.4
- bug #3062455 [core] copy procedures and routines before tables
- bug #3062455 [export] with SQL, export procedures and routines before tables
- bug #3056023 [import] USE query not working
- bug #3038193 [display] Error when editing row with GEOMETRY column
- bug #3062454 [interface] Display routines/events also when no tables are defined
- support ARIA storage engine as well as its previous name MARIA

3.3.7.0 (2010-09-07)
- patch #3050492 [PDF scratchboard] Cannot drag table box to the edge after
  a page size increase, thanks to Martin Schönberger - mad05

3.3.6.0 (2010-08-28)
- bug #3033063 [core] Navi gets wrong db name
- bug #3031705 [core] Fix generating condition for real numbers by comparing
  them to string.
- bug #3034026 [confirmation] TRUNCATE queries get no confirmation request
- bug #3036132 [core] Triggers not fetched if dbname has an hyphen
- patch #3039269 [dbi] Wrong variable checked for nopassword option,
  thanks to Will Palmer - wpalmer
- bug #3040226 [XHTML] LockFromUpdate checkbox not checked by default
- bug [doc] Withdraw or edit FAQ entries related to older MySQL or PHP
- bug #3042706 [pmadb] Relations, bookmarks, etc deleted after table drop
- bug #3044189 [doc] Cleared documentation for hide_db.
- bug #3042495 [core] Move PMA_sendHeaderLocation to core.lib.php.

3.3.5.1 (2010-08-20)
- [core] Fixed various XSS issues, see PMASA-2010-5 for more details.

3.3.5.0 (2010-07-26)
- patch #2932113 [information_schema] Slow export when having lots of
  databases, thanks to Stéphane Pontier - shadow_walker
- bug #3022705 [import] Import button does not work in Catalan when there
  is no progress bar possible
- bug [replication] Do not offer information_schema in the list of databases
- bug [js] Avoid loading twice a js file
- bug #3024344 [setup] Setup forces numeric MemoryLimit
- bug #3025975 [auth] Odd LoginCookieValidity default value
- bug #3026400 [PHP] ereg functions are deprecated
- bug #3027557 [PHP] split() deprecated in PHP 5.3 (backport fixes from master)
- bug #3023507 [core] No result set display from stored procedure SELECT
- bug [export] CSV for MS Excel (Windows) should have semi-colon as separator
- [core] Update library PHPExcel to version 1.7.3c
- bug #2994885, bug #3029168 [import] Convert Excel column name correctly
- bug [scripts] MySQL 5.5.5 does not accept TIMESTAMP(14) in create_tables.sql

3.3.4.0 (2010-06-28)
- bug #2996161 [import] properly escape import value
- bug #2998889 [import] Import button does not work in Catalan
- [browse] Fix handling of sort order if only column is specified.
+ [lang] Greek update, thanks to Panagiotis Papazoglou - panos78
+ [lang] Updated lot of translation based on work done in master branch.
- bug #3008411 [databases] Last dropped database remains active in navi
- bug #2986383 [parser] Not all data being shown / counted
- bug [synchronize] Rows were deleted in target table regardless of the
  "Would you like to delete..." option
- bug [privileges] List of tables not shown when the db name has a wildcard
- bug #3011126 [display] Edit link missing after long query
- patch #3013264 [doc] FAQ 1.40 uses a comma instead of a period,
  thanks to Isaac Bennetch - ibennetch
- [engines] Fix getting InnoDB status.
- bug #2986422 [import] Results for query are not displayed

3.3.3.0 (2010-05-10)
- patch #2982480 [navi] Do not group if there would be one table in group,
  thanks to Lorikeet Lee.
- patch #2983492 [sync] When asking to synchronize Structure and Data,
  only Structure is done, thanks to Ankit Gupta - ankitgupta3
- patch #2984893 [engines] InnoDB storage page emits a warning,
  thanks to Madhura Jayaratne - madhuracj
- bug #2974687, bug #2974692 [compatibility] PHPExcel : IBM AIX iconv() does not work,
  thanks to Björn Wiberg - bwiberg
- bug #2983066 [interface] Flush table on table operations shows the query twice,
  thanks to Martynas Mickevičius - BlinK_
- bug #2983060, patch #2987900 [interface] Fix initial state of tables in
  designer, thanks to Sutharshan Balachandren.
- bug #2983062, patch #2989408 [engines] Fix warnings when changing table
  engine to Maria, thanks to Madhura Jayaratne.
- bug #2974067 [display] non-binary fields shown as hex
- bug #2983065 [operations] Error when changing from Maria to MyISAM engine
- bug #2975408 [tracking] Data too long for column data_sql
- bug [tracking] Tracking report should obey MaxCharactersInDisplayedSQL
- bug [edit] Avoid selecting UNHEX function by default for a BLOB column for
  which editing is protected
- bug #2994168 [structure] Show auto_increment in uppercase
- bug #2993970 [pdf schema] Page numbering in Table of Contents

3.3.2.0 (2010-04-13)
- patch #2969449 [core] Name for MERGE engine varies depending on the
  MySQL version, thanks to Dieter Adriaenssens - ruleant
- bug #2966078 [browse] Incorrect LIMIT is saved and sticks while browsing
- bug #2967366 [Structure] Some results of Propose table structure are
  shown in hex
- bug #2967565 [insert] UNHEX not selected by default when inserting BINARY
- [navi] Changed link to git repository on main page
- bug #2972232 [menu] Import menu tab not present on main page
- patch #2976790 [menu] Go to the upper level after table DROP,
  thanks to Kaarel Nummert - kaarelnu
- patch #2978815 [pdf] Fix generating PDF with table dimensions, thanks to BlinK_
- patch #2977725 [export] XML wrongly encoded, thanks to Victor Volkov - hanut
- patch #2979234 [import] Create tables with current charset and collation.
- patch #2979234, bug #2960105 [import] Properly import unicode text from ODS.
- bug #2973280 [export] Proper handling of temporary directory in XLS export.
- bug #2980582 [interface] Properly format server status parameter.
- bug #2973949 [session] SQL History broken (revert patch #2899969),
  thanks to Dieter Adriaenssens - ruleant
- [doc] Be more specific about problems with Suhosin.

3.3.1.0 (2010-03-16)
- bug #2941037 [core] Database structure not sorted by table correctly
- bug #2948492 [interface] Slide effect masks some fields on search page
- bug #2959746 [interface] Unknown table status: TABLE_TYPE
- bug #2953050 [export] export VIEW as SQL includes INSERT statement
- bug #2942032 [core] Cannot detect PmaAbsoluteUri correctly on Windows
- bug #2961609 [auth] Potential information disclosure at login page
- patch #2961540 [export] Do not export data of MERGE table,
  thanks to Dieter Adriaenssens - ruleant
- bug #2961198 [parser] Querying a table named "data"
- bug #2931429 [structure] Editing long triggers
- bug #2970769 [structure] Incorrect reference to mootools-more.js

3.3.0.0 (2010-03-07)
+ rfe #2308632 [edit] Use hex for (var)binary fields,
  thanks to Maarten Dieleman - maartendieleman
+ patch #2794819 [navi] Filter for displayed table names,
  thanks to Michael Valushko - dylfin
- bug #2794840 [core] Cannot redeclare pma_tableheader()
- rfe #2726479 [core] configurable maximal length of URL
+ patch #2724755 [display] Full/partial text links (big T) are back,
  thanks to nullbarriere - nullbarriere
- bug [display] handle NavigationBarIconic as documented for navi buttons
+ rfe #2726479 [export] Export tables preselect
+ patch #2805828 [export] PHP array export plugin,
  thanks to Geoffray Warnants - amnsk
+ patch #2798592 [import] Progress bar,
  thanks to Tomas Srnka - tomassrnka
- bug [gui] Generate Password not working for 'Change Login Information', only for 'Change password'
+ [lang] Arabic update, thanks to Meno25 - meno25
+ rfe #2822190 [structure] BOOLEAN is standard SQL
+ [lang] German update, thanks to knittl
+ [lang] German update, thanks to virsacer
+ rfe #2813867 [structure] Default sorting order in list of tables
+ [import] Added MySQL type-detection functionality to import library,
  thanks to Derek Schaefer
+ [import] Added ODS, Excel XLS, Excel XLSX, and XML import modules,
  thanks to Derek Schaefer
+ [export] Added Excel XLSX export module,
  thanks to Derek Schaefer
+ [core] Added ability for tracking changes made through phpMyAdmin
+ rfe #2839504 [engines] Support InnoDB plugin's new row formats
+ [core] Added ability for synchronizing databases among servers.
+ [lang] #2843101 Dutch update, thanks to scavenger2008
+ [lang] Galician update, thanks to Xosé Calvo - xosecalvo
+ [export] Added MediaWiki export module,
  thanks to Derek Schaefer - drummingds1
+ [lang] Turkish update, thanks to Burak Yavuz
+ [auth] Add custom port configuration in signon, thanks to Gary Smith
- [core] Removed context from the error handler
- bug #2883633 [export] Export of InnoDB table is incomplete
+ rfe #2862575 [status] Order query statistics by % desc, skip rows with 0
+ rfe #2823686 [interface] Increase default height of query window
+ rfe #2129902 [structure] Don't hide indexes
+ patch #2812070 [interface] Allow selecting a range of rows by holding shift, thanks to Joolee
+ [lang] Russian update, thanks to Victor Volkov
+ [lang] Greek update, thanks to Panagiotis Papazoglou
+ [lang] Norwegian update, thanks to Sven-Erik Andersen
- bug #2929958 [import] Cannot import (French interface)
- [security] Use X-Frame-Options header to protect against ClickJacking.
+ [lang] Finnish update, thanks to Jouni Kahkonen
+ [lang] Lithuanian update, thanks to Rytis Slatkevicius - rytis_s
- bug #2931939 [status] Seeing "m" as unit is confusing
- bug #2926613 [edit] Copy database shows errors when DB has foreign key
+ [lang] Catalan update, thanks to Xavier Navarro

3.2.6.0 (not released)
- bug #2938492 [display] information_schema sorting order
- bug #2941101 [import] import timeout when table already created and
  several data lines
- bug #2944069 [config] Extraneus dot from dirname() when installed in root, thanks to ayanamist

3.2.5.0 (2010-01-10)
- patch #2903400 [bookmarks] Status of bookmark table,
  thanks to Virsacer - virsacer
- bug [history] QueryHistoryDB is not respected
- bug #2905629 [auth] Blowfish secret is not hashed
- bug #2910000 [gui] ShowServerInfo should hide all server info from main page
- bug #2910568 [structure] Table size for ARCHIVE tables is not displayed
- patch #2899969 [core] Session lock blocks working from a second window,
  thanks to Greg Roach - fisharebest
- patch #2915168 [import] Incorrect parsing of DELIMITER keyword,
  thanks to Greg Roach - fisharebest
- patch #2918831 [export] Missing backquotes on reserved words,
  thanks to Virsacer - virsacer
- [core] Fix broken cleanup of $_GET
- bug #2924357 [operations] Cannot rename a database that has foreign key
  constraints
- bug #869006 [structure] Ignore number of records for MRG_MyISAM tables
- bug [browse] "Show BLOB contents" should display HTML code that is present
  in a BLOB, thanks to Vincent van der Tuin
- [privileges] Improve escaping of hostname

         --- Older ChangeLogs can be found on our project website ---
                     http://www.phpmyadmin.net/old-stuff/ChangeLogs/

# vim: et ts=4 sw=4 sts=4
# vim: ft=changelog fenc=utf-8 encoding=utf-8
# vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>8&&getline(v\:lnum)!~'^#'
# vim: fdn=1 fdm=expr
Something went wrong with that request. Please try again.