Cross-Site Scripting in php-udan11-sql-parser
ID: | FEDORA-2015-17908c56c1 |
Distribution: | Fedora |
Plattformen: | Fedora 22 |
Datum: | Sa, 31. Oktober 2015, 10:14 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7873 |
Applikationen: | php-udan11-sql-parser |
Originalnachricht |
|
Name : php-udan11-sql-parser Product : Fedora 22 Version : 3.0.4 Release : 1.fc22 URL : https://github.com/udan11/sql-parser Summary : A validating SQL lexer and parser with a focus on MySQL dialect Description : A validating SQL lexer and parser with a focus on MySQL dialect. This library was originally developed for phpMyAdmin during the Google Summer of Code 2015. To use this library, you just have to add, in your project: require_once '/usr/share/php/SqlParser/autoload.php'; -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.1.0 (2015-10-23) =============================== - Invalid argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value - Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system - 'PMA_Microhistory' is undefined - Incorrect definition for getTablesWhenOpen() - Error when creating new user on MariaDB 10.0.21 - Notice on htmlspecialchars() - Notice in Structure page of views - AUTO_INCREMENT always exported when IF NOT EXISTS is on - Some partitions are missing in copied table - Notice of undefined variable when performing SHOW CREATE - Error exporting sql query results with table alias - SQL editing window does not recognise 'OUTER' keyword in 'LEFT OUTER JOIN' - "NOT IN" clause not recognized (MySQL 5.6 and 5.7) - Yellow star does not change in database Structure after add/remove from favorites - Invalid SQL in table definition when exporting table - Foreign key to other database's tables fails - Bug while exporting results when a joined table field name is in SELECT query - Strange behavior on table rename - Rename table does not result in refresh in left panel - Missing arguments for PMA_Table::generateAlter() - Notices about undefined indexes on structure pages of information_schema tables - Change minimum PHP version for Composer - Import parser and backslash - "Visualize GIS data" seems to be broken - Confirm box on "Reset slave" option - Fix cookies clearing on version change - Cannot execute SQL with subquery - Incorrect syntax creating a user using mysql_native_password with MariaDB - Cannot use third party auth plugins -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275108 - CVE-2015-7873 phpMyAdmin: Content spoofing on url.php (PMASA-2015-5) https://bugzilla.redhat.com/show_bug.cgi?id=1275108 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-udan11-sql-parser' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce |