Please sync phpmyadmin 4:2.11.6-1 (universe) from Debian unstable (main).
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
phpmyadmin (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: phpmyadmin
Please sync phpmyadmin 4:2.11.6-1 (universe) from Debian unstable (main).
Explanation of the Ubuntu delta and why it can be dropped:
Debian sync to Ubuntu
Changelog since current intrepid version 4:2.11.3-1ubuntu1:
phpmyadmin (4:2.9.1.1-7) stable-security; urgency=high
* Update for etch to address a security issue.
* Attackers with CREATE table permissions were allowed to read arbitrary
files via a crafted HTTP POST request, related to use of an undefined
UploadDir variable. [PMASA-2008-3, CVE-2008-1924]
* Stores the MySQL (1) username and (2) password, and the (3) Blowfish
secret key, in cleartext in a Session file under /tmp, which allows
local users to obtain sensitive information.
[PMASA-2008-2, CVE-2008-1567]
* phpMyAdmin accesses $_REQUEST to obtain some parameters instead of
$_GET and $_POST, which allows attackers in the same domain to
override certain variables and conduct SQL injection and Cross Site
Request Forgery (CSRF) attacks by using crafed cookies.
[PMASA-2008-1, CVE-2008-1149]
-- Thijs Kinkhorst <email address hidden> Thu, 24 Apr 2008 20:00:49 +0200
phpmyadmin (4:2.9.1.1-6) stable-security; urgency=high
* Update for etch to address a security issue.
* Cross-site scripting (XSS) vulnerability in scripts/setup.php in
phpMyAdmin 2.11.1, when accessed by a browser that does not
URL-encode requests, allows remote attackers to inject arbitrary
web script or HTML via the query string.
(CVE-2007-5386, PMASA-2007-5, closes: #446451)
-- Thijs Kinkhorst <email address hidden> Wed, 7 Nov 2007 14:41:34 +0100
phpmyadmin (4:2.9.1.1-5) stable-security; urgency=high
* Update for etch to address a security issue.
* Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before
2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via
certain input available in (1) PHP_SELF in (a) server_status.php, and (b)
grab_
common.lib.php in libraries/; and certain input available in PHP_SELF and
(2) PATH_INFO in libraries/
(CVE-2007-5589, PMASA-2007-6)
-- Thijs Kinkhorst <email address hidden> Wed, 7 Nov 2007 13:30:08 +0100
phpmyadmin (4:2.9.1.1-4) stable-security; urgency=high
* Update for etch to address security issues.
* Incomplete blacklist vulnerability in index.php in
phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct
cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or
HTML in a (1) db or (2) table parameter value followed by an uppercase
</SCRIPT> end tag, which bypasses the protection against lowercase
</script>. [CVE-2007-1395]
* Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before
2.10.1.0 allow remote attackers to inject arbitrary web script or HTML
via (1) the fieldkey parameter to browse_
input to the PMA_sanitize function. [CVE-2007-2245]
* Add fix/workaround for deep array recursion, which may cause PHP to
crash the webserver. [CVE-2007-1325]
-- Thijs Kinkhorst <email address hidden> Tue, 28 Aug 2007 22:31:30 +0200
phpmyadmin (4:2.9.1.1-3) unstable; urgency=medium
* Added Galician debconf translation by Jacobo Tarrio (Closes: #412195).
* Actually install config.default.php example file (Closes: #412655).
* Add XS-Vcs-* fields to debian/control.
-- Thijs Kinkhorst <email address hidden> Wed, 28 Feb 2007 01:07:56 +0100
phpmyadmin (4:2.9.1.1-2) unstable; urgency=high
* Backport security-related changes from 2.9.2-rc1:
* CVE-2007-0203: Multiple unspecified vulnerabilities;
this turns out to be (1) cross site scripting and
(2) the same as CVE-2006-6374. (Closes: #406332, #406486)
* CVE-2006-6374: the vulnerability only applies to
PHP < 5.1.2 and < 4.4.2, so strictly speaking current
Debian is not vulnerable. Include it anyway, to not expose
those using older PHP versions. (Closes: #404744)
-- Thijs Kinkhorst <email address hidden> Fri, 12 Jan 2007 15:29:28 +0100
phpmyadmin (4:2.9.1.1-1) unstable; urgency=high
* New upstream release.
- Addresses several security issues (Closes: #399329).
* In Depends, explicitly prefer the apache2/apache PHP module, to make
sure the correct one is selected upon installation.
* Drop 100-dutch_
* Add note to default config file about adding sensitive data
to that file (Closes: #321529).
* Update README.Debian with information about register_globals.
-- Thijs Kinkhorst <email address hidden> Wed, 22 Nov 2006 22:24:02 +0100
phpmyadmin (4:2.9.0.3-1) unstable; urgency=medium
* New upstream bugfix release.
- Includes a fix for a XSS security issue.
(
* 100-dutch_
translation which also caused a layout problem in the login
screen.
* 021-config.
class to disable checking for the mtime of config.inc.php.
Since we include other files from it, those will otherwise
never be read (Closes: #392022).
* Add depends on perl since it's used in the maintainer scripts.
* Update shipped htaccess to make it compatible with Apache 2.2
(Closes: #396560).
* Updated translations:
- Bokmål by Bjørn Steensrud.
- Basque by Piarres Beobide.
- Dutch by self.
- Danish by Claus Hindsgaul (Closes: #393871).
- Japanese by Hideki Yamane (Closes: #396548).
-- Thijs Kinkhorst <email address hidden> Thu, 2 Nov 2006 15:45:29 +0100
phpmyadmin (4:2.9.0.2-1) unstable; urgency=low
* New maintainer, thanks Piotr for your previous work!
* Acknowledge NMU's, thanks Steinar! (Closes: #378681)
* Fix typo in debconf templates and unfuzzy that.
* Tweak package description.
-- Thijs Kinkhorst <email address hidden> Wed, 11 Oct 2006 14:46:37 +0200
phpmyadmin (4:2.9.0.2-0.1) unstable; urgency=high
* Non-maintainer upload with maintainer consent.
* Upgrade to latest upstream version to battle cross-site
request forgery (PMASA-2006-5, CVE-2006-5116, CVE-2006-5117,
closes: 391090).
* New upstream also fixes broken database export functionality
(closes: 374918) and database/table copy (closes: 390484).
* Update translations:
- Danish by Claus Hindsgaul (Closes: 357972).
- Italian by Luca Monducci (Closes: 382139).
- Spanish by Nacho Barrientos Arias (Closes: 385365).
-- Thijs Kinkhorst <email address hidden> Tue, 10 Oct 2006 20:56:25 +0200
phpmyadmin (4:2.8.2-0.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix issue with /var/www pointing to /usr/share/
(Closes: #385889)
* Make sure we install /var/www as a directory, since we make a symlink into
it and we can't rely on it being there.
* Explicitly link to /var/www/phpmyadmin instead of /var/www, to make sure
we don't make a new /var/www even if it should be removed for some
reason.
-- Steinar H. Gunderson <email address hidden> Mon, 11 Sep 2006 00:14:54 +0200
phpmyadmin (4:2.8.2-0.1) unstable; urgency=high
* Non-maintainer upload.
* New upstream release.
* Fixes cross-site-
-- Steinar H. Gunderson <email address hidden> Tue, 18 Jul 2006 12:52:19 +0200
phpmyadmin (4:2.8.1-1) unstable; urgency=medium
* New upstream release. Closes: #373204.
- The French translation is correct. Closes: #362154.
- Generates correct dumps with UPDATE syntax. Closes: #364702.
* Security fix: XSRF vulnerability.
See: http://
See: http://
[CVE-2006-1803, CVE-2006-1804]
* Security fix: XSS vulnerabilities. It was not a problem for Debian with
the default settings.
See: http://
See: http://
[CVE-2006-2031, CVE-2006-2417, CVE-2006-2418]
Closes: #363519, #368082.
* Updated Portuguese debconf templates translation, thanks Miguel Figueiredo.
Closes: #363597.
* Updated Russian debconf templates translation, thanks Yuriy Talakan.
Closes: #367146.
* Convert non-ISO-8859-1 debconf templates translation to UTF-8.
-- Piotr Roszatycki <email address hidden> Sun, 25 Jun 2006 18:10:23 +0200
phpmyadmin (4:2.8.0.3-1) unstable; urgency=medium
* New upstream release.
* Security fix: XSS vulnerability (calling directly css files under themes)
See: http://
See: http://
Closes: #362567.
-- Piotr Roszatycki <email address hidden> Fri, 14 Apr 2006 14:47:28 +0200
phpmyadmin (4:2.8.0.2-4) unstable; urgency=low
* Fixed typos in debconf template. Closes: #360059.
* Updated Czech debconf templates translation, thanks Miroslav Kure.
Closes: #359757.
* Updated German debconf templates translation, thanks Daniel Knabl.
Closes: #359752.
* Updated Swedish debconf templates translation, thanks Daniel Nylander.
* Updated Vietnamese debconf templates translation, thanks Clytie Siddall.
-- Piotr Roszatycki <email address hidden> Fri, 31 Mar 2006 14:54:00 +0200
phpmyadmin (4:2.8.0.2-3) unstable; urgency=low
* Add missing javascript files. Closes: #357743, #357579.
* Updated Brazilian Portuguese debconf templates translation, thanks Andre
Luis Lopes. Closes: #357840.
-- Piotr Roszatycki <email address hidden> Mon, 20 Mar 2006 11:06:09 +0100
phpmyadmin (4:2.8.0.2-2) unstable; urgency=low
* Do not use 822-date command in postinst script. Close: #357605.
-- Piotr Roszatycki <email address hidden> Sat, 18 Mar 2006 15:02:47 +0100
phpmyadmin (4:2.8.0.2-1) unstable; urgency=low
* New upstream release. Closes: #356013, #355931.
- Can work if DocumentRoot is set to phpMyAdmin's directory.
Closes: #352403, #349497.
- pma_* features work with PersistentConne
- Export of table works if __TABLE__ macro is used. Closes: #217364.
- Can navigate back to user after changing privileges on database.
Closes: #338758.
- Fixes XSS [CVE-2006-1258]
* Reedited package description.
* Tweaked dependencies. Prefer php5-cgi package and does not depend on
apache2, because the PHP can be started as FastCGI standalone server.
Closes: #340286, #307441.
* This release provides http://
script. This script requires authorization by default.
* Generate longer blowfish secret on install.
* Create symlink /var/www/phpmyadmin only at first install.
-- Piotr Roszatycki <email address hidden> Fri, 17 Mar 2006 10:56:43 +0100
phpmyadmin (4:2.7.0-pl2-1) unstable; urgency=low
* New upstream release. Closes: #342203.
* Tweak the dependencies and prefer PHP5 with Apache2.
* Support cgid.so module for threaded Apache2.
* Removed all Debian specific patches.
* Portuguese debconf templates translation, thanks Miguel Figueiredo.
Closes: #336444.
-- Piotr Roszatycki <email address hidden> Wed, 4 Jan 2006 15:34:36 +0100
phpmyadmin (4:2.6.4-pl4-2) unstable; urgency=high
* Security fix: Cross-site scripting by trusting potentially user-supplied
input.
See: http://
New 200-CVE-
-- Piotr Roszatycki <email address hidden> Wed, 23 Nov 2005 14:31:15 +0100
phpmyadmin (4:2.6.4-pl4-1) unstable; urgency=high
* New upstream release.
* Security fix: HTTP Response Splitting vulnerability.
See: http://
See: http://
Closes: #339437.
* New 105-bug_
- Always set the default configuration values, even if the config.inc.php
file seems to be up to date. This fix allows to utilise more than three
databases. Closes: #324318.
-- Piotr Roszatycki <email address hidden> Wed, 16 Nov 2005 13:10:14 +0100
phpmyadmin (4:2.6.4-pl3-1) unstable; urgency=high
* New upstream release.
* Security fix: (1) Local file inclusion vulnerability and (2) Cross-Site
Scripting vulnerability.
See http://
See http://
Closes: #335306, #335513.
* Assigned CVE number for 4:2.6.4-pl2-1 bug fix.
-- Piotr Roszatycki <email address hidden> Mon, 24 Oct 2005 20:14:08 +0200
phpmyadmin (4:2.6.4-pl2-1) unstable; urgency=high
* New upstream release.
* Security fix: local file inclusion vulnerability.
See http://
Closes: #333433.
-- Piotr Roszatycki <email address hidden> Wed, 12 Oct 2005 15:07:42 +0200
phpmyadmin (4:2.6.4-pl1-2) unstable; urgency=low
* Rebuilt with new YADA. Depends: debconf (>= 0.2.26) | debconf-2.0
* Swedish debconf templates translation, thanks Daniel Nylander.
Closes: #330645.
-- Piotr Roszatycki <email address hidden> Tue, 4 Oct 2005 13:01:25 +0200
phpmyadmin (4:2.6.4-pl1-1) unstable; urgency=medium
* New upstream release.
* Security fix: Two Cross-Site Scripting vulnerabilities.
See http://
Closes: #327345.
* Append the Debian package revision number to the upstream version number.
Marks that this phpMyAdmin package has additional Debian modifications so
the bugreports won't confuse phpMyAdmin's coders.
* Create minimal /usr/share/
comment. Closes: #321270.
* Reintroduced /etc/phpmyadmin
#312611, #312668.
* Removed all Debian patches as are obsoleted now.
* Depends: apache2 | httpd
* Recommends: php4-mcrypt | php5-mcrypt. Closes: #321259.
* Arabic debconf templates translation. Closes: #320773.
* Vietnamese debconf templates translation. Closes: #316841.
* Updated Brazilian Portuguese debconf templates translation. Closes: #310875.
* Updated German debconf templates translation. Closes: #326141.
* New yada fixes postrm script fail when ucf is missing. Closes: #322139.
-- Piotr Roszatycki <email address hidden> Fri, 16 Sep 2005 16:21:21 +0200
phpmyadmin (4:2.6.2-3) unstable; urgency=high
* Fix apache2.conf only for 4:2.6.2-1 release. Closes: #307901 (critical),
#307275 (critical), #304786 (critical).
* Clean up old 'Include /etc/phpmyadmin
way.
* Removed old code which modified httpd.conf if 'Include /etc/apache/conf.d'
was missing.
* Note for release manager: cleaning up config.inc.php doesn't change the
application logic. The autoloading of the PHP extensions is already
implemented in the upstream's code.
-- Piotr Roszatycki <email address hidden> Sat, 7 May 2005 14:49:49 +0200
phpmyadmin (4:2.6.2-2) unstable; urgency=high
* Doesn't modify apache2.conf. Try to revert the changes.
Closes: #307275 (critical).
* Remove obsoleted conffiles and symlinks on purge. Closes: #307415.
* The default behaviour is not to autoconfigurate webservers.
* Doesn't load the PHP extensions automatically in config.inc.php script.
-- Piotr Roszatycki <email address hidden> Thu, 5 May 2005 11:40:46 +0200
phpmyadmin (4:2.6.2-1) unstable; urgency=low
* New upstream release
* NEWS and README.Debian file are documented about problem with logging
in with cookie based authentication.
* Removed suPHP directive from apache.conf file. Closes: #304018.
* Configuration in .htaccess doesn't override global access settings.
Closes: #303535.
* Updated Brazilian Portuguese debconf templates translation.
Closes: #304566.
* Apache configuration is installed separately, not through symlinks.
* Convert httpd.conf and apache.conf. They have to contain
"Include /etc/apache2/
-- Piotr Roszatycki <email address hidden> Tue, 19 Apr 2005 11:51:21 +0200
phpmyadmin (3:2.6.2-rc1-1) unstable; urgency=high
* New upstream release.
* Security fix: Cross-Site Scripting vulnerability.
See http://
Closes: #303142.
* Don't enable PHP if mod_fcgid is loaded in Apache 2.x.
-- Piotr Roszatycki <email address hidden> Tue, 5 Apr 2005 15:17:25 +0200
phpmyadmin (3:2.6.1-pl3-2) unstable; urgency=high
* Fixed the bug in postinst introduced in last upload. Closes: #299034.
-- Piotr Roszatycki <email address hidden> Fri, 11 Mar 2005 11:14:05 +0100
phpmyadmin (3:2.6.1-pl3-1) unstable; urgency=high
* New upstream release.
* Fixed annoying bug that a user called 'xx@%' could be created but
not removed. Closes: #208539.
* Fixed critical bug introduced by php4 compiled with ZTS option. Added
003-
* Renamed debian/
* Depends also on php5-fcgi.
-- Piotr Roszatycki <email address hidden> Mon, 7 Mar 2005 12:21:00 +0100
phpmyadmin (3:2.6.1-pl2-2) unstable; urgency=low
* Fixed converting /etc/apache/
upgrade time.
-- Piotr Roszatycki <email address hidden> Wed, 2 Mar 2005 20:30:29 +0100
phpmyadmin (3:2.6.1-pl2-1) unstable; urgency=high
* New upsteam release.
* Security fix: A variable injection vulnerability was found in phpMyAdmin,
that may allow an attacker to conduct Cross-site scripting (XSS) attacks
and / or perform remote file inclusion.
See http://
Closes: #296845.
* Switched off register_globals in .htaccess.
* Does not recommend versioned apache, as far as it works wrongly with
aptitude. Closes: #295786.
-- Piotr Roszatycki <email address hidden> Sat, 26 Feb 2005 17:39:31 +0100
phpmyadmin (3:2.6.1-1) unstable; urgency=low
* New upstream release.
* Czech debconf templates translation. Closes: #293611.
* Woody backward compatibility. See bug 1117907 on Sourceforge.
-- Piotr Roszatycki <email address hidden> Mon, 7 Feb 2005 15:20:09 +0100
phpmyadmin (2:2.6.1-rc2-2) unstable; urgency=low
* Configuration for suPHP can't be in .htaccess. Closes: #287897.
-- Piotr Roszatycki <email address hidden> Tue, 18 Jan 2005 19:13:12 +0100
phpmyadmin (2:2.6.1-rc2-1) unstable; urgency=low
* New upstream release.
* Rename the symlink /etc/$APACHE/conf.d and add .conf suffix.
Closes: #286100.
* Disable suPHP for security reasons. Closes: #287897.
* Use /cgi-bin/php if CGI mode is used.
* Depends on php4 | php4-cgi | php5 | php5-cgi.
* Modified Description field to make lintian happy.
* Fixed postinst script for better php5 support.
-- Piotr Roszatycki <email address hidden> Wed, 12 Jan 2005 21:37:02 +0100
phpmyadmin (2:2.6.1-rc1-1) unstable; urgency=high
* New upstream release.
* Security fix: Command execution and file disclosure was found.
See http://
Closes: #285488.
* Remove 003.non_
* Add commented out options 'extension' and 'AllowRoot' to default config
file.
* Support mysqli.so extension. Autodetect modules from 'extension' option.
-- Piotr Roszatycki <email address hidden> Mon, 13 Dec 2004 19:23:57 +0100
phpmyadmin (2:2.6.0-pl3-2) unstable; urgency=high
* Security fix is broken if non-standard HTTP(S) port is used.
Closes: #283044.
-- Piotr Roszatycki <email address hidden> Fri, 26 Nov 2004 09:55:29 +0100
phpmyadmin (2:2.6.0-pl3-1) unstable; urgency=high
* New upstream release.
* Security fix: Multiple XSS vulnerability were found.
See http://
* Tweaks dependencies: depends php4 | php4-cgi; don't suggests
non-free mysql-doc.
* Supports unofficial php5 packages.
-- Piotr Roszatycki <email address hidden> Mon, 22 Nov 2004 10:22:41 +0100
phpmyadmin (2:2.6.0-pl2-2) unstable; urgency=low
* Updated German translation of the debconf templates. Closes: #280998.
-- Piotr Roszatycki <email address hidden> Thu, 18 Nov 2004 14:08:27 +0100
phpmyadmin (2:2.6.0-pl2-1) unstable; urgency=high
* New upstream release.
* Security fix: If PHP is not running in safe mode, a problem in the
MIME-based transformation system (with an "external" transformation)
allows to execute any command with the privileges of the web server's
user.
-- Piotr Roszatycki <email address hidden> Thu, 14 Oct 2004 11:33:56 +0200
phpmyadmin (2:2.6.0-pl1-1) unstable; urgency=low
* New upstream release.
* This release fixes patch 003.woody_
-- Piotr Roszatycki <email address hidden> Wed, 29 Sep 2004 09:39:38 +0200
phpmyadmin (2:2.6.0-1) unstable; urgency=low
* New upstream release.
* Depends: php4-cgi (>= 4.1.0) | libapache-mod-php4. The php4-cgi package
is recommended as easier for installation. Closes: #267878.
* Depends: apache | apache-perl | apache-ssl | apache2 | httpd.
* Added patch for woody with MySQL from backports.org compatibility.
-- Piotr Roszatycki <email address hidden> Tue, 28 Sep 2004 09:42:06 +0200
phpmyadmin (1:2.6.0-rc1-1) experimental; urgency=low
* New upstream release.
* Disable the default warning that is displayed on the DB Details Structure
page if any of the required Tables for the relation features could not be
found.
-- Piotr Roszatycki <email address hidden> Mon, 9 Aug 2004 10:21:07 +0200
phpmyadmin (1:2.5.7-pl1-2) unstable; urgency=medium
* blowfish_
-- Piotr Roszatycki <email address hidden> Thu, 5 Aug 2004 17:37:46 +0200
phpmyadmin (1:2.5.7-pl1-1) unstable; urgency=high
* New upstream release
* Fixes security problems. See
http://
and the Documentation.html, FAQ 8.2.
-- Piotr Roszatycki <email address hidden> Thu, 1 Jul 2004 09:51:54 +0200
phpmyadmin (1:2.5.7-1) unstable; urgency=low
* New upstream release
* Add /var/www/phpmyadmin to the apache.conf, closes: #246367.
* Suggests: php4-gd, closes: #243714.
* Should work with E_ALL, closes: #244672.
* Remove php3 from dependencies and DebConf templates, closes: #246002.
* Fixed typo in DebConf template, closes: #250841.
* Dutch debconf templates translation (unfinished...), closes: #216936.
* Split configuration to the /etc/phpmyadmin
/usr/
* Ask for restart only if required, closes: #249940.
-- Piotr Roszatycki <email address hidden> Fri, 25 Jun 2004 10:27:26 +0200
phpmyadmin (1:2.5.6-2) unstable; urgency=low
* Supports PHP for Apache2, closes: #242797.
* apache.conf uses <Directory> than <DirectoryMatch>, closes: #236978.
* Remove /etc/*/
* Fixed DebConf scripts. Should not ask again about webservers,
closes: #239480.
* Install /var/www/phpmyadmin symlink than Alias, closes: #238598.
* Catalan debconf templates translation, closes: #236636.
* DebConf templates:
* Removed phpmyadmin/
* Renamed phpmyadmin/
* Renamed phpmyadmin/restart to phpmyadmin/
-- Piotr Roszatycki <email address hidden> Sat, 27 Mar 2004 13:16:26 +0100
phpmyadmin (1:2.5.6-1) unstable; urgency=low
* New upstream release.
* Ignore missing /etc/phpmyadmin directory for postrm purge, close: #235696.
* Danish debconf templates translation, closes: #234948.
-- Piotr Roszatycki <email address hidden> Thu, 4 Mar 2004 17:16:56 +0100
phpmyadmin (2.5.6-rc2-1) unstable; urgency=low
* New upstream release.
* Removed conffiles /etc/phpmyadmin
not conffiles for a long time. Closes: #232557, #231880.
* Brazilian Portuguese debconf templates translation, closes: #231713.
* French debconf templates translation, closes: #220804.
* Japanese po-debconf template translation, closes: #222282.
-- Piotr Roszatycki <email address hidden> Sun, 22 Feb 2004 13:14:00 +0100
phpmyadmin (2.5.6-rc1-1) unstable; urgency=high
* New upstream release.
* Security fix: possible attack against export.php, see
http://
closes: #231050.
-- Piotr Roszatycki <email address hidden> Wed, 4 Feb 2004 12:34:11 +0100
phpmyadmin (2.5.5-pl1-2) unstable; urgency=low
* Restored upstream release notes.
-- Piotr Roszatycki <email address hidden> Tue, 3 Feb 2004 15:33:54 +0100
phpmyadmin (2.5.5-pl1-1) unstable; urgency=low
* New upstream release.
* Depends php4 or php4-cgi (>= 4.1.0) and suggests mysql-server (>= 3.23.36).
-- Piotr Roszatycki <email address hidden> Wed, 28 Jan 2004 11:17:25 +0100
phpmyadmin (2.5.4-2) unstable; urgency=low
* Call modules-config rather than writing directly to modules.conf.
* Recommends: apache (>= 1.3.29.0.1-1), php4, php4-mysql
* Update Russian translation, closes: #221827.
-- Piotr Roszatycki <email address hidden> Fri, 19 Dec 2003 18:58:27 +0100
phpmyadmin (2.5.4-1) unstable; urgency=low
* New official unstable release.
* Fixed apache.conf with IfModule directive.
* Closes bugs with pending tag:
o Fixed problem with password changes, closes: #216467
o Fixed print view for one table, closes: #149172
o Fixed grants for table contained backslash in its name, closes: #149416
o Can login with empty password, closes: #171784
o apache.conf includes DirectoryIndex directive, closes: #217100
o Can copy user grants/permissions to other user, closes: #152807
o Backs to browse listing after edting, closes: #168980
-- Piotr Roszatycki <email address hidden> Fri, 7 Nov 2003 11:42:44 +0100
phpmyadmin (2.5.4-0.4) experimental; urgency=low
* Fixed another ucf bug.
-- Piotr Roszatycki <email address hidden> Thu, 6 Nov 2003 19:45:31 +0100
phpmyadmin (2.5.4-0.3) experimental; urgency=low
* ucf should be called on "configure" action. YADA relative problem.
-- Piotr Roszatycki <email address hidden> Tue, 4 Nov 2003 13:21:29 +0100
phpmyadmin (2.5.4-0.2) experimental; urgency=low
* modules-config hangs up if postinst uses debconf. Write to modules.conf
directly.
-- Piotr Roszatycki <email address hidden> Fri, 31 Oct 2003 17:21:10 +0100
phpmyadmin (2.5.4-0.1) experimental; urgency=low
* New upstream release.
* ucf handles configuration files.
* Don't use wwwconfig-common.
* Handle Apache2 webserver.
* Works with new DebConfized Apache package.
-- Piotr Roszatycki <email address hidden> Tue, 28 Oct 2003 15:45:34 +0100
phpmyadmin (2.5.3-1) unstable; urgency=low
* New upstream release.
-- Piotr Roszatycki <email address hidden> Mon, 8 Sep 2003 10:37:07 +0200
phpmyadmin (2.5.2-pl1-1) unstable; urgency=low
* New upstrem release.
* NEWS.Debian renamed to NEWS, closes: #204901.
-- Piotr Roszatycki <email address hidden> Mon, 11 Aug 2003 22:21:18 +0200
phpmyadmin (2.5.2-2) unstable; urgency=high
* The upstream also fixes XSS vulnerabilities, information
encoding weakness and transversal directory attack. This was
mentioned in Debian.NEWS file only, not changelog.Debian file.
See http://
* CVS fix: another patch for path disclosure problem.
* CVS fix: a user could not edit his own global privileges.
-- Piotr Roszatycki <email address hidden> Mon, 28 Jul 2003 09:39:11 +0200
phpmyadmin (2.5.2-1) unstable; urgency=low
* New upstream release
* French debconf translation, closes: #200724
* Generates /etc/phpmyadmin
-- Piotr Roszatycki <email address hidden> Thu, 24 Jul 2003 10:50:01 +0200
phpmyadmin (2.5.1-1) unstable; urgency=high
* New upstream release
* Fixes security problem. Prevent transversal directory attacks and remote
local directory listing with discovering directory content.
-- Piotr Roszatycki <email address hidden> Sat, 28 Jun 2003 21:57:23 +0200
phpmyadmin (2.4.0-2) unstable; urgency=high
* Fixes bug introduced by previous fix. I don't know how I could upload
this crap. Sorry. Closes: #184214, #184544
-- Piotr Roszatycki <email address hidden> Thu, 13 Mar 2003 02:14:05 +0100
phpmyadmin (2.4.0-1) unstable; urgency=low
* New upstream release
-- Piotr Roszatycki <email address hidden> Mon, 10 Mar 2003 19:29:09 +0100
phpmyadmin (2.3.3pl1-1) unstable; urgency=low
* New upstream release
* phpMyAdmin can login without password and shows connection errors.
-- Piotr Roszatycki <email address hidden> Thu, 5 Dec 2002 12:01:54 +0100
phpmyadmin (2.3.2-4) unstable; urgency=low
* Don't insert NULL value if textarea is not empty. Fix from CVS snapshot,
closes: #168979
-- Piotr Roszatycki <email address hidden> Mon, 18 Nov 2002 19:17:14 +0100
phpmyadmin (2.3.2-3) unstable; urgency=low
* Missing libraries, closes: #166698
-- Piotr Roszatycki <email address hidden> Mon, 4 Nov 2002 15:43:58 +0100
phpmyadmin (2.3.2-2) unstable; urgency=low
* Missing translators.html
-- Piotr Roszatycki <email address hidden> Thu, 17 Oct 2002 10:32:49 +0200
phpmyadmin (2.3.2-1) unstable; urgency=low
* New upstream release, closes: #157915
+ phpMyAdmin showed that the one field is PRIMARY key even if no field
was PRIMARY, closes: #144362
+ Can dump table and field names with backquotes, closes: #144513
+ Fixed Russian translation, closes: #144617
+ Cookie path is autodetected, closes: #155108
* Now the absolute URI is autodetected, closes: #147714
* Spanish DebConf template, closes: #153071
-- Piotr Roszatycki <email address hidden> Fri, 11 Oct 2002 12:46:29 +0200
phpmyadmin (2.2.6-1) unstable; urgency=low
* New upstream release
-- Piotr Roszatycki <email address hidden> Mon, 22 Apr 2002 17:01:39 +0200
phpmyadmin (2.2.5-2.2.6-rc2-1) unstable; urgency=low
* New upstream release
* Fixed wwwconfig-common stuff, closes: #139986
-- Piotr Roszatycki <email address hidden> Thu, 18 Apr 2002 11:44:44 +0200
phpmyadmin (2.2.5-2.2.6-rc1-2) unstable; urgency=low
* Fixed postrm for debconf if package is not configured yet.
-- Piotr Roszatycki <email address hidden> Fri, 12 Apr 2002 12:12:22 +0200
phpmyadmin (2.2.5-2.2.6-rc1-1) unstable; urgency=low
* New upstream release
* Russian debconf template, closes: #137674
-- Piotr Roszatycki <email address hidden> Thu, 11 Apr 2002 16:48:00 +0200
phpmyadmin (2.2.3-1) unstable; urgency=low
* New upstream release
-- Piotr Roszatycki <email address hidden> Tue, 8 Jan 2002 13:02:45 +0100
phpmyadmin (2.2.2-
* New upstream release (CVS snapshot)
* This upstream release implements cookie based authentication. Finally :)
* Fixes 'Query empty' bug when ordering by a column, closes: #123459
* Fixes spelling error in description, closes: #125243
* Removed invalid command for PHP3 from apache.conf, closes: #122941
-- Piotr Roszatycki <email address hidden> Mon, 17 Dec 2001 16:17:11 +0100
phpmyadmin (2.2.1-2.2.2-rc1-2) unstable; urgency=low
* Works with error_reporting
* Turn on register_globals in apache.conf
-- Piotr Roszatycki <email address hidden> Tue, 27 Nov 2001 11:10:59 +0100
phpmyadmin (2.2.1-2.2.2-rc1-1) unstable; urgency=medium
* New upstream release, closes: #118716
* New upstream fixes several security problems.
-- Piotr Roszatycki <email address hidden> Wed, 21 Nov 2001 12:13:07 +0100
phpmyadmin (2.2.0-4) unstable; urgency=low
* Missing select_box() function added, required for multiserver config.
-- Piotr Roszatycki <email address hidden> Mon, 1 Oct 2001 12:38:08 +0200
phpmyadmin (2.2.0-3) unstable; urgency=low
* User can login even if (s)he doesn't have priviliges to mysql
database, really closes: #112099
* New yada, package should build from source.
* Remove CVS directories.
-- Piotr Roszatycki <email address hidden> Tue, 18 Sep 2001 15:57:25 +0200
phpmyadmin (2.2.0-2) unstable; urgency=low
* Fixed typo in lib.inc.php, closes: #112099
* Compatibility with potato's mysql server
* Frameset is now resizable, applied patch from CVS
-- Piotr Roszatycki <email address hidden> Tue, 18 Sep 2001 14:07:59 +0200
phpmyadmin (2.2.0-1) unstable; urgency=high
* New upstream release, closes: #70086, #104515
* Upstream changed to SourceForge project (http://
* Security update, see SecurityFocus.
* Suggests: mysql-server, closes: #67547
* DebConf and wwwconfig-common for automatic webserver reconfiguration.
-- Piotr Roszatycki <email address hidden> Fri, 31 Aug 2001 12:23:04 +0200
phpmyadmin (2.1.0.1-5) unstable; urgency=low
* Fixed edit after select action, thanks Werner Ammon.
* Fixed german translation.
-- Piotr Roszatycki <email address hidden> Mon, 9 Jul 2001 17:37:46 +0200
phpmyadmin (2.1.0.1-4) unstable; urgency=high
* Security update, see: http://
* Compiled with phpMyAdmin-
http://
* Added charset info to left.php
-- Piotr Roszatycki <email address hidden> Mon, 9 Jul 2001 12:51:00 +0200
phpmyadmin (2.1.0.1-3) unstable; urgency=low
* German template file, closes: #99332
-- Piotr Roszatycki <email address hidden> Thu, 31 May 2001 08:59:43 +0200
phpmyadmin (2.1.0.1-2) unstable; urgency=low
* Clean up debian/packages
* Renamed .php3 to .php, see Debconf note.
* Purging /etc/phpmyadmin in postrm
-- Piotr Roszatycki <email address hidden> Mon, 21 May 2001 12:45:34 +0200
phpmyadmin (2.1.0.1-1) unstable; urgency=low
* New upstream release from unofficial source, see copyright info,
closes: #82506
* New yada
* Removed dependency on libmysqlclient
-- Piotr Roszatycki <email address hidden> Mon, 29 Jan 2001 17:12:30 +0000
phpmyadmin (2.1.0-1) unstable; urgency=low
* php4-cgi added to Depends
* Standards-Version: 3.1.0
* New upstream release
-- Piotr Roszatycki <email address hidden> Tue, 10 Oct 2000 18:17:07 +0200
phpmyadmin (2.0.5-2) unstable; urgency=low
* Suggests: mysql-doc
* Load mysql.so module if not loaded
* Set charset in META tag
* Minor changes in debian/ directory
-- Piotr Roszatycki <email address hidden> Mon, 10 Jul 2000 12:43:41 +0200
phpmyadmin (2.0.5-1) frozen unstable; urgency=medium
* This upstream source allows creating tables, closes: #53751
* New upstream release
-- Piotr Roszatycki <email address hidden> Thu, 10 Feb 2000 19:09:11 +0100
phpmyadmin (2.0.4-3) unstable; urgency=low
* Polish translation in polish.inc.php3
* Slightly modified README.Debian
* New feature: logout.php3; required by Netscape browser.
* Suggests: mysql-doc; modified default conffile and sources.
* Depends: php4, php4-mysql; a minor changes in debian/*.dpatch files.
-- Piotr Roszatycki <email address hidden> Sat, 27 Nov 1999 14:32:24 +0100
phpmyadmin (2.0.4-2) unstable; urgency=low
* yada 0.8
* moved to main archive
-- Piotr Roszatycki <email address hidden> Sat, 6 Nov 1999 23:33:59 +0100
phpmyadmin (2.0.4-1) unstable; urgency=low
* /usr/doc/... symlink.
* Removed some debhelper's constructions
* README.Debian in dpatch file.
* New option in config file: verbose.
* New language: Portuguese.
* New upstream release.
-- Piotr Roszatycki <email address hidden> Mon, 18 Oct 1999 19:09:48 +0200
phpmyadmin (2.0.3-1) unstable; urgency=low
* Initial Debian version.
-- Piotr Roszatycki <email address hidden> Wed, 25 Aug 1999 21:32:14 +0200
Changed in phpmyadmin: | |
importance: | Undecided → Wishlist |
ACKed.