--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2023-c713d12577
2023-02-17 01:32:31.766296
--------------------------------------------------------------------------------Name        : phpMyAdmin
Product     : Fedora 36
Version     : 5.2.1
Release     : 1.fc36
URL         : https://www.phpmyadmin.net/
Summary     : A web interface for MySQL and MariaDB
Description :
phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the Web. Currently it can create and drop databases,
create/drop/alter tables, delete/edit/add fields, execute any SQL statement,
manage keys on fields, manage privileges,export data into various formats and
is available in 50 languages

--------------------------------------------------------------------------------Update Information:

**phpMyAdmin 5.2.1**   This is a bugfix release that also contains a security
fix for an XSS vulnerability in the drag-and-drop upload functionality
(**PMASA-2023-01**).  Changelog:  - issue #17522 Fix case where the routes cache
file is invalid - issue #17506 Fix error when configuring 2FA without XMLWriter
or Imagick - issue        Fix blank page when some error occurs - issue #17519
Fix Export pages not working in certain conditions - issue #17496 Fix error in
table operation page when partitions are broken - issue #17386 Fix system memory
and system swap values on Windows - issue #17517 Fix Database Server panel not
getting hidden by ShowServerInfo configuration directive - issue #17271 Fix
database names not showing on Processes tab - issue #17424 Fix export limit size
calculation - issue #17366 Fix refresh rate popup on Monitor page - issue #17577
Fix monitor charts size on RTL languages - issue #17121 Fix password_hash
function incorrectly adding single quotes to password before hashing - issue
#17586 Fix statistics not showing for empty databases - issue #17592 Clicking on
the New index link on the sidebar does not throw an error anymore - issue #17584
It's now possible to browse a database that includes two % in its name - issue
Fix PHP 8.2 deprecated string interpolation syntax - issue        Some languages
are now correctly detected from the HTTP header - issue #17617 Sorting is
correctly remembered when $cfg['RememberSorting'] is true - issue #17593 Table
filtering now works when action buttons are on the right side of the row - issue
#17388 Find and Replace using regex now makes a valid query if no matching
result set found - issue #17551 Enum/Set editor will not fail to open when
creating a new column - issue #17659 Fix error when a database group is named
tables, views, functions, procedures or events - issue #17673 Allow empty values
to be inserted into columns - issue #17620 Fix error handling at phpMyAdmin
startup for the JS SQL console - issue        Fixed debug queries console broken
UI for query time and group count - issue        Fixed escaping of SQL query and
errors for the debug console - issue        Fix console toolbar UI when the
bookmark feature is disabled and sql debug is enabled - issue #17543 Fix JS
error on saving a new designer page - issue #17546 Fix JS error after using save
as and open page operation on the designer - issue        Fix PHP warning on GIS
visualization when there is only one GIS column - issue #17728 Some select HTML
tags will now have the correct UI style - issue #17734 PHP deprecations will
only be shown when in a development environment - issue #17369 Fix server error
when blowfish_secret is not exactly 32 bytes long - issue #17736 Add utf8mb3 as
an alias of utf8 on the charset description page - issue #16418 Fix FAQ 1.44
about manually removing vendor folders - issue #12359 Setup page now sends the
Content-Security-Policy headers - issue #17747 The Column Visibility Toggle will
not be hidden by other elements - issue #17756 Edit/Copy/Delete row now works
when using GROUP BY - issue #17248 Support the UUID data type for MariaDB >10.7 - issue #17656 Fix replace/change/set table prefix is not working - issue
Fix monitor page filter queries only filtering the first row - issue        Fix
"Link not found!" on foreign columns for tables having no char column to show -issue #17390 Fix "Create view" modal doesn't show on results and empty results -issue #17772 Fix wrong styles for add button from central columns - issue #17389
Fix HTML disappears when exporting settings to browser's storage - issue #17166
Fix "Warning: #1287 'X' is deprecated [...] Please use ST_X instead." on search
page - issue        Use jquery-migrate.min.js (14KB) instead of jquery-migrate.min.js (31KB) - issue #17842 Use jquery.validate.min.js (24 KB) instead
of jquery.validate.js (50 KB) - issue #17281 Fix links to databases for
information_schema.SCHEMATA - issue #17553 Fix Metro theme unreadable links
above navigation tree - issue #17553 Metro theme UI fixes and improvements -issue #17553 Fix Metro theme login form with - issue #16042 Exported gzip file
of database has first ~73 kB uncompressed and rest is gzip compressed in Firefox
- issue #17705 Fix inline SQL query edit FK checkbox preventing submit buttons
from working - issue #17777 Fix Uncaught TypeError: Cannot read properties of
null (reading 'inline') on datepickers when re-opened - issue        Fix
Original theme buttons style and login form width - issue #17892 Fix closing
index edit modal and reopening causes it to fire twice - issue #17606 Fix
preview SQL modal not working inside "Add Index" modal - issue        Fix PHP
error on adding new column on create table form - issue #17482 Default to "Full
texts" when running explain statements - issue        Fixed Chrome scrolling
performance issue on a textarea of an "export as text" page - issue #17703 Fix
datepicker appears on all fields, not just date - issue        Fix space in the
tree line when a DB is expanded - issue #17340 Fix "New Table" page -> "VIRTUAL"
attribute is lost when adding a new column - issue #17446 Fix missing option for
STORED virtual column on MySQL and PERSISTENT is not supported on MySQL - issue
#17446 Lower the check for virtual columns to MySQL>=5.7.6 nothing is supported
on 5.7.5 - issue        Fix column names option for CSV Export - issue #17177
Fix preview SQL when reordering columns doesn't work on move columns - issue
#15887 Fixed DROP TABLE errors ignored on multi table select for DROP - issue
#17944 Fix unable to create a view from tree view button - issue #17927 Fix key
navigation between select inputs (drop an old Firefox workaround) - issue #17967
Fix missing icon for collapse all button - issue #18006 Fixed UUID columns can't
be moved - issue        Add `spellcheck="false"` to all password fields and some
text fields to avoid spell-jacking data leaks - issue        Remove non working
"Analyze Explain at MariaDB.org" button (MariaDB stopped this service) - issue
#17229 Add support for Web Authentication API because Chrome removed support for
the U2F API - issue #18019 Fix "Call to a member function fetchAssoc() on bool"
with SQL mode ONLY_FULL_GROUP_BY on monitor search logs - issue        Add back
UUID and UUID_SHORT to functions on MySQL and all MariaDB versions - issue
#17398 Fix clicking on JSON columns triggers update query - issue        Fix
silent JSON parse error on upload progress - issue #17833 Fix "Add Parameter"
button not working for Add Routine Screen - issue #17365 Fixed "Uncaught Error:
regexp too big" on server status variables page - issue        [security] Fix an
XSS attack through the drag-and-drop upload feature (PMASA-2023-01)
--------------------------------------------------------------------------------ChangeLog:

* Wed Feb  8 2023 Remi Collet  - 5.2.1-1
- update to 5.2.1 (2023-02-08, security and bugfix release)
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-c713d12577' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://pagure.io/login/

Fedora 36: phpMyAdmin 2023-c713d12577

February 17, 2023

**phpMyAdmin 5.2.1** This is a bugfix release that also contains a security fix for an XSS vulnerability in the drag-and-drop upload functionality (**PMASA-2023-01**)

Summary

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the Web. Currently it can create and drop databases,

create/drop/alter tables, delete/edit/add fields, execute any SQL statement,

manage keys on fields, manage privileges,export data into various formats and

is available in 50 languages

**phpMyAdmin 5.2.1** This is a bugfix release that also contains a security

fix for an XSS vulnerability in the drag-and-drop upload functionality

(**PMASA-2023-01**). Changelog: - issue #17522 Fix case where the routes cache

file is invalid - issue #17506 Fix error when configuring 2FA without XMLWriter

or Imagick - issue Fix blank page when some error occurs - issue #17519

Fix Export pages not working in certain conditions - issue #17496 Fix error in

table operation page when partitions are broken - issue #17386 Fix system memory

and system swap values on Windows - issue #17517 Fix Database Server panel not

getting hidden by ShowServerInfo configuration directive - issue #17271 Fix

database names not showing on Processes tab - issue #17424 Fix export limit size

calculation - issue #17366 Fix refresh rate popup on Monitor page - issue #17577

Fix monitor charts size on RTL languages - issue #17121 Fix password_hash

function incorrectly adding single quotes to password before hashing - issue

#17586 Fix statistics not showing for empty databases - issue #17592 Clicking on

the New index link on the sidebar does not throw an error anymore - issue #17584

It's now possible to browse a database that includes two % in its name - issue

Fix PHP 8.2 deprecated string interpolation syntax - issue Some languages

are now correctly detected from the HTTP header - issue #17617 Sorting is

correctly remembered when $cfg['RememberSorting'] is true - issue #17593 Table

filtering now works when action buttons are on the right side of the row - issue

#17388 Find and Replace using regex now makes a valid query if no matching

result set found - issue #17551 Enum/Set editor will not fail to open when

creating a new column - issue #17659 Fix error when a database group is named

tables, views, functions, procedures or events - issue #17673 Allow empty values

to be inserted into columns - issue #17620 Fix error handling at phpMyAdmin

startup for the JS SQL console - issue Fixed debug queries console broken

UI for query time and group count - issue Fixed escaping of SQL query and

errors for the debug console - issue Fix console toolbar UI when the

bookmark feature is disabled and sql debug is enabled - issue #17543 Fix JS

error on saving a new designer page - issue #17546 Fix JS error after using save

as and open page operation on the designer - issue Fix PHP warning on GIS

visualization when there is only one GIS column - issue #17728 Some select HTML

tags will now have the correct UI style - issue #17734 PHP deprecations will

only be shown when in a development environment - issue #17369 Fix server error

when blowfish_secret is not exactly 32 bytes long - issue #17736 Add utf8mb3 as

an alias of utf8 on the charset description page - issue #16418 Fix FAQ 1.44

about manually removing vendor folders - issue #12359 Setup page now sends the

Content-Security-Policy headers - issue #17747 The Column Visibility Toggle will

not be hidden by other elements - issue #17756 Edit/Copy/Delete row now works

when using GROUP BY - issue #17248 Support the UUID data type for MariaDB >10.7 - issue #17656 Fix replace/change/set table prefix is not working - issue

Fix monitor page filter queries only filtering the first row - issue Fix

"Link not found!" on foreign columns for tables having no char column to show -issue #17390 Fix "Create view" modal doesn't show on results and empty results -issue #17772 Fix wrong styles for add button from central columns - issue #17389

Fix HTML disappears when exporting settings to browser's storage - issue #17166

Fix "Warning: #1287 'X' is deprecated [...] Please use ST_X instead." on search

page - issue Use jquery-migrate.min.js (14KB) instead of jquery-migrate.min.js (31KB) - issue #17842 Use jquery.validate.min.js (24 KB) instead

of jquery.validate.js (50 KB) - issue #17281 Fix links to databases for

information_schema.SCHEMATA - issue #17553 Fix Metro theme unreadable links

above navigation tree - issue #17553 Metro theme UI fixes and improvements -issue #17553 Fix Metro theme login form with - issue #16042 Exported gzip file

of database has first ~73 kB uncompressed and rest is gzip compressed in Firefox

- issue #17705 Fix inline SQL query edit FK checkbox preventing submit buttons

from working - issue #17777 Fix Uncaught TypeError: Cannot read properties of

null (reading 'inline') on datepickers when re-opened - issue Fix

Original theme buttons style and login form width - issue #17892 Fix closing

index edit modal and reopening causes it to fire twice - issue #17606 Fix

preview SQL modal not working inside "Add Index" modal - issue Fix PHP

error on adding new column on create table form - issue #17482 Default to "Full

texts" when running explain statements - issue Fixed Chrome scrolling

performance issue on a textarea of an "export as text" page - issue #17703 Fix

datepicker appears on all fields, not just date - issue Fix space in the

tree line when a DB is expanded - issue #17340 Fix "New Table" page -> "VIRTUAL"

attribute is lost when adding a new column - issue #17446 Fix missing option for

STORED virtual column on MySQL and PERSISTENT is not supported on MySQL - issue

#17446 Lower the check for virtual columns to MySQL>=5.7.6 nothing is supported

on 5.7.5 - issue Fix column names option for CSV Export - issue #17177

Fix preview SQL when reordering columns doesn't work on move columns - issue

#15887 Fixed DROP TABLE errors ignored on multi table select for DROP - issue

#17944 Fix unable to create a view from tree view button - issue #17927 Fix key

navigation between select inputs (drop an old Firefox workaround) - issue #17967

Fix missing icon for collapse all button - issue #18006 Fixed UUID columns can't

be moved - issue Add `spellcheck="false"` to all password fields and some

text fields to avoid spell-jacking data leaks - issue Remove non working

"Analyze Explain at MariaDB.org" button (MariaDB stopped this service) - issue

#17229 Add support for Web Authentication API because Chrome removed support for

the U2F API - issue #18019 Fix "Call to a member function fetchAssoc() on bool"

with SQL mode ONLY_FULL_GROUP_BY on monitor search logs - issue Add back

UUID and UUID_SHORT to functions on MySQL and all MariaDB versions - issue

#17398 Fix clicking on JSON columns triggers update query - issue Fix

silent JSON parse error on upload progress - issue #17833 Fix "Add Parameter"

button not working for Add Routine Screen - issue #17365 Fixed "Uncaught Error:

regexp too big" on server status variables page - issue [security] Fix an

XSS attack through the drag-and-drop upload feature (PMASA-2023-01)

* Wed Feb 8 2023 Remi Collet - 5.2.1-1

- update to 5.2.1 (2023-02-08, security and bugfix release)

su -c 'dnf upgrade --advisory FEDORA-2023-c713d12577' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it: https://pagure.io/login/

FEDORA-2023-c713d12577 2023-02-17 01:32:31.766296 Product : Fedora 36 Version : 5.2.1 Release : 1.fc36 URL : https://www.phpmyadmin.net/ Summary : A web interface for MySQL and MariaDB Description : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and is available in 50 languages **phpMyAdmin 5.2.1** This is a bugfix release that also contains a security fix for an XSS vulnerability in the drag-and-drop upload functionality (**PMASA-2023-01**). Changelog: - issue #17522 Fix case where the routes cache file is invalid - issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick - issue Fix blank page when some error occurs - issue #17519 Fix Export pages not working in certain conditions - issue #17496 Fix error in table operation page when partitions are broken - issue #17386 Fix system memory and system swap values on Windows - issue #17517 Fix Database Server panel not getting hidden by ShowServerInfo configuration directive - issue #17271 Fix database names not showing on Processes tab - issue #17424 Fix export limit size calculation - issue #17366 Fix refresh rate popup on Monitor page - issue #17577 Fix monitor charts size on RTL languages - issue #17121 Fix password_hash function incorrectly adding single quotes to password before hashing - issue #17586 Fix statistics not showing for empty databases - issue #17592 Clicking on the New index link on the sidebar does not throw an error anymore - issue #17584 It's now possible to browse a database that includes two % in its name - issue Fix PHP 8.2 deprecated string interpolation syntax - issue Some languages are now correctly detected from the HTTP header - issue #17617 Sorting is correctly remembered when $cfg['RememberSorting'] is true - issue #17593 Table filtering now works when action buttons are on the right side of the row - issue #17388 Find and Replace using regex now makes a valid query if no matching result set found - issue #17551 Enum/Set editor will not fail to open when creating a new column - issue #17659 Fix error when a database group is named tables, views, functions, procedures or events - issue #17673 Allow empty values to be inserted into columns - issue #17620 Fix error handling at phpMyAdmin startup for the JS SQL console - issue Fixed debug queries console broken UI for query time and group count - issue Fixed escaping of SQL query and errors for the debug console - issue Fix console toolbar UI when the bookmark feature is disabled and sql debug is enabled - issue #17543 Fix JS error on saving a new designer page - issue #17546 Fix JS error after using save as and open page operation on the designer - issue Fix PHP warning on GIS visualization when there is only one GIS column - issue #17728 Some select HTML tags will now have the correct UI style - issue #17734 PHP deprecations will only be shown when in a development environment - issue #17369 Fix server error when blowfish_secret is not exactly 32 bytes long - issue #17736 Add utf8mb3 as an alias of utf8 on the charset description page - issue #16418 Fix FAQ 1.44 about manually removing vendor folders - issue #12359 Setup page now sends the Content-Security-Policy headers - issue #17747 The Column Visibility Toggle will not be hidden by other elements - issue #17756 Edit/Copy/Delete row now works when using GROUP BY - issue #17248 Support the UUID data type for MariaDB >10.7 - issue #17656 Fix replace/change/set table prefix is not working - issue Fix monitor page filter queries only filtering the first row - issue Fix "Link not found!" on foreign columns for tables having no char column to show -issue #17390 Fix "Create view" modal doesn't show on results and empty results -issue #17772 Fix wrong styles for add button from central columns - issue #17389 Fix HTML disappears when exporting settings to browser's storage - issue #17166 Fix "Warning: #1287 'X' is deprecated [...] Please use ST_X instead." on search page - issue Use jquery-migrate.min.js (14KB) instead of jquery-migrate.min.js (31KB) - issue #17842 Use jquery.validate.min.js (24 KB) instead of jquery.validate.js (50 KB) - issue #17281 Fix links to databases for information_schema.SCHEMATA - issue #17553 Fix Metro theme unreadable links above navigation tree - issue #17553 Metro theme UI fixes and improvements -issue #17553 Fix Metro theme login form with - issue #16042 Exported gzip file of database has first ~73 kB uncompressed and rest is gzip compressed in Firefox - issue #17705 Fix inline SQL query edit FK checkbox preventing submit buttons from working - issue #17777 Fix Uncaught TypeError: Cannot read properties of null (reading 'inline') on datepickers when re-opened - issue Fix Original theme buttons style and login form width - issue #17892 Fix closing index edit modal and reopening causes it to fire twice - issue #17606 Fix preview SQL modal not working inside "Add Index" modal - issue Fix PHP error on adding new column on create table form - issue #17482 Default to "Full texts" when running explain statements - issue Fixed Chrome scrolling performance issue on a textarea of an "export as text" page - issue #17703 Fix datepicker appears on all fields, not just date - issue Fix space in the tree line when a DB is expanded - issue #17340 Fix "New Table" page -> "VIRTUAL" attribute is lost when adding a new column - issue #17446 Fix missing option for STORED virtual column on MySQL and PERSISTENT is not supported on MySQL - issue #17446 Lower the check for virtual columns to MySQL>=5.7.6 nothing is supported on 5.7.5 - issue Fix column names option for CSV Export - issue #17177 Fix preview SQL when reordering columns doesn't work on move columns - issue #15887 Fixed DROP TABLE errors ignored on multi table select for DROP - issue #17944 Fix unable to create a view from tree view button - issue #17927 Fix key navigation between select inputs (drop an old Firefox workaround) - issue #17967 Fix missing icon for collapse all button - issue #18006 Fixed UUID columns can't be moved - issue Add `spellcheck="false"` to all password fields and some text fields to avoid spell-jacking data leaks - issue Remove non working "Analyze Explain at MariaDB.org" button (MariaDB stopped this service) - issue #17229 Add support for Web Authentication API because Chrome removed support for the U2F API - issue #18019 Fix "Call to a member function fetchAssoc() on bool" with SQL mode ONLY_FULL_GROUP_BY on monitor search logs - issue Add back UUID and UUID_SHORT to functions on MySQL and all MariaDB versions - issue #17398 Fix clicking on JSON columns triggers update query - issue Fix silent JSON parse error on upload progress - issue #17833 Fix "Add Parameter" button not working for Add Routine Screen - issue #17365 Fixed "Uncaught Error: regexp too big" on server status variables page - issue [security] Fix an XSS attack through the drag-and-drop upload feature (PMASA-2023-01) * Wed Feb 8 2023 Remi Collet - 5.2.1-1 - update to 5.2.1 (2023-02-08, security and bugfix release) su -c 'dnf upgrade --advisory FEDORA-2023-c713d12577' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/ Do not reply to spam, report it: https://pagure.io/login/