phpMyAdmin - ChangeLog
======================

4.5.5.1 (2016-02-29)
- issue #11971 CREATE UNIQUE INDEX index type is not recognized by parser.
- issue #11982 Row count wrong when grouping joined tables.
- issue #12012 Column definition with default value and comment in CREATE TABLE expoerted faulty.
- issue #12020 New statement but no delimiter and unexpected token with REPLACE.
- issue #12029 Fixed incorrect usage of SQL parser context in SQL export
- issue        [security] XSS vulnerability in SQL parser, see PMASA-2016-10.
- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-11.
- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-12.
- issue        [security] Vulnerability allowing man-in-the-middle attack on API call to GitHub, see PMASA-2016-13.
- issue #12048 Fixed inclusion of gettext library from SQL parser

4.5.5.0 (2016-02-22)
- issue        Undefined index: is_ajax_request
- issue #11855 Fix password change on MariaDB 10.1 and newer
- issue #11874 Validate version information before further processing it
- issue #11881 Full processlist lost on refresh
- issue #11834 Adjust privileges fails if database name contains underscores
- issue #11906 'Loading...' banner shows on login screen
- issue #11930 Fixed changing of table parameters, eg. AUTO_INCREMENT
- issue #11885 Call to undefined function SqlParser\ctype_alnum()
- issue #11879 4.5.3.1 - NOW() function not recognized by parser
- issue #11867 Gracefully handle the DESC statement
- issue #11843 Fractional timestamp causes corrupted SQL export
- issue #11836 Static analysis error for valid WHERE condition with IF keyword
- issue #11800 Syntax Verifier error using REGEXP in SQL statement
- issue #11799 Backslashes in comments are being interpreted as escape characters
- issue #11909 Can't insert row into table that contains generated column
- issue #11677 sql-parser and php-gettext collide.
- issue #11920 Can't disable backquotes in export
- issue #11911 Inserts via tbl_change.php in VARBINARY columns does not allow using HEX() and MD5()
- issue #11939 Correct content type for uploaded error reports
- issue #11940 Silent errors from checking local documentation
- issue #11944 Fixed error on servers with disabled php_uname
- issue #11946 Correctly store and report file upload errors
- issue #11948 Avoid javascript errors on invalid location hash
- issue #11950 Fix PHP warning on configuration errors
- issue #11951 Silent errors on checking for writable folders
- issue #11952 Silent warning on invalid file upload
- issue #11953 Do not fail getting filename with open_basedir limitations
- issue #11956 unrecognized keyword interval
- issue        Field names and aliases are being correctly parsed now.
- issue #11959 Fix javascript error in setup
- issue #11964 Undefined index: TABLE_COMMENT in database structure page
- issue #11967 Fix PHP error on loading invalid XML or ODS file
- issue #11969 Missing confirmation while dropping a view in view_operations.php
- issue #11968 Fix export of index comments in SQL
- issue #11979 DECLARE not accepted as valid SQL

4.5.4.1 (2016-01-29)
- issue #11892 Error with PMA 4.4.15.3
- issue #11896 Remove hard dependency on phpseclib

4.5.4.0 (2016-01-28)
- issue #11724 live data edit of big sets is not working
- issue        Table list not saved in db QBE bookmarked search
- issue #11777 While 'changing a column', query fails with a syntax error after the 'CHARSET=' keyword
- issue #11783 Avoid syntax error in javascript messages on invalid PHP setting for max_input_vars
- issue #11784 Properly handle errors in upacking zip archive
- issue #11785 Set PHP's internal encoding to UTF-8
- issue #11786 Fixed Kanji encoding in some specific cases
- issue #11787 Check whether iconv works before using it
- issue #11788 Avoid conversion of MySQL error messages
- issue #11792 Undefined index: parameters
- issue #11802 Undefined index: field_name_orig
- issue        Undefined index: host
- issue #11810 'Add to central columns' (per column button) does nothing
- issue #11727 SQL duplicate entry error trying to INSERT in designer_settings table
- issue #11798 Fix handling of databases with dot in a name
- issue #11820 Fix hiding of page content behind menu
- issue #11780 FROM clause not generated after loading search bookmark
- issue #11826 Fix creating/editing VIEW with DEFINER containing special chars
- issue #11828 Do not invoke FLUSH PRIVILEGES when server in --skip-grant-tables
- issue #11804 Misleading message for configuration storage
- issue #11772 Table pagination does nothing when session expired
- issue #11840 Index comments not working properly
- issue #11791 Better handle local storage errors
- issue #11752 Improve detection of privileges for privilege adjusting
- issue #11854 Undefined property: stdClass::$releases at version check when disabled in config
- issue #11814 SQL comment and variable stripped from bookmark on save
- issue        Gracefully handle errors in regex based javascript search
- issue        [security] Multiple full path disclosure vulnerabilities, see PMASA-2016-1
- issue        [security] Unsafe generation of CSRF token, see PMASA-2016-2
- issue        [security] Multiple XSS vulnerabilities, see PMASA-2016-3
- issue        [security] Insecure password generation in JavaScript, see PMASA-2016-4
- issue        [security] Unsafe comparison of CSRF token, see PMASA-2016-5
- issue        [security] Multiple full path disclosure vulnerabilities, see PMASA-2016-6
- issue        [security] XSS vulnerability in normalization page, see PMASA-2016-7
- issue        [security] Full path disclosure vulnerability in SQL parser, see PMASA-2016-8
- issue        [security] XSS vulnerability in SQL editor, see PMASA-2016-9

         --- Older ChangeLogs can be found on our project website ---
                     http://www.phpmyadmin.net/old-stuff/ChangeLogs/

# vim: et ts=4 sw=4 sts=4
# vim: ft=changelog fenc=utf-8
# vim: fde=getline(v\:lnum-1)=~'^\\s*$'&&getline(v\:lnum)=~'\\S'?'>1'\:1&&v\:lnum>4&&getline(v\:lnum)!~'^#'
# vim: fdn=1 fdm=expr
