Merge branch 'QA_4_0'

phpmyadmin · Jul 28, 2013 · fdb0ad1 · fdb0ad1
2 parents 269d0c8 + 0e9e7f2
commit fdb0ad1
Showing 1 changed file with 15 additions and 1 deletion.
diff --git a/ChangeLog b/ChangeLog
@@ -47,7 +47,7 @@ phpMyAdmin - ChangeLog
 - bug #3998 Non-permanent SQL history not working
 - bug #3578 Transformations for text/plain on a BLOB column
 
-4.0.4.2 (not released yet)
+4.0.4.2 (2013-07-28)
 - [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
 - [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
 - [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
@@ -244,6 +244,20 @@ underscore
   (see PMASA-2013-5)
 - bug #3892 [export] SQL Export files are empty
 
+3.5.8.2 (2013-07-28)
+- [security] Fix self-XSS in "Showing rows", see PMASA-2013-8
+- [security] Fix self-XSS in Display chart, see PMASA-2013-9
+- [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
+- [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
+- [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
++ [security] JSON content type header for version_check.php, see PMASA-2013-9
++ [security] Backport fix for jQuery issue #9521 from jQuery 1.6.3, see PMASA-2013-9
++ [security] Fix full path disclosure, see PMASA-2013-12
++ [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15
++ [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15
+- [security] Fix self-XSS in schema export, see PMASA-2013-14
+- [security] Fix unencoded json object, see PMASA-2013-11
+
 3.5.8.1 (2013-04-24)
 - [security] Remote code execution (preg_replace), reported by Janek Vind
   (see PMASA-2013-2)