diff --git a/BeModule/conf.php b/BeModule/conf.php index 65560c6a..aec7ce1d 100644 --- a/BeModule/conf.php +++ b/BeModule/conf.php @@ -11,7 +11,7 @@ // Configuration $MCONF['name'] = 'tools_txphpmyadmin'; $MCONF['script'] = '_DISPATCH'; -$MCONF['PMA_subdir'] = 'Vendor/phpMyAdmin-4.4.15.6-all-languages/'; +$MCONF['PMA_subdir'] = 'Vendor/phpMyAdmin-4.4.15.8-all-languages/'; $MCONF['PMA_script'] = 'index.php'; // Localization diff --git a/BeModule/index.php b/BeModule/index.php index a0a7be1f..918d9077 100644 --- a/BeModule/index.php +++ b/BeModule/index.php @@ -235,7 +235,7 @@ public function printContent() { $MCONF['name'] = 'tools_txphpmyadmin'; $MCONF['script'] = '_DISPATCH'; $MCONF['access'] = 'admin'; -$MCONF['PMA_subdir'] = 'Vendor/phpMyAdmin-4.4.15.6-all-languages/'; +$MCONF['PMA_subdir'] = 'Vendor/phpMyAdmin-4.4.15.8-all-languages/'; $MCONF['PMA_script'] = 'index.php'; // Proceed if TYPO3_MODE is defined diff --git a/Documentation/Changelog/Index.rst b/Documentation/Changelog/Index.rst index 99a2a912..857bd41f 100644 --- a/Documentation/Changelog/Index.rst +++ b/Documentation/Changelog/Index.rst @@ -11,6 +11,47 @@ Change Log The following is an overview of the changes in this extension. For more details `read the online log `_. +2016-08-17 Andreas Beutel - Version 5.1.7 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +- [FEATURE] Updated pMA to the latest stable 4.4.x release (4.4.15.8) +- [SECURITY] Includes critical vendor security fixes +- `PMASA-2016-56 `_: Remote code execution vulnerability when PHP is running with dbase extension +- `PMASA-2016-54 `_: Remote code execution vulnerability when run as CGI +- `PMASA-2016-52 `_: ArbitraryServerRegexp bypass +- `PMASA-2016-45 `_: DOS attack with forced persistent connections +- [SECURITY] Includes serious vendor security fixes +- `PMASA-2016-53 `_: Denial of service (DOS) attack by changing password to a very long string +- `PMASA-2016-47 `_: IPv6 and proxy server IP-based authentication rule circumvention +- `PMASA-2016-42 `_: SQL injection attack as control user +- `PMASA-2016-39 `_: SQL injection attack +- `PMASA-2016-37 `_: Path traversal with SaveDir and UploadDir +- `PMASA-2016-36 `_: Local file exposure through symlinks with UploadDir +- `PMASA-2016-35 `_: Local file exposure +- `PMASA-2016-34 `_: SQL injection attack +- `PMASA-2016-29 `_: Weakness with cookie encryption +- `PMASA-2016-22 `_: DOS attack +- `PMASA-2016-21 `_: Multiple XSS vulnerabilities +- [SECURITY] Includes moderate vendor security fixes +- `PMASA-2016-51 `_: Reflected File Download attack +- `PMASA-2016-50 `_: Referrer leak in url.php +- `PMASA-2016-49 `_: Bypass URL redirect protection +- `PMASA-2016-46 `_: Denial of service (DOS) attack by for loops +- `PMASA-2016-43 `_: Unvalidated data passed to unserialize() +- `PMASA-2016-32 `_: PHP code injection +- `PMASA-2016-30 `_: Multiple XSS vulnerabilities +- `PMASA-2016-28 `_: Referrer leak in transformations +- `PMASA-2016-27 `_: Unsafe handling of preg_replace parameters +- `PMASA-2016-26 `_: Multiple XSS vulnerabilities +- `PMASA-2016-23 `_: Multiple full path disclosure vulnerabilities +- `PMASA-2016-19 `_: SQL injection attack +- [SECURITY] Includes non-critical vendor security fixes +- `PMASA-2016-55 `_: Denial of service (DOS) attack with dbase extension +- `PMASA-2016-48 `_: Detect if user is logged in +- `PMASA-2016-41 `_: Denial of service (DOS) attack in transformation feature +- `PMASA-2016-38 `_: Multiple XSS vulnerabilities +- `PMASA-2016-33 `_: Full path disclosure +- `PMASA-2016-17 `_: BBCode injection vulnerability + 2016-05-27 Andreas Beutel - Version 5.1.6 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - [FEATURE] Updated pMA to the latest stable 4.4.x release (4.4.15.6) diff --git a/Documentation/Index.rst b/Documentation/Index.rst index 1e7b52f3..fda5df86 100644 --- a/Documentation/Index.rst +++ b/Documentation/Index.rst @@ -24,7 +24,7 @@ phpMyAdmin for TYPO3 2002-11-01 :Changed: - 2016-05-27 + 2016-08-17 :Changed by: Andreas Beutel diff --git a/ReadMe.md b/ReadMe.md index dfa687c3..61cd977c 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -8,6 +8,8 @@ execute any SQL statement - see http://www.phpmyadmin.net/ ## Requirements and known issues -Version 5.x of the TYPO3 phpMyAdmin extension includes the latest release of phpMyAdmin (4.x). If your need -an older version compatible with PHP 5.2 and MySQL 5 just use one of the 4.x releases. The 4x releases -are supported for security fixes only (until Jan 1, 2016). +Version 5.x of the TYPO3 phpMyAdmin extension includes the latest release of phpMyAdmin (4.x). +phpMyAdmin 4.4.x is officially supported for security fixes only until October 1, 2016! + +If you're in need of an older version compatible with PHP 5.2 and MySQL 5 just use one of the 4.x +releases. The 4x releases were supported for security fixes only until Jan 1, 2016. \ No newline at end of file diff --git a/Settings.yml b/Settings.yml index 5c7d6be6..d17cc8ea 100644 --- a/Settings.yml +++ b/Settings.yml @@ -6,8 +6,8 @@ conf.py: copyright: 2002-2016 project: phpMyAdmin Extension for TYPO3 - version: 5.1.5 - release: 5.1.5 + version: 5.1.7 + release: 5.1.7 latex_documents: - - Index - phpmyadmin.tex diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/RELEASE-DATE-4.4.15.6 b/Vendor/phpMyAdmin-4.4.15.6-all-languages/RELEASE-DATE-4.4.15.6 deleted file mode 100644 index 6dbc2f4d..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/RELEASE-DATE-4.4.15.6 +++ /dev/null @@ -1 +0,0 @@ -Wed May 25 17:24:53 UTC 2016 diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/config.sample.inc.php b/Vendor/phpMyAdmin-4.4.15.6-all-languages/config.sample.inc.php deleted file mode 100644 index 035ebb80..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/config.sample.inc.php +++ /dev/null @@ -1,152 +0,0 @@ -. - * - * @package PhpMyAdmin - */ - -/* - * This is needed for cookie based authentication to encrypt password in - * cookie - */ -$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ - -/* - * Servers configuration - */ -$i = 0; - -/* - * First server - */ -$i++; -/* Authentication type */ -$cfg['Servers'][$i]['auth_type'] = 'cookie'; -/* Server parameters */ -$cfg['Servers'][$i]['host'] = 'localhost'; -$cfg['Servers'][$i]['connect_type'] = 'tcp'; -$cfg['Servers'][$i]['compress'] = false; -$cfg['Servers'][$i]['AllowNoPassword'] = false; - -/* - * phpMyAdmin configuration storage settings. - */ - -/* User used to manipulate with storage */ -// $cfg['Servers'][$i]['controlhost'] = ''; -// $cfg['Servers'][$i]['controlport'] = ''; -// $cfg['Servers'][$i]['controluser'] = 'pma'; -// $cfg['Servers'][$i]['controlpass'] = 'pmapass'; - -/* Storage database and tables */ -// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; -// $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark'; -// $cfg['Servers'][$i]['relation'] = 'pma__relation'; -// $cfg['Servers'][$i]['table_info'] = 'pma__table_info'; -// $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords'; -// $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages'; -// $cfg['Servers'][$i]['column_info'] = 'pma__column_info'; -// $cfg['Servers'][$i]['history'] = 'pma__history'; -// $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs'; -// $cfg['Servers'][$i]['tracking'] = 'pma__tracking'; -// $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig'; -// $cfg['Servers'][$i]['recent'] = 'pma__recent'; -// $cfg['Servers'][$i]['favorite'] = 'pma__favorite'; -// $cfg['Servers'][$i]['users'] = 'pma__users'; -// $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups'; -// $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding'; -// $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches'; -// $cfg['Servers'][$i]['central_columns'] = 'pma__central_columns'; -/* Contrib / Swekey authentication */ -// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; - -/* - * End of servers configuration - */ - -/* - * Directories for saving/loading files from server - */ -$cfg['UploadDir'] = ''; -$cfg['SaveDir'] = ''; - -/** - * Whether to display icons or text or both icons and text in table row - * action segment. Value can be either of 'icons', 'text' or 'both'. - */ -//$cfg['RowActionType'] = 'both'; - -/** - * Defines whether a user should be displayed a "show all (records)" - * button in browse mode or not. - * default = false - */ -//$cfg['ShowAll'] = true; - -/** - * Number of rows displayed when browsing a result set. If the result - * set contains more rows, "Previous" and "Next". - * default = 30 - */ -//$cfg['MaxRows'] = 50; - -/** - * disallow editing of binary fields - * valid values are: - * false allow editing - * 'blob' allow editing except for BLOB fields - * 'noblob' disallow editing except for BLOB fields - * 'all' disallow editing - * default = blob - */ -//$cfg['ProtectBinary'] = 'false'; - -/** - * Default language to use, if not browser-defined or user-defined - * (you find all languages in the locale folder) - * uncomment the desired line: - * default = 'en' - */ -//$cfg['DefaultLang'] = 'en'; -//$cfg['DefaultLang'] = 'de'; - -/** - * How many columns should be used for table display of a database? - * (a value larger than 1 results in some information being hidden) - * default = 1 - */ -//$cfg['PropertiesNumColumns'] = 2; - -/** - * Set to true if you want DB-based query history.If false, this utilizes - * JS-routines to display query history (lost by window close) - * - * This requires configuration storage enabled, see above. - * default = false - */ -//$cfg['QueryHistoryDB'] = true; - -/** - * When using DB-based query history, how many entries should be kept? - * - * default = 25 - */ -//$cfg['QueryHistoryMax'] = 100; - -/** - * Should error reporting be enabled for JavaScript errors - * - * default = 'ask' - */ -//$cfg['SendErrorReports'] = 'ask'; - -/* - * You can find more configuration options in the documentation - * in the doc/ folder or at . - */ -?> diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/file_echo.php b/Vendor/phpMyAdmin-4.4.15.6-all-languages/file_echo.php deleted file mode 100644 index 2f752985..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/file_echo.php +++ /dev/null @@ -1,85 +0,0 @@ - 'png', - 'image/svg+xml' => 'svg', - ); - - /* Check whether MIME type is allowed */ - if (! isset($allowed[$_REQUEST['type']])) { - PMA_fatalError(__('Invalid export type')); - } - - /* - * Check file name to match mime type and not contain new lines - * to prevent response splitting. - */ - $extension = $allowed[$_REQUEST['type']]; - $valid_match = '/^[^\n\r]*\.' . $extension . '$/'; - if (! preg_match($valid_match, $_REQUEST['filename'])) { - if (! preg_match('/^[^\n\r]*$/', $_REQUEST['filename'])) { - /* Filename is unsafe, discard it */ - $filename = 'download.' . $extension; - } else { - /* Add extension */ - $filename = $_REQUEST['filename'] . '.' . $extension; - } - } else { - /* Filename from request should be safe here */ - $filename = $_REQUEST['filename']; - } - - /** @var PMA_String $pmaString */ - $pmaString = $GLOBALS['PMA_String']; - - /* Decode data */ - if ($extension != 'svg') { - $data = /*overload*/mb_substr( - $_REQUEST['image'], - /*overload*/mb_strpos($_REQUEST['image'], ',') + 1 - ); - $data = base64_decode($data); - } else { - $data = $_REQUEST['image']; - } - - /* Send download header */ - PMA_downloadHeader( - $filename, - $_REQUEST['type'], - /*overload*/mb_strlen($data) - ); - - /* Send data */ - echo $data; - -} else if (isset($_REQUEST['monitorconfig'])) { - /* For monitor chart config export */ - PMA_downloadHeader('monitor.cfg', 'application/json; charset=UTF-8'); - header('X-Content-Type-Options: nosniff'); - - echo urldecode($_REQUEST['monitorconfig']); - -} else if (isset($_REQUEST['import'])) { - /* For monitor chart config import */ - header('Content-Type: application/json; charset=UTF-8'); - header('X-Content-Type-Options: nosniff'); - - if (!file_exists($_FILES['file']['tmp_name'])) { - exit(); - } - echo file_get_contents($_FILES['file']['tmp_name']); -} -?> diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/authentication.inc.php b/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/authentication.inc.php deleted file mode 100644 index 1d42e2c3..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/authentication.inc.php +++ /dev/null @@ -1,176 +0,0 @@ - - - diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/musbe-ca.crt b/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/musbe-ca.crt deleted file mode 100644 index 2a31ad18..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/musbe-ca.crt +++ /dev/null @@ -1,25 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIJAMjw7QcLWCd6MA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV -BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQKEwtNdXNiZSwgSW5j -LjESMBAGA1UEAxMJbXVzYmUuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQG11c2Jl -LmNvbTAeFw0wODA5MDQxNDE2MTNaFw0zNzEyMjExNDE2MTNaMGsxCzAJBgNVBAYT -AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQKEwtNdXNiZSwgSW5jLjES -MBAGA1UEAxMJbXVzYmUuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQG11c2JlLmNv -bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOBhOljxVzQfK4gted2I -d3BemcjW4abAUOzn3KYWXpPO5xIfVeXNDGkDbyH+X+7fo94sX25/ewuKNFDSOcvo -tXHq7uQenTHB35r+a+LY81KceUHgW90a3XsqPAkwAjyYcgo3zmM2DtLvw+5Yod8T -wAHk9m3qavnQ1uk99jBTwL7RZ9jIZHh9pFCL93uJc2obtd8O96Iycbn2q0w/AWbb -+eUVWIHzvLtfPvROeL3lJzr/Uz5LjKapxJ3qyqASflfHpnj9pU8l6g2TQ6Hg5KT5 -tLFkRe7uGhOfRtOQ/+NjaWrEuNCFnpyN4Q5Fv+5qA1Ip1IpH0200sWbAf/k2u0Qp -Sx0CAwEAAaOB0DCBzTAdBgNVHQ4EFgQUczJrQ7hCvtsnzcqiDIZ/GSn/CiwwgZ0G -A1UdIwSBlTCBkoAUczJrQ7hCvtsnzcqiDIZ/GSn/Ciyhb6RtMGsxCzAJBgNVBAYT -AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQKEwtNdXNiZSwgSW5jLjES -MBAGA1UEAxMJbXVzYmUuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQG11c2JlLmNv -bYIJAMjw7QcLWCd6MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGxk -8xzIljeBDQWWVRr0NEALVSv3i09V4jAKkyEOfmZ8lKMKJi0atwbtjrXTzLnNYj+Q -pyUbyY/8ItWvV7pnVxMiF9qcer7e9X4vw358GZuMVE/da1nWxz+CwzTm5oO30RzA -antM9bISFFr9lJq69bDWOnCUi1IG8DSL3TxtlABso7S4vqiZ+sB33l6k1K4a/Njb -QkU9UejKhKkVVZTsOrumfnOJ4MCmPfX8Y/AY2o670y5HnzpxerIYziCVzApPVrW7 -sKH0tuVGturMfQOKgstYe4/m9glBTeTLMkjD+6MJC2ONBD7GAiOO95gNl5M1fzJQ -FEe5CJ7DCYl0GdmLXXw= ------END CERTIFICATE----- diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/swekey.auth.lib.php b/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/swekey.auth.lib.php deleted file mode 100644 index 76bbc02d..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/swekey.auth.lib.php +++ /dev/null @@ -1,318 +0,0 @@ - - - \n"; - // if (file_exists($caFile)) - // echo "\n"; - } - - if (file_exists($caFile)) { - Swekey_SetCAFile($caFile); - } elseif (! empty($caFile) - && (substr($_SESSION['SWEKEY']['CONF_SERVER_CHECK'], 0, 8) == "https://") - ) { - return "Internal Error: CA File $caFile not found"; - } - - $result = null; - $swekey_id = $_GET['swekey_id']; - $swekey_otp = $_GET['swekey_otp']; - - if (isset($swekey_id)) { - unset($_SESSION['SWEKEY']['AUTHENTICATED_SWEKEY']); - if (! isset($_SESSION['SWEKEY']['RND_TOKEN'])) { - unset($swekey_id); - } else { - if (strlen($swekey_id) == 32) { - $res = Swekey_CheckOtp( - $swekey_id, $_SESSION['SWEKEY']['RND_TOKEN'], $swekey_otp - ); - unset($_SESSION['SWEKEY']['RND_TOKEN']); - if (! $res) { - $result = __('Hardware authentication failed!') . ' (' . Swekey_GetLastError() . ')'; - } else { - $_SESSION['SWEKEY']['AUTHENTICATED_SWEKEY'] = $swekey_id; - $_SESSION['SWEKEY']['FORCE_USER'] - = $_SESSION['SWEKEY']['VALID_SWEKEYS'][$swekey_id]; - return null; - } - } else { - $result = __('No valid authentication key plugged'); - if ($_SESSION['SWEKEY']['CONF_DEBUG']) { - $result .= "
" . htmlspecialchars($swekey_id); - } - unset($_SESSION['SWEKEY']['CONF_LOADED']); // reload the conf file - } - } - } else { - unset($_SESSION['SWEKEY']); - } - - $_SESSION['SWEKEY']['RND_TOKEN'] = Swekey_GetFastRndToken(); - if (strlen($_SESSION['SWEKEY']['RND_TOKEN']) != 64) { - $result = __('Hardware authentication failed!') . ' (' . Swekey_GetLastError() . ')'; - unset($_SESSION['SWEKEY']['CONF_LOADED']); // reload the conf file - } - - if (! isset($swekey_id)) { - ?> - - display(); - if ($GLOBALS['error_handler']->hasDisplayErrors()) { - echo '
'; - $GLOBALS['error_handler']->dispErrors(); - echo '
'; - } - } - - if (isset($_SESSION['SWEKEY']) && $_SESSION['SWEKEY']['ENABLED']) { - echo ''; - } -} - -if (!empty($_GET['session_to_unset'])) { - session_write_close(); - session_id($_GET['session_to_unset']); - session_start(); - $_SESSION = array(); - session_write_close(); - session_destroy(); - exit; -} - -if (isset($_GET['swekey_reset'])) { - unset($_SESSION['SWEKEY']); -} - -?> diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/swekey.php b/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/swekey.php deleted file mode 100644 index baba5ee6..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/auth/swekey/swekey.php +++ /dev/null @@ -1,536 +0,0 @@ -"; - -/** - * Servers addresses - * Use the Swekey_SetXxxServer($server) functions to set them - */ - -global $gSwekeyCheckServer; -if (! isset($gSwekeyCheckServer)) { - $gSwekeyCheckServer = SWEKEY_DEFAULT_CHECK_SERVER; -} - -global $gSwekeyRndTokenServer; -if (! isset($gSwekeyRndTokenServer)) { - $gSwekeyRndTokenServer = SWEKEY_DEFAULT_RND_SERVER; -} - -global $gSwekeyStatusServer; -if (! isset($gSwekeyStatusServer)) { - $gSwekeyStatusServer = SWEKEY_DEFAULT_STATUS_SERVER; -} - -global $gSwekeyCA; - -global $gSwekeyTokenCacheEnabled; -if (! isset($gSwekeyTokenCacheEnabled)) { - $gSwekeyTokenCacheEnabled = true; -} - -/** - * Change the address of the Check server. - * If $server is empty the default value 'http://auth-check.musbe.net' will be used - * - * @param int $server The protocol and hostname to use - * - * @access public - */ -function Swekey_SetCheckServer($server) -{ - global $gSwekeyCheckServer; - if (empty($server)) { - $gSwekeyCheckServer = SWEKEY_DEFAULT_CHECK_SERVER; - } else { - $gSwekeyCheckServer = $server; - } -} - -/** - * Change the address of the Random Token Generator server. - * If $server is empty the default value 'http://auth-rnd-gen.musbe.net' will be used - * - * @param int $server The protocol and hostname to use - * - * @access public - */ -function Swekey_SetRndTokenServer($server) -{ - global $gSwekeyRndTokenServer; - if (empty($server)) { - $gSwekeyRndTokenServer = SWEKEY_DEFAULT_RND_SERVER; - } else { - $gSwekeyRndTokenServer = $server; - } -} - -/** - * Change the address of the Satus server. - * If $server is empty the default value 'http://auth-status.musbe.net' will be used - * - * @param int $server The protocol and hostname to use - * - * @access public - */ -function Swekey_SetStatusServer($server) -{ - global $gSwekeyStatusServer; - if (empty($server)) { - $gSwekeyStatusServer = SWEKEY_DEFAULT_STATUS_SERVER; - } else { - $gSwekeyStatusServer = $server; - } -} - -/** - * Change the certificat file in case of the the severs use https instead of http - * - * @param string $cafile The path of the crt file to use - * - * @access public - */ -function Swekey_SetCAFile($cafile) -{ - global $gSwekeyCA; - $gSwekeyCA = $cafile; -} - -/** - * Enable or disable the random token caching - * Because everybody has full access to the cache file, it can be a DOS vulnerability - * So disable it if you are running in a non secure enviromnement - * - * @param $enable - * - * @access public - */ -function Swekey_EnableTokenCache($enable) -{ - global $gSwekeyTokenCacheEnabled; - $gSwekeyTokenCacheEnabled = ! empty($enable); -} - - -/** - * Return the last error. - * - * @return string The Last Error - * @access public - */ -function Swekey_GetLastError() -{ - global $gSwekeyLastError; - return $gSwekeyLastError; -} - -/** - * Return the last result. - * - * @return string The Last Error - * @access public - */ -function Swekey_GetLastResult() -{ - global $gSwekeyLastResult; - return $gSwekeyLastResult; -} - -/** - * Send a synchronous request to the server. - * This function manages timeout then will not block if one of the server is down - * - * @param string $url The url to get - * @param string $response_code The response code - * - * @return string The body of the response or "" in case of error - * @access private - */ -function Swekey_HttpGet($url, &$response_code) -{ - global $gSwekeyLastError; - $gSwekeyLastError = 0; - global $gSwekeyLastResult; - $gSwekeyLastResult = ""; - - // use curl if available - if (function_exists('curl_init')) { - $sess = curl_init($url); - if (substr($url, 0, 8) == "https://") { - global $gSwekeyCA; - - if (! empty($gSwekeyCA)) { - if (file_exists($gSwekeyCA)) { - if (! curl_setopt($sess, CURLOPT_CAINFO, $gSwekeyCA)) { - error_log( - "SWEKEY_ERROR:Could not set CA file : ".curl_error($sess) - ); - } else { - $caFileOk = true; - } - } else { - error_log( - "SWEKEY_ERROR:Could not find CA file $gSwekeyCA getting $url" - ); - } - } - - curl_setopt($sess, CURLOPT_SSL_VERIFYHOST, '2'); - curl_setopt($sess, CURLOPT_SSL_VERIFYPEER, '1'); - curl_setopt($sess, CURLOPT_CONNECTTIMEOUT, '20'); - curl_setopt($sess, CURLOPT_TIMEOUT, '20'); - } else { - curl_setopt($sess, CURLOPT_CONNECTTIMEOUT, '3'); - curl_setopt($sess, CURLOPT_TIMEOUT, '5'); - } - - curl_setopt($sess, CURLOPT_RETURNTRANSFER, '1'); - $res=curl_exec($sess); - $response_code = curl_getinfo($sess, CURLINFO_HTTP_CODE); - $curlerr = curl_error($sess); - curl_close($sess); - - if ($response_code == 200) { - $gSwekeyLastResult = $res; - return $res; - } - - if (! empty($response_code)) { - $gSwekeyLastError = $response_code; - error_log( - "SWEKEY_ERROR:Error $gSwekeyLastError ($curlerr) getting $url" - ); - return ""; - } - - $response_code = 408; // Request Timeout - $gSwekeyLastError = $response_code; - error_log("SWEKEY_ERROR:Error $curlerr getting $url"); - return ""; - } - - // use pecl_http if available - if (class_exists('HttpRequest')) { - // retry if one of the server is down - for ($num=1; $num <= 3; $num++ ) { - $r = new HttpRequest($url); - $options = array('timeout' => '3'); - - if (substr($url, 0, 6) == "https:") { - $sslOptions = array(); - $sslOptions['verifypeer'] = true; - $sslOptions['verifyhost'] = true; - - $capath = __FILE__; - $name = strrchr($capath, '/'); - // windows - if (empty($name)) { - $name = strrchr($capath, '\\'); - } - $capath = substr($capath, 0, strlen($capath) - strlen($name) + 1) - . 'musbe-ca.crt'; - - if (! empty($gSwekeyCA)) { - $sslOptions['cainfo'] = $gSwekeyCA; - } - - $options['ssl'] = $sslOptions; - } - - $r->setOptions($options); - - /* - try - { - */ - $reply = $r->send(); - $res = $reply->getBody(); - $info = $r->getResponseInfo(); - $response_code = $info['response_code']; - if ($response_code != 200) { - $gSwekeyLastError = $response_code; - error_log( - "SWEKEY_ERROR:Error ".$gSwekeyLastError." getting ".$url - ); - return ""; - } - - - $gSwekeyLastResult = $res; - return $res; - /* - } - catch (HttpException $e) - { - error_log("SWEKEY_WARNING:HttpException ".$e." getting ".$url); - } - */ - } - - $response_code = 408; // Request Timeout - $gSwekeyLastError = $response_code; - error_log("SWEKEY_ERROR:Error ".$gSwekeyLastError." getting ".$url); - return ""; - } - - global $http_response_header; - $res = @file_get_contents($url); - $response_code = substr($http_response_header[0], 9, 3); //HTTP/1.0 - if ($response_code == 200) { - $gSwekeyLastResult = $res; - return $res; - } - - $gSwekeyLastError = $response_code; - error_log("SWEKEY_ERROR:Error ".$response_code." getting ".$url); - return ""; -} - -/** - * Get a Random Token from a Token Server - * The RT is a 64 vhars hexadecimal value - * You should better use Swekey_GetFastRndToken() for performance - * @access public - */ -function Swekey_GetRndToken() -{ - global $gSwekeyRndTokenServer; - return Swekey_HttpGet($gSwekeyRndTokenServer.'/FULL-RND-TOKEN', $response_code); -} - -/** - * Get a Half Random Token from a Token Server - * The RT is a 64 vhars hexadecimal value - * Use this value if you want to make your own Swekey_GetFastRndToken() - * @access public - */ -function Swekey_GetHalfRndToken() -{ - global $gSwekeyRndTokenServer; - return Swekey_HttpGet($gSwekeyRndTokenServer.'/HALF-RND-TOKEN', $response_code); -} - -/** - * Get a Half Random Token - * The RT is a 64 vhars hexadecimal value - * This function get a new random token and reuse it. - * Token are refetched from the server only once every 30 seconds. - * You should always use this function to get half random token. - * @access public - */ -function Swekey_GetFastHalfRndToken() -{ - global $gSwekeyTokenCacheEnabled; - - $res = ""; - $cachefile = ""; - - // We check if we have a valid RT is the session - if (isset($_SESSION['rnd-token-date'])) { - if (time() - $_SESSION['rnd-token-date'] < 30) { - $res = $_SESSION['rnd-token']; - } - } - - // If not we try to get it from a temp file (PHP >= 5.2.1 only) - if (strlen($res) != 32 && $gSwekeyTokenCacheEnabled) { - if (function_exists('sys_get_temp_dir')) { - $tempdir = sys_get_temp_dir(); - $cachefile = $tempdir."/swekey-rnd-token-".get_current_user(); - $modif = filemtime($cachefile); - if ($modif != false) { - if (time() - $modif < 30) { - $res = @file_get_contents($cachefile); - if (strlen($res) != 32) { - $res = ""; - } else { - $_SESSION['rnd-token'] = $res; - $_SESSION['rnd-token-date'] = $modif; - } - } - } - } - } - - // If we don't have a valid RT here we have to get it from the server - if (strlen($res) != 32) { - $res = substr(Swekey_GetHalfRndToken(), 0, 32); - $_SESSION['rnd-token'] = $res; - $_SESSION['rnd-token-date'] = time(); - if (! empty($cachefile)) { - // we unlink the file so no possible tempfile race attack - unlink($cachefile); - $file = fopen($cachefile, "x"); - if ($file != false) { - @fwrite($file, $res); - @fclose($file); - } - } - } - - return $res."00000000000000000000000000000000"; -} - -/** - * Get a Random Token - * The RT is a 64 vhars hexadecimal value - * This function generates a unique random token for each call but call the - * server only once every 30 seconds. - * You should always use this function to get random token. - * @access public - */ -function Swekey_GetFastRndToken() -{ - $res = Swekey_GetFastHalfRndToken(); - if (strlen($res) == 64) { - return substr($res, 0, 32).strtoupper(md5("Musbe Authentication Key" . mt_rand() . date(DATE_ATOM))); - } - return ""; -} - - -/** - * Checks that an OTP generated by a Swekey is valid - * - * @param mixed $id The id of the swekey - * @param mixed $rt The random token used to generate the otp - * @param mixed $otp The otp generated by the swekey - * - * @return boolean Success - * @access public - */ -function Swekey_CheckOtp($id, $rt, $otp) -{ - global $gSwekeyCheckServer; - $res = Swekey_HttpGet( - $gSwekeyCheckServer.'/CHECK-OTP/'.$id.'/'.$rt.'/'.$otp, - $response_code - ); - return $response_code == 200 && $res == "OK"; -} - -/** - * Values that are associated with a key. - * The following values can be returned by the Swekey_GetStatus() function - */ -define("SWEKEY_STATUS_OK", 0); -define("SWEKEY_STATUS_NOT_FOUND", 1); // The key does not exist in the db -define("SWEKEY_STATUS_INACTIVE", 2); // The key has never been activated -define("SWEKEY_STATUS_LOST", 3); // The user has lost his key -define("SWEKEY_STATUS_STOLEN", 4); // The key was stolen -define("SWEKEY_STATUS_FEE_DUE", 5); // The annual fee was not paid -define("SWEKEY_STATUS_OBSOLETE", 6); // The hardware is no longer supported -define("SWEKEY_STATUS_UNKOWN", 201); // We could not connect to the authentication server - -/** - * Values that are associated with a key. - * The Javascript Api can also return the following values - */ -define("SWEKEY_STATUS_REPLACED", 100); // This key has been replaced by a backup key -define("SWEKEY_STATUS_BACKUP_KEY", 101); // This key is a backup key that is not activated yet -define("SWEKEY_STATUS_NOTPLUGGED", 200); // This key is not plugged in the computer - - -/** - * Return the text corresponding to the integer status of a key - * - * @param int $status The status - * - * @return string The text corresponding to the status - * @access public - */ -function Swekey_GetStatusStr($status) -{ - switch($status) - { - case SWEKEY_STATUS_OK : - return 'OK'; - case SWEKEY_STATUS_NOT_FOUND : - return 'Key does not exist in the db'; - case SWEKEY_STATUS_INACTIVE : - return 'Key not activated'; - case SWEKEY_STATUS_LOST : - return 'Key was lost'; - case SWEKEY_STATUS_STOLEN : - return 'Key was stolen'; - case SWEKEY_STATUS_FEE_DUE : - return 'The annual fee was not paid'; - case SWEKEY_STATUS_OBSOLETE : - return 'Key no longer supported'; - case SWEKEY_STATUS_REPLACED : - return 'This key has been replaced by a backup key'; - case SWEKEY_STATUS_BACKUP_KEY : - return 'This key is a backup key that is not activated yet'; - case SWEKEY_STATUS_NOTPLUGGED : - return 'This key is not plugged in the computer'; - case SWEKEY_STATUS_UNKOWN : - return 'Unknow Status, could not connect to the authentication server'; - } - return 'unknown status '.$status; -} - -/** - * If your web site requires a key to login you should check that the key - * is still valid (has not been lost or stolen) before requiring it. - * A key can be authenticated only if its status is SWEKEY_STATUS_OK - * - * @param mixed $id The id of the swekey - * - * @return int The status of the swekey - * @access public - */ -function Swekey_GetStatus($id) -{ - global $gSwekeyStatusServer; - $res = Swekey_HttpGet($gSwekeyStatusServer.'/GET-STATUS/'.$id, $response_code); - if ($response_code == 200) { - return intval($res); - } - return SWEKEY_STATUS_UNKOWN; -} diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/transformations/generator_main_class.sh b/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/transformations/generator_main_class.sh deleted file mode 100755 index 05876671..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/transformations/generator_main_class.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -# -# Shell script that creates only the main class for a new transformation -# plug-in, using a template -# -# $1: MIMEType -# $2: MIMESubtype -# $3: Transformation Name - -if [ $# != 3 ] -then - echo -e "Usage: ./generator_main_class.sh MIMEType MIMESubtype TransformationName\n" - exit 65 -fi - -./generator_plugin.sh "$1" "$2" "$3" "--generate_only_main_class" \ No newline at end of file diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/transformations/generator_plugin.sh b/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/transformations/generator_plugin.sh deleted file mode 100755 index 225a2cb9..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/libraries/plugins/transformations/generator_plugin.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/bash -# -# Shell script that creates a new transformation plug-in (both main and -# abstract class) using a template. -# -# The 'description' parameter will add a new entry in the language file. -# Watch out for special escaping. -# -# $1: MIMEType -# $2: MIMESubtype -# $3: Transformation Name -# $4: (optional) Description - -echo $# -if [ $# -ne 3 -a $# -ne 4 ]; then - echo -e "Usage: ./generator_plugin.sh MIMEType MIMESubtype TransformationName [Description]\n" - exit 65 -fi - -# make sure that the MIME Type, MIME Subtype and Transformation names -# are in the correct format - -# make all names lowercase -MT="`echo $1 | tr [:upper:] [:lower:]`" -MS="`echo $2 | tr [:upper:] [:lower:]`" -TN="`echo $3 | tr [:upper:] [:lower:]`" -# make first letter uppercase -MT="${MT^}" -MS="${MS^}" -TN="${TN^}" -# make the first letter after each underscore uppercase -MT="`echo $MT`" -MT="`echo $MT | sed -e 's/_./\U&\E/g'`" -MS="`echo $MS`" -MS="`echo $MS | sed -e 's/_./\U&\E/g'`" -TN="`echo $TN`" -TN="`echo $TN | sed -e 's/_./\U&\E/g'`" - -# define the name of the main class file and of its template -ClassFile=$MT\_$MS\_$TN.class.php -Template=TEMPLATE -# define the name of the abstract class file and its template -AbstractClassFile=abstract/"$TN"TransformationsPlugin.class.php -AbstractTemplate=TEMPLATE_ABSTRACT -# replace template names with argument names -sed "s/\[MIMEType]/$MT/; s/\[MIMESubtype\]/$MS/; s/\[TransformationName\]/$TN/;" < $Template > $ClassFile -echo "Created $ClassFile" - -GenerateAbstractClass=1 -if [ -n $4 ]; then - if [ "$4" == "--generate_only_main_class" ]; then - if [ -e $AbstractClassFile ]; then - GenerateAbstractClass=0 - fi - fi -fi - -if [ $GenerateAbstractClass -eq 1 ]; then - # replace template names with argument names - sed "s/\[TransformationName\]/$TN/; s/Description of the transformation./$4/;" < $AbstractTemplate > $AbstractClassFile - echo "Created $AbstractClassFile" -fi - -echo "" \ No newline at end of file diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/ca/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/ca/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index b5798f36..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/ca/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/cs/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/cs/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index 01e55b45..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/cs/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/da/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/da/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index beef545d..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/da/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/de/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/de/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index a0a95448..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/de/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/es/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/es/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index 1c243a2a..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/es/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/fi/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/fi/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index 0b9e0771..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/fi/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/fr/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/fr/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index dca52413..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/fr/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/gl/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/gl/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index c104bba4..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/gl/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/it/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/it/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index a630cf90..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/it/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/nb/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/nb/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index bd8e3308..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/nb/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/nl/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/nl/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index 8cfa9b3d..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/nl/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/pl/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/pl/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index 62fba589..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/pl/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/pt/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/pt/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index 1eb8e127..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/pt/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/si/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/si/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index 4c376d6c..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/si/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/uk/LC_MESSAGES/phpmyadmin.mo b/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/uk/LC_MESSAGES/phpmyadmin.mo deleted file mode 100644 index 6bd9f340..00000000 Binary files a/Vendor/phpMyAdmin-4.4.15.6-all-languages/locale/uk/LC_MESSAGES/phpmyadmin.mo and /dev/null differ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/phpinfo.php b/Vendor/phpMyAdmin-4.4.15.6-all-languages/phpinfo.php deleted file mode 100644 index 5854ff4c..00000000 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/phpinfo.php +++ /dev/null @@ -1,21 +0,0 @@ -disable(); - -/** - * Displays PHP information - */ -if ($GLOBALS['cfg']['ShowPhpInfo']) { - phpinfo(); -} -?> diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/CONTRIBUTING.md b/Vendor/phpMyAdmin-4.4.15.8-all-languages/CONTRIBUTING.md similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/CONTRIBUTING.md rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/CONTRIBUTING.md diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/ChangeLog b/Vendor/phpMyAdmin-4.4.15.8-all-languages/ChangeLog similarity index 84% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/ChangeLog rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/ChangeLog index c299d47e..d3fc60b1 100644 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/ChangeLog +++ b/Vendor/phpMyAdmin-4.4.15.8-all-languages/ChangeLog @@ -1,6 +1,54 @@ phpMyAdmin - ChangeLog ====================== +4.4.15.8 (2016-08-16) +- issue [security] Weaknesses with cookie encryption, see PMASA-2016-29 +- issue [security] Improve session cookie code for openid.php and signon.php example files +- issue [security] Full path disclosure in openid.php and signon.php example files +- issue [security] Multiple XSS vulnerabilities, see PMASA-2016-30 +- issue [security] Unsafe generation of BlowfishSecret (when not supplied by the user) +- issue [security] Referrer leak when phpinfo is enabled +- issue [security] PHP code injection, see PMASA-2016-32 +- issue [security] Full path disclosure, see PMASA-2016-33 +- issue [security] SQL injection attack, see PMASA-2016-34 +- issue [security] Local file exposure through LOAD DATA LOCAL INFILE, see PMASA-2016-35 +- issue [security] Local file exposure through symlinks with UploadDir, see PMASA-2016-36 +- issue [security] Path traversal with SaveDir and UploadDir, see PMASA-2016-37 +- issue [security] Multiple XSS vulnerabilities, see PMASA-2016-38 +- issue [security] SQL injection vulnerability as control user, see PMASA-2016-39 +- issue [security] Denial-of-service attack through transformation feature, see PMASA-2016-41 +- issue [security] SQL injection vulnerability as control user, see PMASA-2016-42 +- issue [security] Verify data before unserializing, see PMASA-2016-43 +- issue [security] Use HTTPS for wiki links +- issue Remove Swekey support +- issue [security] SSRF in setup script, see PMASA-2016-44 +- issue [security] Denial-of-service attack with $cfg['AllowArbitraryServer'] = true and persistent connections, see PMASA-2016-45 +- issue [security] Improve SSL certificate handling +- issue [security] Fix full path disclosure in debugging code +- issue [security] Possible circumvention of IP-based allow/deny rules with IPv6 and proxy server, see PMASA-2016-47 +- issue [security] Detect if user is logged in, see PMASA-2016-48 +- issue [security] Bypass URL redirection protection, see PMASA-2016-49 +- issue [security] Referrer leak, see PMASA-2016-50 +- issue [security] Reflected File Download, see PMASA-2016-51 +- issue [security] ArbitraryServerRegexp bypass, see PMASA-2016-52 +- issue [security] Denial-of-service attack by entering long password, see PMASA-2016-53 +- issue [security] Remote code execution vulnerability when running as CGI, see PMASA-2016-054 +- issue [security] Administrators could trigger SQL injection attack against users +- issue [security] Denial-of-service attack when PHP uses dbase extension, see PMASA-2016-55 +- issue [security] Remove tode execution vulnerability when PHP uses dbase extension, see PMASA-2016-56 +- issue [security] Denial-of-service attack by using for loops, see PMASA-2016-46 + +4.4.15.7 (2016-06-23) +- issue Setup script doesn't use input type 'password' in all relevant locations +- issue [security] BBCode injection in setup script, see PMASA-2016-17 +- issue [security] SQL injection attack, see PMASA-2016-19 +- issue [security] XSS attack in Server Privileges page, see PMASA-2016-21 +- issue [security] DOS attack vulnerability, see PMASA-2016-22 +- issue [security] Multiple full path disclosure vulnerabilities, see PMASA-2016-23 and PMASA-2016-24 +- issue [security] XSS attack when checking database privileges, see PMASA-2016-26 +- issue [security] XSS attack when MySQL server is using a specific payload log_bin directive, see PMASA-2016-26 +- issue [security] XSS vulnerabilities in Transformation feature, see PMASA-2016-28 + 4.4.15.6 (2016-05-25) - issue [security] Self XSS vulneratbility, see PMASA-2016-16 @@ -410,7 +458,7 @@ explanation - bug #4416 New lines are removed when grid editing (part two: TEXT) --- Older ChangeLogs can be found on our project website --- - http://www.phpmyadmin.net/old-stuff/ChangeLogs/ + https://www.phpmyadmin.net/old-stuff/ChangeLogs/ # vim: et ts=4 sw=4 sts=4 # vim: ft=changelog fenc=utf-8 diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/DCO b/Vendor/phpMyAdmin-4.4.15.8-all-languages/DCO similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/DCO rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/DCO diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/LICENSE b/Vendor/phpMyAdmin-4.4.15.8-all-languages/LICENSE similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/LICENSE rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/LICENSE diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/README b/Vendor/phpMyAdmin-4.4.15.8-all-languages/README similarity index 93% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/README rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/README index 086eeb9b..935d046a 100644 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/README +++ b/Vendor/phpMyAdmin-4.4.15.8-all-languages/README @@ -1,7 +1,7 @@ phpMyAdmin - Readme =================== -Version 4.4.15.6 +Version 4.4.15.8 A set of PHP-scripts to manage MySQL over the web. @@ -12,7 +12,7 @@ Summary phpMyAdmin is intended to handle the administration of MySQL over the web. For a summary of features, list of requirements, and installation instructions, -please see the documentation in the ./doc/ folder or at http://docs.phpmyadmin.net/ +please see the documentation in the ./doc/ folder or at https://docs.phpmyadmin.net/ Copyright --------- diff --git a/Vendor/phpMyAdmin-4.4.15.8-all-languages/RELEASE-DATE-4.4.15.8 b/Vendor/phpMyAdmin-4.4.15.8-all-languages/RELEASE-DATE-4.4.15.8 new file mode 100644 index 00000000..6c411fb7 --- /dev/null +++ b/Vendor/phpMyAdmin-4.4.15.8-all-languages/RELEASE-DATE-4.4.15.8 @@ -0,0 +1 @@ +Tue Aug 16 20:51:55 UTC 2016 diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/browse_foreigners.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/browse_foreigners.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/browse_foreigners.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/browse_foreigners.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/build.xml b/Vendor/phpMyAdmin-4.4.15.8-all-languages/build.xml similarity index 96% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/build.xml rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/build.xml index 41ab34e7..be1b78fe 100644 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/build.xml +++ b/Vendor/phpMyAdmin-4.4.15.8-all-languages/build.xml @@ -55,7 +55,7 @@ @@ -72,7 +72,6 @@ --exclude libraries/bfShapeFiles --exclude libraries/phpseclib --exclude libraries/plugins/auth/recaptchalib.php - --exclude libraries/plugins/auth/swekey/swekey.php ${source}" /> @@ -89,7 +88,6 @@ --exclude libraries/bfShapeFiles --exclude libraries/phpseclib --exclude libraries/plugins/auth/recaptchalib.php - --exclude libraries/plugins/auth/swekey/swekey.php ${source}" /> @@ -97,7 +95,7 @@ diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/chk_rel.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/chk_rel.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/chk_rel.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/chk_rel.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/composer.json b/Vendor/phpMyAdmin-4.4.15.8-all-languages/composer.json similarity index 94% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/composer.json rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/composer.json index cf3a2721..248323ce 100644 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/composer.json +++ b/Vendor/phpMyAdmin-4.4.15.8-all-languages/composer.json @@ -15,7 +15,7 @@ "support": { "forum": "https://www.phpmyadmin.net/support/", "issues": "https://github.com/phpmyadmin/phpmyadmin/issues", - "wiki": "http://wiki.phpmyadmin.net/", + "wiki": "https://wiki.phpmyadmin.net/", "source": "https://github.com/phpmyadmin/phpmyadmin" }, "require": { diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/config.inc.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/config.inc.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/config.inc.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/config.inc.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_central_columns.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_central_columns.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_central_columns.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_central_columns.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_create.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_create.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_create.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_create.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_datadict.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_datadict.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_datadict.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_datadict.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_designer.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_designer.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_designer.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_designer.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_events.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_events.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_events.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_events.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_export.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_export.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_export.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_export.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_import.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_import.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_import.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_import.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_operations.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_operations.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_operations.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_operations.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_printview.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_printview.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_printview.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_printview.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_qbe.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_qbe.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_qbe.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_qbe.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_routines.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_routines.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_routines.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_routines.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_search.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_search.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_search.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_search.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_sql.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_sql.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_sql.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_sql.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_sql_autocomplete.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_sql_autocomplete.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_sql_autocomplete.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_sql_autocomplete.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_sql_format.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_sql_format.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_sql_format.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_sql_format.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_structure.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_structure.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_structure.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_structure.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_tracking.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_tracking.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_tracking.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_tracking.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/db_triggers.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/db_triggers.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/db_triggers.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/db_triggers.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/error_report.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/error_report.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/error_report.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/error_report.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/export.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/export.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/export.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/export.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/favicon.ico b/Vendor/phpMyAdmin-4.4.15.8-all-languages/favicon.ico similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/favicon.ico rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/favicon.ico diff --git a/Vendor/phpMyAdmin-4.4.15.8-all-languages/file_echo.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/file_echo.php new file mode 100644 index 00000000..5639d5e6 --- /dev/null +++ b/Vendor/phpMyAdmin-4.4.15.8-all-languages/file_echo.php @@ -0,0 +1,30 @@ + diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/gis_data_editor.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/gis_data_editor.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/gis_data_editor.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/gis_data_editor.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/import.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/import.php similarity index 98% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/import.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/import.php index c5511790..358bc137 100644 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/import.php +++ b/Vendor/phpMyAdmin-4.4.15.8-all-languages/import.php @@ -6,6 +6,11 @@ * @package PhpMyAdmin */ +/* Enable LOAD DATA LOCAL INFILE for LDI plugin */ +if (isset($_POST['format']) && $_POST['format'] == 'ldi') { + define('PMA_ENABLE_LDI', 1); +} + /** * Get the variables sent or posted to this script and a core script */ @@ -415,6 +420,15 @@ $import_file = PMA_Util::userDir($cfg['UploadDir']) . $local_import_file; + /* + * Do not allow symlinks to avoid security issues + * (user can create symlink to file he can not access, + * but phpMyAdmin can). + */ + if (is_link($import_file)) { + $import_file = 'none'; + } + } elseif (empty($import_file) || ! is_uploaded_file($import_file)) { $import_file = 'none'; } diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/import_status.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/import_status.php similarity index 100% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/import_status.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/import_status.php diff --git a/Vendor/phpMyAdmin-4.4.15.6-all-languages/index.php b/Vendor/phpMyAdmin-4.4.15.8-all-languages/index.php similarity index 95% rename from Vendor/phpMyAdmin-4.4.15.6-all-languages/index.php rename to Vendor/phpMyAdmin-4.4.15.8-all-languages/index.php index 5d6cc376..b86cd531 100644 --- a/Vendor/phpMyAdmin-4.4.15.6-all-languages/index.php +++ b/Vendor/phpMyAdmin-4.4.15.8-all-languages/index.php @@ -149,7 +149,7 @@ . 'please do not change root, debian-sys-maint and pma users. ' . 'More information is available at %s.' ), - 'demo.phpmyadmin.net' + 'demo.phpmyadmin.net' ); echo '

'; echo ''; @@ -311,7 +311,7 @@ . ' '; } -if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) { +if ($GLOBALS['cfg']['ShowServerInfo']) { echo '
'; echo '

' . __('Web server') . '

'; echo '
    '; @@ -351,15 +351,6 @@ } } - if ($cfg['ShowPhpInfo']) { - PMA_printListItem( - __('Show PHP information'), - 'li_phpinfo', - 'phpinfo.php' . $common_url_query, - null, - '_blank' - ); - } echo '
'; echo '
'; } @@ -368,7 +359,7 @@ echo '

phpMyAdmin

'; echo '