svn commit: r358646 - branches/2014Q2/databases/phpmyadmin

Matthew Seaman matthew at FreeBSD.org
Fri Jun 20 22:22:35 UTC 2014


Author: matthew
Date: Fri Jun 20 22:22:35 2014
New Revision: 358646
URL: http://svnweb.freebsd.org/changeset/ports/358646
QAT: https://qat.redports.org/buildarchive/r358646/

Log:
  MFH: r358641
  
  Security update to 4.2.4
  
    - while here switch plist to use @sample
  
  The advisories: PMASA-2014-2 and PMASA-2014-3, have not been published
  yet, so there is very little concrete information about what the
  security problems are. About all there is comes from the change log,
  where the security issues are listed as:
  
  - bug #4464 [security] XSS injection due to unescaped db/table name in navigation hiding
  - bug #4465 [security] XSS injection due to unescaped db/table name in recent/favorite tables
  
  ChangeLog:	http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.2.4/phpMyAdmin-4.2.4-notes.html/view
  Approved by:	portmgr

Modified:
  branches/2014Q2/databases/phpmyadmin/pkg-plist-chunk
Directory Properties:
  branches/2014Q2/   (props changed)

Modified: branches/2014Q2/databases/phpmyadmin/pkg-plist-chunk
==============================================================================
--- branches/2014Q2/databases/phpmyadmin/pkg-plist-chunk	Fri Jun 20 22:20:56 2014	(r358645)
+++ branches/2014Q2/databases/phpmyadmin/pkg-plist-chunk	Fri Jun 20 22:22:35 2014	(r358646)
@@ -1,7 +1,5 @@
 @mode 640
 @group %%PMA_GRP%%
- at unexec if cmp -s %D/%%WWWDIR%%/config.inc.php.sample %D/%%WWWDIR%%/config.inc.php ; then rm -f %D/%%WWWDIR%%/config.inc.php ; fi
-%%WWWDIR%%/config.inc.php.sample
- at exec [ ! -f %B/config.inc.php ] && cp -p %B/%f %B/config.inc.php || true
+ at sample %%WWWDIR%%/config.inc.php.sample
 @mode
 @group


More information about the svn-ports-all mailing list