Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | community/phpmyadmin: security upgrade to 4.7.8 (CVE-2018-7260) | Natanael Copa | 2018-02-27 | 1 | -2/+2 |
| | | | | fixes #8589 | ||||
* | community/phpmyadmin: upgrade to 4.7.7 | Roberto Oliveira | 2018-01-19 | 1 | -2/+2 |
| | |||||
* | [various]: unify names of licenses according to SPDX | Jakub Jirutka | 2017-12-30 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit updates $license variable in all APKBUILDs to comply with short names specified by SPDX version 3.0 [1] where possible. It was done using find-and-replace method on substrings inside $license variables. Only license names were updated, not "expressions" specifying relation between the licenses (e.g. "X and Y", "X or Y", "X and (Y or Z)") or exceptions (e.g. "X with exceptions"). Many licenses have a version or multiple variants, e.g. MPL-2.0, BSD-2-Clause, BSD-3-Clause. However, $license in many aports do not contain license version or variant. Since there's no way how to infer this information just from abuild, it were left without the variant suffix or version, i.e. non SPDX compliant. GNU licenses (AGPL, GFDL, GPL, LGPL) are especially complicated. They exist in two variants: -only (formerly e.g. GPL-2.0) and -or-later (formerly e.g. GPL-2.0+). We did not systematically noted distinguish between these variants, so GPL-2.0, GPL2, GPLv2 etc. may mean GPL-2.0-only or GPL-2.0-or-later. Thus GNU licenses without "+" (e.g. GPL2+) were left without the variant suffix, i.e. non SPDX compliant. Note: This commit just fixes format of the license names, no verification has been done if the specified license information is actually correct! [1]: https://spdx.org/licenses/ | ||||
* | community/phpmyadmin: disable check | Andy Postnikov | 2017-12-04 | 1 | -0/+2 |
| | |||||
* | community/phpmyadmin: upgrade to 4.7.6 | Andy Postnikov | 2017-12-04 | 1 | -2/+2 |
| | |||||
* | community/*: fix homepage url and source from http:// to https:// | Jakub Jirutka | 2017-11-19 | 1 | -1/+1 |
| | | | | | | | Most of these updates is based on data from https://repology.org/, detection based on permanent redirect from http:// to https://. $source urls are updated when they contain $url as substring. | ||||
* | community/phpmyadmin: upgrade to 4.7.1 | Natanael Copa | 2017-06-14 | 1 | -2/+2 |
| | |||||
* | community/phpmyadmin: Upgrade to 4.7.0 | Andy Postnikov | 2017-04-29 | 1 | -6/+2 |
| | | | | Release notes https://www.phpmyadmin.net/news/2017/3/29/phpmyadmin-470-released/ | ||||
* | community/phpmyadmin: upgrade to 4.6.6 | Natanael Copa | 2017-01-27 | 1 | -4/+4 |
| | |||||
* | community/phpmyadmin: mistake fixed in secfixes info | Sergey Lukin | 2016-12-30 | 1 | -2/+1 |
| | |||||
* | community/phpmyadmin: security upgrade to 4.6.5.2 - fixes #6594 | Sergey Lukin | 2016-12-30 | 1 | -4/+28 |
| | | | | | | | | | | | | | | | | | CVE-2016-9847: Unsafe generation of blowfish secret CVE-2016-9848: phpinfo information leak value of sensitive (HttpOnly) cookies CVE-2016-9849: Username deny rules bypass (AllowRoot & Others) by using Null Byte CVE-2016-9850: Username rule matching issues CVE-2016-9851: With a crafted request parameter value it is possible to bypass the logout timeout. CVE-2016-9852 CVE-2016-9853 CVE-2016-9854 CVE-2016-9855: Multiple full path disclosure vulnerabilities CVE-2016-9856 CVE-2016-9857: Multiple XSS vulnerabilities CVE-2016-9858 CVE-2016-9859 CVE-2016-9860: We consider these vulnerabilities to be of moderate severity. CVE-2016-9861: Bypass white-list protection for URL redirection CVE-2016-9862: BBCode injection vulnerability CVE-2016-9863: DOS vulnerability in table partitioning CVE-2016-9864: Multiple SQL injection vulnerabilities CVE-2016-9865: Incorrect serialized string parsing CVE-2016-9866: CSRF token not stripped from the URL | ||||
* | community/phpmyadmin: move form main | Natanael Copa | 2016-09-23 | 3 | -0/+106 |
We don't want maintain this for more than 6 months due to the amount of security issues. |