Nox App Player 6.2.8.3 for PC Windows
phpMyAdmin 4.8.5 MySQL Admin Tool for PC Windows
更新細節:
The phpMyAdmin team announces the release of phpMyAdmin version 4.8.5. Among other bug fixes, this contains several important security fixes. Upgrading is highly recommended for all users.
The security fixes involve:
Arbitrary file read vulnerability (https://www.phpmyadmin.net/security/PMASA-2019-1)
SQL injection in the Designer interface (https://www.phpmyadmin.net/security/PMASA-2019-2)
The arbitrary file read vulnerability could also be exploited to delete arbitrary files on the server. This attack requires that phpMyAdmin be run with the $cfg['AllowArbitraryServer'] directive set to true, which is not the default. An attacker must run a malicious server process that will masquerade as a MySQL server. This exploit has been found and fixed recently in several other related projects and appears to be caused by a bug in PHP (https://bugs.php.net/bug.php?id=77496).
In addition to the security fixes, this release also includes these bug fixes and more as part of our regular release cycle:
Export to SQL format not available.
QR code not shown when adding two-factor authentication to a user account.
Issue with adding a new user in MySQL 8.0.11 and newer.
Frozen interface relating to Text_Plain_Sql plugin.
Table level Operations tab was missing.
And several more. Complete notes are in the ChangeLog file included with this release.
版本下載:phpMyAdmin 4.8.5 MySQL Admin Tool for PC Windows
phpMyAdmin 4.8.5
更新細節:
The phpMyAdmin team announces the release of phpMyAdmin version 4.8.5. Among other bug fixes, this contains several important security fixes. Upgrading is highly recommended for all users.
The security fixes involve:
Arbitrary file read vulnerability (https://www.phpmyadmin.net/security/PMASA-2019-1)
SQL injection in the Designer interface (https://www.phpmyadmin.net/security/PMASA-2019-2)
The arbitrary file read vulnerability could also be exploited to delete arbitrary files on the server. This attack requires that phpMyAdmin be run with the $cfg['AllowArbitraryServer'] directive set to true, which is not the default. An attacker must run a malicious server process that will masquerade as a MySQL server. This exploit has been found and fixed recently in several other related projects and appears to be caused by a bug in PHP (https://bugs.php.net/bug.php?id=77496).
In addition to the security fixes, this release also includes these bug fixes and more as part of our regular release cycle:
Export to SQL format not available.
QR code not shown when adding two-factor authentication to a user account.
Issue with adding a new user in MySQL 8.0.11 and newer.
Frozen interface relating to Text_Plain_Sql plugin.
Table level Operations tab was missing.
And several more. Complete notes are in the ChangeLog file included with this release.
版本下載:phpMyAdmin 4.8.5
phpMyAdmin 4.8.4
更新細節:
The security fixes involve:
Local file inclusion (https://www.phpmyadmin.net/security/PMASA-2018-6/).
XSRF/CSRF vulnerabilities allowing a specially-crafted URL to perform harmful operations (https://www.phpmyadmin.net/security/PMASA-2018-7/), and an XSS vulnerability in the navigation tree (https://www.phpmyadmin.net/security/PMASA-2018-8/).
In addition to the security fixes, this release also includes these bug fixes and more as part of our regular release cycle:
Issue with changing theme
Ensure that database names with a dot ('.') are handled properly when DisableIS is true.
Fix for message "Error while copying database (pma__column_info)".
Move operation causes "SELECT * FROM `undefined`" error.
When logging with $cfg['AuthLog'] to syslog, successful login messages were not logged when $cfg['AuthLogSuccess'] was true.
Multiple errors and regressions with Designer.
And several more. Complete notes are in the ChangeLog file included with this release.
Note that for this release, we experimented with a pre-release announcement so that hosting providers and package managers would have an opportunity to prepare for the security release. If this was helpful to you or if you have feedback about this technique, please let us know through the public list [email protected] or privately at [email protected]. We may or may not decide use this behavior in the future and your feedback will help us decide whether it's beneficial to the community.
版本下載:phpMyAdmin 4.8.4
Pale Moon 28.1.0
phpMyAdmin 4.8.3
更新細節:
Security fix for an issue that can be exploited when importing files.
A flaw was discovered with how warning messages are displayed while importing a file. This attack requires a specially-crafted file but can allow an attacker to trick the user in to executing a cross-site scripting (XSS) attack.
In addition to the security fixes, this release also includes these bug fixes and more as part of our regular release cycle:
An error where a database is named 0.
Fix for NULL as default not being shown.
Fix for recent tables list.
Fix for slow performance with table filtering.
Two-factor authentication (2FA) fails if the GD PHP library is missing.
Event scheduler toggle does not work.
ERR_BLOCKED_BY_XSS_AUDITOR error when exporting a table.
PHP 7.3 warning: "continue" in "switch" is equal to "break".
版本下載:phpMyAdmin 4.8.3
Nox App Player 6.2.0.0
phpMyAdmin 4.8.2
更新細節:
Security fixes:
XSS vulnerability in Designer.
File inclusion and remote code execution vulnerability.
Bug fixes:
WHERE 0 clause causes a fatal error.
Fix missing "INDEX" icon.
版本下載:phpMyAdmin 4.8.2
phpMyAdmin 4.8.1
更新細節:
Fix to the scrollbar functionality and Browse table CSS overflow.
Dropping indexes and keys fails.
Show two factor (2FA) secret code next to QR image.
Configuration for DefaultLang and Lang.
MariaDB 10.2 'current_timestamp()'.
Remember table sorting is broken.
版本下載:phpMyAdmin 4.8.1
phpMyAdmin 4.8.0.1
phpMyAdmin 4.8.0
更新細節:
A few highlights of the changes include:
Allow the removal of individual segments from pie charts.
Improved database search to allow matching the exact phrase.
phpMyAdmin no longer requires using the PHP eval() function.
The mbstring dependency is now optional.
Authentication logging using $cfg['AuthLog'].
Add support for Google's Invisible Captcha.
Improved handling of reCAPTCHA.
Fixes to the JavaScript editor for TIME values.
Improved the editor for the JSON data type.
Add "Format" button to the edit view form.
Implement mobile interface.
There are now configuration directives to set defaults for Transformation options.
Allow Designer to show tables from other databases.
Add support for authentication using U2F and 2FA.
Designer: fix broken "Add tables from other database".
Fix double escaping of ENUM dropdown.
Restore SQL query after session expires.
Query builder: Fix for new column not being added.
Fix for blank login page.
Changes to the handling of arg_separator for AJAX requests.
Structure tab: fix silent failure to create new indexes.
Fix improperly escaped HTML code on the database structure page.
Fix JavaScript errors when using Internet Explorer (in particular when editing rows).
Fix for broken error report.
Fix failed import.
Fix for "Cannot read property sql_query of undefined" errors.
版本下載:phpMyAdmin 4.8.0
phpMyAdmin 4.7.9
更新細節:
Fixed double escaping in enum dropdowns.
Fixed broken sorting.
Fixed "Not an integer" error when browsing a table.
Fixed an error saying a form has over 1000 fields and suggesting changes to PHP's max_input_vars configuration directive.
版本下載:phpMyAdmin 4.7.9
phpMyAdmin 4.7.8
更新細節:
Fixed error handling with PHP 7.2.
Fixed resetting default setting values.
Fixed fallback value for collation connection.
版本下載:phpMyAdmin 4.7.8