Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

phpMyAdmin-apache-5.1.1-1.1 RPM for noarch

From OpenSuSE Ports Tumbleweed for noarch

Name: phpMyAdmin-apache Distribution: openSUSE:Factory:zSystems
Version: 5.1.1 Vendor: obs://
Release: 1.1 Build date: Sun Jun 6 00:52:33 2021
Group: Productivity/Networking/Web/Utilities Build host: s390p22
Size: 2882 Source RPM: phpMyAdmin-5.1.1-1.1.src.rpm
Summary: Apache configuration for phpMyAdmin
This subpackage contains the Apache configuration files






* Sat Jun 05 2021 ecsos <>
  - Update to 5.1.1
    - Fixes for several PHP errors
    - Fixes for "$cfg['DefaultTabDatabase']" and other related configuration directives not working properly
    - Fix Yaml export to quote strings even when they are numeric
    - Fix TCPDF open_basedir issue due to internal guessing code from TCPDF
    - Fix for quick search not working when using more than one configured server
      Fix datetime decimals displayed (.00000) after edit
    - Fix new lines in text fields are doubled
    - Fixed URL generation by removing un-needed &amp; escaping for & char
    - Improvements for working with PHP 8.1
    - Improved handling of adding a new user with the Percona database server
    For a detail cahngelog see:
* Fri Feb 26 2021 ecsos <>
  - Update to 5.1.0
    - issue #15350 Change Media (MIME) type references to Media type
    - issue #15377 Add a request router
    - issue        Automatically focus input in the two-factor authentication window
    - issue #15509 Replace gender-specific pronouns with gender-neutral pronouns
    - issue #15491 Improve complexity of generated passwords
    - issue #14909 Add a configuration option to define the 1st day of week
    - issue #12726 Made user names clickable in user accounts overview
    - issue #15729 Improve virtuality dropdown for MariaDB > 10.1
    - issue #15312 Added an option to perform ALTER ONLINE (ALGORITHM=INPLACE)
      when editing a table structure
    - issue        Added missing 'IF EXISTS' to 'DROP EVENT' when exporting databases
    - issue #15232 Improve the padding in query result tool links
    - issue #15064 Support exporting raw SQL queries
    - issue #15555 Added ip2long transformation
    - issue #15194 Fixed horizontal scroll on structure edit page
    - issue #14820 Move table hide buttons in navigation to avoid hiding a table by mistake
    - issue #14947 Use correct MySQL version if the version is 8.0 or above for documentation links
    - issue #15790 Use "MariaDB Documentation" instead of "MySQL Documentation" on a MariaDB server
    - issue #15880 Change "Show Query" link to a button
    - issue #13371 Automatically toggle the radio button to "Create a page and save it" on Designer
    - issue #12969 Tap and hold will not dismiss the error box anymore, you can now copy the error
    - issue #15582 Don't disable "Empty" table button after clicking it
    - issue #15662 Stay on the structure page after editing/adding/dropping indexes
    - issue #15663 show structure after adding a column
    - issue #16005 Remove symfony/yaml dependency
    - issue #16005 Improve performance of dependency injection system by removing yaml parsing
    - issue #15447 Disable phpMyAdmin storage database checkbox on databases list
    - issue #16001 Add autocomplete attributes on login form
    - issue #13519 Add "Preview SQL" option on Index dialog box when creating a new table
    - issue #15954 Fixed export maximal length of created query input is too small
    - issue        Redesign the server status advisor page
    - issue #13124 Use same height for SQL query textarea and Columns select in SQL page
    - issue #16005 Add a new vendor constant "CACHE_DIR" that defaults
      to "libraries/cache/" and store routing cache into this folder
    - issue #16005 Warm-up the routing cache before building the release
    - issue #16005 Use --optimize-autoloader when installing composer vendors before building the release
    - issue #15992 Add back the table name to the printable version on "Structure" page
    - issue #14815 Allow simplifying exported view syntax to only "CREATE VIEW"
    - issue #15496 Add $cfg['CaptchaSiteVerifyURL'] for Google ReCaptcha siteVerifyUrl
    - issue #14772 Add the password_hash PHP function as an option when inserting data
    - issue #15136 Add a notice for Hex converter giving invalid results
    - issue #16139 Use a textarea for JSON columns
    - issue #16223 Make JSON input transformation editor less narrow
    - issue #14340 Add a button on Export Page to show the SQL Query
    - issue #16304 Add support for INET6 column type
    - issue #16337 Fix example insert/update query default values
    - issue #12961 Remove indexes from table relation
    - issue #13557 Use a full list of functions instead of a separated one on insert/edit page "Function" selector
    - issue #14795 Include routines in the export in a predictable order
    - issue #16227 Fixed autocomplete is not working in case the table name is quoted by "`" symbols
    - issue #15463 Force BINARY comparison when looking at privileges to avoid an SQL error on privileges tab
    - issue #16430 Fixed Windows error message uses trailing / instead of \
    - issue #16316 Added support for "SameSite=Strict" on cookies using configuration "$cfg['CookieSameSite']"
    - issue #16451 Fixed AWS RDS IAM authentication doesn't work because pma_password is truncated
    - issue #16451 Show an error message when the security limit is
      reached instead of silently trimming the password to avoid confusion
    - issue #15001 Add back Login Cookie Validity setting to the features form
    - issue #16457 Add config parameters to support third-party ReCaptcha v2 compatible APIs like hCaptcha
    - issue #13077 Moved tools section to left on large devices (Bootstrap xl)
    - issue #15711 Moved some buttons to left on large devices (Bootstrap xl)
    - issue #15584 Add $cfg['MysqlSslWarningSafeHosts'] to set the red text black when ssl is not used on a private network
    - issue #15652 Replace deprecated FOUND_ROWS() function call on "distinct values" feature
    - issue        Export blobs as hex on JSON export
    - issue #16095 Fix leading space not shown in a CHAR column when browsing a table
    - issue        Make procedures/functions SQL editor both side scrollable
    - issue #16407 Bump pragmarx/google2fa conflict to >8.0
    - issue #14953 Added a rename Button to use RENAME INDEX syntax of MySQL 5.7 (and MariaDB >= 10.5.2)
    - issue #16477 Fixed no Option to enter TABLE specific permissions when the database name contains an "_" (underscore)
    - issue #16498 Fixed empty text not appearing after deleting all Routines
    - issue #16467 Fixed a PHP notice "Trying to access array offset on value of type null" on Designer PDF export
    - issue #15658 Fixed saving UI displayed columns on a non database request fails
    - issue #16495 Fix drop tables checkbox is above the checkbox for foreign keys
    - issue #16485 Fix visual query builder missing "Build Query" button
    - issue #16565 Added 'IF EXISTS' to 'DROP EVENT' when updating events to avoid replication issues
    - issue        Removed metro fonts that where Apache-2.0 files that are incompatible with GPL-2.0
    - issue #16464 Made the relation view default to the current database when creating relations
    - issue #16463 Fixed 'REFERENCES' privilege checkbox's title on new MySQL versions and on MariaDB
    - issue #16405 Added jest as a Unit Testing tool for our javascript code
    - issue #16252 Fixed the too small font size when editing rows (textareas)
    - issue #16585 Fixed BLOB to JPG transformation PHP errors
    - issue        Made the console setup async to avoid blocking the page render
    - issue #16429 Use PHP 8.0 fixed version (commit) for TCPDF
    - issue #16005 Major performance improvements on browsing a lot of rows
    - issue #16595 Fixed editing columns having a `_` in their name in specific conditions
    - issue #16608 Fix "Sort by key" restore auto saved value
    - issue #16611 Fixed unable to add tables to rename aliases twice on Export
    - issue #16621 Fixed link HTML messed up in Advisor
    - issue #16622 Fixed Advisor formatting incorrect for long_query_time notice
    - issue #15389 Fixed reset current page indicator after deleting all rows to current page and not page 1
    - issue #15997 Fixed auto save query
    - issue #15997 Made auto saved query database or database+table independent
    - issue #16641 Fixed query generation that was allowing JSON to have a length
    - issue #15994 Fixed the selected value detection for "on update current_timestamp"
    - issue #16614 Fixed PHP 8.0 dataseek offset call to the MySQLI extension
    - issue #16662 Fixed Uncaught TypeError on "delete" button click of a database search results page
    - issue        Fixed Undefined index: selected_usr when the user tried to delete no selected user
    - issue #16657 Fixed the QBE interface when the configuration storage is not enabled
    - issue #16479 Fix our Selenium test-suite
    - issue #16669 Fixed table search modal for BETWEEN
    - issue #16667 Fixed LIKE and TINYINT in search not working properly
    - issue #16424 Fixed numerical search in table and zoom
    - issue        Improve the version handling (new Version class) and add a VERSION_SUFFIX for vendors
    - issue #14494 Fix uncaught TypeError when editing partitioning
    - issue #16525 Fix PHP 8.0 failing tests when comparing 0 to ''
    - issue #16429 Fixed PHP 8.0 errors on preg_replace and operand types
    - issue #16490 Fixed PHP 8.0 function libxml_disable_entity_loader() is deprecated
    - issue #16429 Fixed failing unit tests on PHP 8.0
    - issue #16609 Fixed Sql.rearrangeStickyColumns is not a function
  - Rebase phpMyAdmin-config.patch.
* Tue Dec 22 2020 Arjen de Korte <>
  - Use coreutils to generate blowfish secret to reduce dependencies
* Tue Dec 15 2020 Arjen de Korte <>
  - Attempt to migrate modified configuration file rather than just
    replacing it by default configuration
* Tue Dec 15 2020 Arjen de Korte <>
  - The apache subpackage must require the main package, otherwise it
    will not be uninstalled when the main package is uninstalled
* Sun Dec 13 2020 Arjen de Korte <>
  - Generate blowfish secret and enable Apache modules/flags only on
  - Only empty temporary directory on upgrade/uninstall (not remove)
    to prevent RPM warnings/errors
  - Don't empty directories not owned by this package (these should
    have been cleaned up by previous versions that owned them)
* Sun Dec 13 2020 Arjen de Korte <>
  - Use %apache_request_restart/%apache_restart_if_needed macros to restart
    apache in order to prevent unneccessary restarts
* Fri Dec 11 2020 Arjen de Korte <>
  - Package language files in separately
* Fri Dec 11 2020 Arjen de Korte <>
  - Put Apache configuration files in separate subpackage
  - Generate blowfish secret with openssl on non-openSUSE systems as
    pwgen is not available
* Thu Dec 10 2020 Arjen de Korte <>
  - Use system apache rpm macros
* Mon Nov 09 2020 ecsos <>
  - Update to 5.0.4
    - issue #16245 Fix failed Zoom search clears existing values
    - issue        Fixed a PHP error when reporting a particular JS error
    - issue #16326 Fixed latitude and longitude swap for geometries in edit mode
    - issue #16032 Fix CREATE TABLE not being tracked when auto tracking is enabled
    - issue #16397 Fix compatibility problems with older PHP versions (also issue #16399)
    - issue #16396 Fix broken two-factor authentication
  - Changes from 5.0.3
  - Changes from 5.0.2
  - Changes from 5.0.1
  - Changes from 5.0.0
  - Set php >= 7.4 as recommends because:
    Due to changes in the MySQL authentication method, PHP versions
    prior to 7.4 are unable to authenticate to a MySQL 8.0 or newer
    server (our tests show the problem actually began with MySQL 8.0.11).
    This relates to a PHP bug
  - Remove Suggests: php-mcrypt as described in boo#1050980
  - Change tmpdir from ap_docroot/tmp to localstatedir/cache/phpMyAdmin.
* Fri Oct 16 2020 Andreas Stieger <>
  - phpMyAdmin 4.9.7:
    * Fix two factor authentication that was broken in 4.9.6
    * Fix incompatibilities with older PHP versions
* Mon Oct 12 2020 ecsos <>
  - Update to 4.9.6
      This is a security release.
  - Fix boo#1177561 (CVE-2020-26934, PMASA-2020-5) XSS relating to
    the transformation feature
  - Fix boo#1177562 (CVE-2020-26935, PMASA-2020-6) SQL injection
    vulnerability in SearchController
* Sun May 03 2020
  - fix for boo#1170743
    phpMyAdmin installation wipes it's sysconfig apache_server_flag entry
* Sat May 02 2020 Arjen de Korte <>
  - Don't expand @FQDN@ from /etc/HOSTNAME (this used to set
    $cfg['PmaAbsoluteUri'] parameter, but this variable is no longer
    in the config.sample.ini file)
* Thu Apr 23 2020 Dominique Leuenberger <>
  - Drop python-devel BuildRequires: python2 is EOL and this seems
  - Drop xz BuildRequires: OBS takes care of unpacking the tarball.
* Mon Mar 23 2020
  - Update to 4.9.5
    This is a security release containing several bug fixes.
    * CVE-2020-10804: SQL injection vulnerability in the user
      accounts page, particularly when changing a password
      (boo#1167335, PMASA-2020-2)
    * CVE-2020-10802: SQL injection vulnerability relating to the
      search feature (boo#1167336, PMASA-2020-3)
    * CVE-2020-10803: SQL injection and XSS having to do with
      displaying results (boo#1167337, PMASA-2020-4)
    * Removing of the "options" field for the external
* Tue Jan 21 2020
  - fix for boo#1092345
    * change ap_docroot from /srv/www/htdocs to /usr/share
      work is based on changes provided by
      if phpMyAdmin.conf for apache was changed by local admin, we will
      create a backup and replace the original file with the new version
      sorry admins, but you need to apply your changes again
    * needed Alias /phpMyAdmin is an enabled APACHE_SERVER_FLAGS default
      for more info have a look into /etc/apache2/conf.d/phpMyAdmin.conf
  - cleanup tmp/twig on
    * uninstall
    * ap_docroot change
* Wed Jan 08 2020
  - update to 4.9.4 (2020-01-07)
  - fix for boo#1160456
    * PMASA-2020-1 (CVE-2020-5504, CWE-661)
    - SQL injection in user accounts page
  - fix changes about corresponding PMASA
* Mon Dec 30 2019
  - phpMyAdmin 4.9.3
    * Several PHP notices and warnings including "Undefined index
      table_create_time," a notice about error_reporting() being
      disabled for security reasons, and several Undefined Index
    * Support CloudFront-Forwarded-Proto header for Amazon CloudFront
    * Early compatibility with development versions of PHP 8
    * Fix replication actions (start, stop, etc)
* Sat Nov 23 2019 Andreas Stieger <>
  - phpMyAdmin 4.9.2:
    * CVE-2019-18622: SQL injection in Designer feature (PMASA-2019-5, boo#1157614)
    * Fixes for "Failed to set session cookie" error
    * Advisor with MySQL 8.0.3 and newer
    * Fix PHP deprecation errors
    * Fix a situation where exporting users after a delete query could
      remove users
    * Fix incorrect "You do not have privileges to manipulate with the
      users!" warning
    * Fix copying a database's privileges and several other problems
      moving columns with MariaDB
    * Fix for phpMyAdmin not selecting all the values when using
      shift-click to select during Export
* Sat Sep 21 2019 Andreas Stieger <>
  - phpMyAdmin 4.9.1:
    * CVE-2019-12922: hardening against CSRF (no PMASA, boo#1150914)
    * Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13
      and newer
    * Compatibility issues with PHP 8
    * Export of GIS visualization
    * Enhanced descriptions for several collation types
    * Creating a user with a single quote in the password string
    * Unexpected quotes during import and export on text fields
    * Improvements to adding new tables to Designer
    * Fix an issue where an authenticated user could trigger heavy
      traffic between the database server and web server
    * Fix a weakness where an attacker, under certain conditions,
      working at the same time as an administrator is using the setup
      script, could delete a server from the setup script
* Sun Jun 30 2019
  - fix changelog
    * add missing boo# with relation to CVE and PMASA
  - rebase phpMyAdmin-config.patch
* Wed Jun 05 2019
  - phpMyAdmin
    * Several issues with SYSTEM VERSIONING tables
    * Fixed json encode error in export
    * Fixed JavaScript events not activating on input
      (sql bookmark issue)
    * Show Designer combo boxes when adding a constraint
    * Fix edit view
    * Fixed invalid default value for bit field
    * Fix several errors relating to GIS data types
    * Fixed javascript error PMA_messages is not defined
    * Fixed import XML data with leading zeros
    * Fixed php notice, added support for 'DELETE HISTORY' table
      privilege (MariaDB >= 10.3.4)
    * Fixed MySQL 8.0.0 issues with GIS display
    * Fixed "Server charset" in "Database server" tab showing wrong
    * Fixed can not copy user on Percona Server 5.7
    * Updated sql-parser to version 4.3.2, which fixes several
      parsing and linting problems
  - fix for boo#1137497
    * PMASA-2019-4 (CVE-2019-12616, CWE-661)
    - CSRF vulnerability in login form
  - fix for boo#1137496
    * PMASA-2019-3 (CVE-2019-11768, CWE-661)
    - SQL injection in Designer feature
* Fri Feb 01 2019
  - phpMyAdmin 4.8.5:
    * CVE-2019-6799: Arbitrary file read vulnerability (PMASA-2019-1,
    * CVE-2019-6798: SQL injection in the Designer interface
      PMASA-2019-2, bsc#1123271)
    * Fix rxport to SQL format not available
    * Fix QR code not shown when adding two-factor authentication to
      a user account
    * Fix issue with adding a new user in MySQL 8.0.11 and newer
    * Fix frozen interface relating to Text_Plain_Sql plugin
    * Fix missing table level operations tab
* Wed Dec 12 2018
  - update to 4.8.4 (2018-12-11)
    - gh#14452 Remove hash param in edit query URL
    - gh#14295 Issue in Changing theme
    - gh#13267 Ensure that database names with '.' are handled
      properly when DisableIS is true
    - gh#14438 Invisible Icon "Show Full Queries"
    - gh#14133 CSS issue in Designer
    - gh#14447 Error while copying database (pma__column_info)
    - gh#14571 "No database selected" - DROP a view
    - gh#14636 Move operation causes SELECT * FROM `undefined`
    - gh#14630 Enum '0' produces incorrect search SQL
    - gh#14223 Fix TypeError in database designer
    - gh#13621 QBE selenium tests broken since merge of #13342
    - gh#14672 When logging with $cfg['AuthLog'] to syslog,
      successful login messages were not logged even if
      $cfg['AuthLogSuccess'] was true.
    - gh#14339 Fix infinite loop when sorting table rows by key.
    - gh#14658 Regression on multi table query functionality
      (foreign keys)
    - gh#14617 Fix designer errors when database is empty
    - gh#13032 Fix designer errors when database contains special
    - gh#14352 Fix designer javascript errors
    - gh#14764 Fix left/right icons hidden
  - fix for boo#1119245
    - PMASA-2018-6 (CVE-2018-19968, CWE-661)
    - PMASA-2018-7 (CVE-2018-19969, CWE-661)
    - PMASA-2018-8 (CVE-2018-19970, CWE-661)
* Thu Aug 23 2018
  - update to 4.8.3 (2018-08-22)
    - gh#14314 Error when naming a database '0'
    - gh#14333 Fix NULL as default not shown
    - gh#14229 Fixes issue with recent table list
    - gh#14045 Fix slow performance on DB structure filtering
    - gh#14327 Fix Editing server variable not showing save or cancel
    - gh#14377 Populate options for view create and edit
    - gh#14171 2FA configuration fails if PHP doesn't have GD support
    - gh#14390 Can't unhide tables
    - gh#14382 "Visualize GIS data" icon missing
    - gh#14435 Event scheduler status toggle doesn't work
    - gh#14365 View not working on multiple servers
    - gh#14207 Partition actions in table structure do not work
    - gh#14375 Fixes ERR_BLOCKED_BY_XSS_AUDITOR on export table
    - gh#14552 Blank message shown instead of MySQL error when adding
      trigger and other locations
    - gh#14525 Fix PHP 7.3 warning: "continue" in "switch" is equal
      to "break"
    - gh#14554 Icon missing when creating a new trigger, routine,
      and event
    - gh#14422 Table comment not showing since 4.8.1
    - gh#14426 Drop table doesn't work when you copy tables to
      another database
    - gh#14581 Escaped HTML in 'Add a new server' setup
    - gh#14548 [security] HTML injection in import warning messages,
      see PMASA-2018-5
  - fix for boo#1105726
    - PMASA-2018-5 (CVE-2018-15605, CWE-661)
* Tue Jul 31 2018
  - fix for boo#1103305
    * add missing dependency for php-ctype
* Fri Jun 22 2018
  - update to 4.8.2 (2018-06-21)
    * issue #14370 WHERE 0 causes Fatal error
    * issue #14225 Fix missing index icon
  - fix for boo#1098752
    * PMASA-2018-3 (CVE-2018-12581, CWE-661)
    - XSS in Designer feature
  - fix for boo#1098751
    * PMASA-2018-4 (CVE-2018-12613, CWE-661)
    - File inclusion and remote code execution attack
  - some minor changelog fixes about security fix entries
* Sat May 26 2018
  - update to 4.8.1 (2018-05-25)
    * gh#12772 Fix case where the central columns attributes don't
      get filled in
    * gh#14049 Fix case where the query builder doesn't work when
      selected column is *
    * gh#14029 Revert "Browse" table CSS overflow
    * gh#14241 Dropping indexes and foreign keys fail
    * gh#14227 Relational linking broken
    * gh#14246 Fixed error in configuration storage zero config
    * gh#14128 Show 2FA Secret next to QR code
    * gh#14212 XML Export from single table throws fatal error
    * gh#14239 Line and some other charts ignore result set order of
      values chosen for the x-axis
    * gh#14260 Fixed configuration for DefaultLang and Lang
    * gh#14264 Linking for 'Distinct values' broken
    * gh#13968 Fix MariaDB 10.2 current_timestamp()
    * gh#14249 Fix for missing go button in view edit
    * gh#14125 Fix for issues with spatial fields
    * gh#14189 Remember table's sorting broken
    * gh#14289 Fix multi-column sorting
    * gh#14278 Fix central columns in-line edit bug
    * gh#14066 Fix AUTO_INCREMENT error when only exporting table
      structure in database-level exports
    * gh#13893 Simulating queries produces unexpected results
    * gh#14309 Setup script icons missing
* Fri Apr 20 2018
  - update to (2018-04-19)
  - fix for boo#1090309
    * PMASA-2018-2 (CVE-2018-10188, CWE-661)
    - Multiple CSRF vulnerabilities
* Wed Apr 11 2018
  - fix wrong require /usr/bin/bash to /bin/bash so phpMyAdmin could
  - insert missing templates dir in htaccess
  - create tmp dir and insert this in htaccess to fix the errormessage
    after login
* Wed Apr 11 2018
  - spec clean up
    * Let rpm find the library dependencies by itself. Remove
      unneeded explicit Requires: tags (php-zlib)
    * Remove logic for obsolete openSUSE releases
    * Ignore pem-certificate rpmlint warning (see
    * Remove hidden .github, .php_cs.dist, .scrutinizer.yml and
    * Remove php_twig.h and twig.c (devel)
    * Set proper shebang for bash and php scripts
    * Make phpmyadmin/sql-parser/bin/*-query and
      paragonie/random_compat/*.sh executable
* Wed Apr 11 2018
  - update to 4.8.0 (2018-04-07)
    * gh#12946 Allow to export JSON with unescaped unicode chars
    * gh#12983 Disable login button without solved reCaptcha
    * gh#12315 Allow to remove individual segments from pie charts
    * gh       Change label from "Improve table structure" to
    "Normalize" to match standard terminology
    * gh#13087 Offer login as different user on access denied from
    * gh#13110 Indicate when HTTPS is not properly reported on the
    * gh#13119 No database selected error when adding foreign key
    * gh#12388 Improved database search to allow search for exact
    phrase match
    * gh#13099 Report error when trying to copy database to same
    * gh#13167 Themes now have to contain metadata in theme.json
    * gh#6363  phpMyAdmin no longer requires eval() in PHP
    * gh#12386 The mbstring dependency is now optional
    * gh#13269 Small refactoring in preparation to CSP
    * gh#13384 Database link broken in Databases Page
    * gh#13391 Configurable authentication logging using
    * gh#13086 Add support for Google Invisible Captcha
    * gh#13058 Improved error reporting for reCAPTCHA
    * gh#12899 Improved rendering of server variables table
    * gh#12948 Fixed javascript editor for TIME values
    * gh#13095 Fixed alignment of foreign keys editing
    * gh#12944 Improved inline editor for JSON
    * gh#13145 Improved layout of operations pages
    * gh#13448 Add "format" query button in edit view form
    * gh#6241  Implement Responsive Design/mobile interface
    * gh       Use a single location for classes under PhpMyAdmin
    * gh#12354 Indicate SSL status on main page
    * gh#5666  Configuration directives for defaults of Transformation
    * gh#12261 Remove inline JavaScript
    * gh#13408 Show MySQL warnings when executing SQL queries
    * gh#5827  Allow Designer to show tables from other databases
    * gh#13268 Replace Query-By-Example with multi-table query
    generator interface
    * gh#13576 Add privileges export to per-database listing
    * gh       Consolidate functions into class files
    * gh#13560 Add support for changing collation for all tables and
    columns in database
    * gh#13303 Add support for creating fulltext index from table
    * gh#13711 Lower default value for $cfg['MaxExactCount']
    * gh#13722 DisableIS is not fully honored
    * gh#6197  Added support for authentication using U2F and 2FA
    * gh#13480 Avoid removing cookies on upgrade
    * gh#13397 Remember state of navigation panel
    * gh#11688 Reduced cookie usage
    * gh#13466 Better utilization of user preferences
    * gh#14042 Rename PMD to Designer
    * gh#13940 Honor arg_separator in AJAX requests
    * gh#14060 Can't edit rows in Internet Explorer
    * gh#14096 Internet Explorer compatibility; fixes JavaScript error
    Object doesn't support property or method 'startsWith'
* Tue Mar 06 2018
  - update to 4.7.9 (2018-03-05)
    * gh#13931 Fixed browsing tables with more results
    * gh#13927 "Not an integer" when browsing a table
    * gh#13887 "Input variables exceeded 1000" error relating
      to PHP's max_input_vars directive
* Thu Feb 22 2018
  - phpMyAdmin 4.7.8:
    * Fixed error handling with PHP 7.2
    * Fixed resetting default setting values
    * Fixed fallback value for collation connection
  - fix for boo#1082188
    * PMASA-2018-1 (CVE-2018-7260, CWE-661)
    - Fix XSS in Central Columns Feature
* Mon Dec 25 2017
  - phpMyAdmin 4.7.7:
    * Fixed displaying of formatted numeric values for some locales
    * Ensure datetimepicker is always loaded for datetime fields
    * Fixed PHP error when browsing certain results
    * Fix XSRF/CSRF vulnerability (bsc#1074066, PMASA-2017-09)
* Sat Dec 02 2017
  - update to 4.7.6 (2017-11-29)
    * gh#13517 Fixed check all interaction with filtering
    * gh#13803 Add SJIS-win to default list of allowed charsets
    * gh#13436 Improve detection that MySQL server needs SSL connection
    * gh#13038 Support JSON datatype on MariaDB 10.2.7 and newer
    * gh#13824 Fixed constructing ALTER query with AFTER
    * gh#13821 Lock page when changes are done in the SQL editor
    * gh#13842 Prefer iconv for encoding conversions
    * gh#13737 Fixed changing password on MariaDB cluster
* Sun Nov 26 2017
  - fix for boo#1057661
    * no longer require php_mod_any (recommend it instead)
    * only enable php5 / php7 if running Apache prefork MPM
  - fix %post
    * use sed instead of grep/awk to determine PHP version
* Tue Oct 24 2017
  - update to 4.7.5 (2017-10-23)
    * gh#13615 Avoid problems with browsing unknown query types
    * gh#13612 Integrate tooltip into datetime pickers
    * gh#13628 Fixed javascript error in server monitor
    * gh#13444 Fixed server monitor on non Linux and Windows systems
    * gh#13633 Reload javscript messages when changing language
    * gh#13604 Fixed crash on invalid ordering data
    * gh#13639 Fixed error when browsing non SELECT results
    * gh#13533 Fixed saving column to display
    * gh#13647 Fixed export of tables with VIRTUAL columns
    * gh#13669 Fixed selecting multiple rows accidentally selects
      the next row too
    * gh#13513 Fixed edit index Column alignment issue
    * gh#13515 Fixed rendering of add index dialog
    * gh#13710 Fixed possible error in server advisor
    * gh#13477 Fixed setting input transformations
    * gh#13552 Fixed IPv4/IPv6 To Binary input transformation
    * gh#13686 Clicking on column name to trigger sort with an active
      search leads to logout
    * gh#13725 Fixed copying tables with specific PARTITION
    * gh#13761 Fixed listing of bookmarks for a database
* Fri Sep 08 2017
  - fix recommends
    * php5-curl -> php-curl
    * php5-zip -> php-zip
  - fix post step
    * enable correct phpX module
* Fri Aug 25 2017
  - update to 4.7.4
    * gh#13415 Remove shadow from the logo
    * gh#13507 Fixed per server theme feature
    * gh#13523 Missing newline in ALTER exports
    * gh#13414 Fixed several compatibility issues with PHP 7.2
    * gh#13550 Fixed copy results to clipboard
    * gh#13562 Add limitation for user group length
    * gh#13561 Fixed edit variable link in advisor
    * gh#13579 Optimize table link should not be visible in print
    * gh#13553 Improved error handling on corrupted tables
    * gh#13512 Fixed rendering of add index dialog
    * gh#13606 Fixed refreshing server variables
* Fri Jul 28 2017
  - fix for boo#1050980
    * replace mcrypt with openssl, see
  - update changes (update to 4.6.6 (2017-01-23))
    * add missing (CVE-Not yet available) CVE's
* Sat Jul 22 2017
  - update to 4.7.3
    * gh#13447 Large multi-line query removes Export operation and
      blanks query box options
    * gh#13445 Fixed rendering of query results
    * gh#13437 Fixed version check when not connected to a database
    * gh#13465 Fixed creating relation
    * gh#13475 Fixed export without backquotes
    * gh#13482 Improved handling of uploaded files with open_basedir
    * gh#13387 Fixed inline editing of hex values
    * gh#13382 Fixed size of index edit dialog
    * gh#13489 Fixed rendering SQL lint errors
    * gh#13468 Avoid breakage if set_time_limit is disabled
    * gh#13471 Fail if ini_set/ini_get are disabled
    * gh#13436 Automatically connect using SSL when server is
      configured so
    * gh#13478 Fixed usage of some browser transformations
* Sun Jul 02 2017
  - update to 4.7.2 (2017-06-29)
    * gh#13314 Make theme selection keep current server
    * gh#13311 Fixed direct login for accounts without password
    * gh#13316 Fixed check for mbstring.func_overload
    * gh#13323 Fixed wrong encoding of table at triggers
    * gh#12976 Fixed natural sorting in several places
    * gh#12718 Show warning for users removed from mysql.user table
    * gh#13362 Fixed loading additional javascripts
    * gh#13343 Fixed editing QBE
    * gh#13193 Improved documentation on user settings
    * gh#13092 Gracefully handle early fatal errors in AJAX requests
    * gh#13327 Fixed Incorrect NavigationTreeEnableExpansion default
      value in the documentation
    * gh#13008 Fixed export of database with a lot of tables
    * gh#13318 Improved performance when importing with enabled
    * gh#13386 Avoid PHP errors with non existing configuration on
      OS X
    * gh#13388 Show only supported charsets for conversion
    * gh#13392 Fixed operation with session.auto_start enabled
    * gh#13383 "Create PHP code" is broken
    * gh#13189 Fixed links to resume timeouted import
* Fri Jun 02 2017
  - update to 4.7.1 (2017-05-25)
    * gh#13132 Always execute tracking queries as controluser
    * gh#13125 Focus on SQL editor after inserting field name
    * gh#13133 Fixed broken links in setup
    * gh#13135 Database list Tooltips: Show wrong value
    * gh#13150 Fixed pagination while browsing resuls
    * gh#13149 Fixed outbound links in changelog.php
    * gh#13146 Do not include devel dependencies in the release
    * gh#13144 Do not show New as a database in database dropdown
    * gh#13130 Fixed handling of errors in AJAX requests
    * gh#13152 Fixed PHP error in case of invalid table preferences
    * gh#13154 Fixed PHP error on password change
    * gh#13219 Fix Refresh of Process List
    * gh#13182 Fix refresh of long queries
    * gh#12301 Improved handling of logout with disabled
    * gh#13216 Add support for MySQL 8.0 collations
    * gh#13218 Fixed rendering of phpMyAdmin logos
    * gh#13234 Properly report not working sessions
    * gh#13256 Fixed password check on server replication
    * gh#13252 Fixed grid editing time column
    * gh#13258 Fixed detection of Amazon RDS
    * gh#13241 Redirect user to last page that has any tables to
    * gh#13266 Fix link to User accounts overview page
    * gh#13274 Fix error in query builder
    * gh#13177 Grid editing repeats action after error
* Sat Apr 22 2017
  - restore phpMyAdmin-pma.patch
    * because it is NOT upstream and needed for configuration storage
  - restore previous phpMyAdmin-config.patch
    * merge with upstream config VAR changes
    - removed $cfg['Servers'][$i]['designer_coords']
* Sat Apr 01 2017
  - update to 4.7.0 (2017-03-28)
    * gh#12233 [Display] Improve message when renaming database to
      same name
    * gh#6146  Log authentication attempts to syslog
    * gh#11981 Remove support for Swekey authentication
    * gh#11987 Remove code for no longer supported MSIE versions
    * gh#11962 Remove embedded PHP libraries, use composer to install
    * gh#12017 Cannot easily select multiple tables when exporting
    * gh#12047 Add javascript filtering for databases
    * gh#12166 More compact rendering of navigation tree
    * gh#12129 Improve performance with SkipLockedTables
    * gh#12173 Do not hide indexes under a slider
    * Improve performance of zip file import
    * gh#12196 Removed $cfg['ThemePath']
    * gh#6274  Add support for export user settings as
    * gh#5555  Better report query errors while generating SQL exports
    * gh#12307 Produce valid JSON on export
    * gh#12325 Setup script icons broken
    * gh#12378 Support IPv6 proxies
    * Removed MySQL connection retry without password
    * gh#12218 Allow to specify further parameters for control
    * gh#12162 Show charset for each table on Database structure page
    * gh#12463 Incorrect link in the href of icon at Hide/Show unhide
    * gh#12330 Shortcut for closing console
    * gh#12465 Improved handling of http requests
    * gh#12474 Broken links in Setup forms Navigation
    * gh#12494 Can't add a new User
    * gh#12523 Add 'token' Parameter in all POST requests
      (Fix 'Token mismatch' errors)
    * gh#12302 Improved usage of number_format
    * gh#12656 Server selection not working
    * gh#12543 NULL results in dataset are colored grey
    * gh#12664 Create Bookmark broken
    * gh#12688 Use unsigned int for storing bookmark ID
    * gh#12352 Added password strength indicator
    * gh#12713 Correctly handle HTTP status when doing requests
    * gh#12247 Add option to delete settings from browser storage
    * gh#12783 Remove unused PMA_addJSCode function
    * gh#12069 Add table filtering to database structure
    * gh#12799 Allow to configure signon session parameters
    * gh#12854 Drop database is broken
    * gh#12863 Can't toggle Event Scheduler on
    * gh#12742 Finish removing dead code references to xls/xlsx
      import and export, which was removed some time ago.
    * gh#12536 Rename "Relations" to "Relationships" in many places
      as it's the more proper term
    * gh#12834 Fixed margins in central columns feature
    * gh#12903 Document more export configuration options
    * gh#12897 Use consistent numeric format for table overhead
    * gh#12901 Use server returned table name on renaming table
    * gh#12918 Always use \r\n as newline when editing fields
    * gh#12923 Fixed server side search in navigation panel
    * gh#12929 Undefined index warning with ssl_ca_paths
    * gh#12924 Do not show errors from OpenSSL cookie
    * gh#12945 Fixed hint rendering on adding new user
    * gh#12941 Fixed sorting of tables in relation view
    * gh#12936 Fixed tables pagination in navigation panel
    * gh#12904 Do not collapse add form for central columns if there
      are none
    * gh#12955 Fixed database renaming
    * gh#12954 Fixed export of tracking data
    * gh#12960 Enclose exports in transaction by default
    * gh#12966 After adding a column ADD INDEX option won't be
      displayed when enabling AI
    * gh#12972 Better error message when Composer has not been run
    * gh#12988 Do not show language selector without choices
    * gh#12993 Fixed external links to php documentation
    * gh#12990 Fixed error when loading favorite tables to console
    * gh#12981 Improved rendering of new version information
    * gh#12922 Fixed bookmarks ordering
    * gh#12964 Fixed table search in navigation
    * gh#12985 Fixed rendering of foreign key browsing
    * gh#12957 Fixed manipulation with GIS data having zero
    * gh#12804 Fixed various designer javascript errors
    * gh#12934 Fixed possible javascript error on server status page
    * gh#12927 Fixed javascript error on 3NF normalization
    * gh#12996 List all databses in navigation panel database
    * gh#12980 Better defaults when creating multi field foreign key
    * gh#12976 Improved foreign key editor behavior
    * gh#12958 Always show error reporting dialog on top
    * gh#12693 Improved support for TokuDB
    * gh#11231 Try harder to honor LoginCookieValidity setting
    * gh#13016 and #13017 Slight improvements to the table layout of
      Relation view
    * gh#12345 Correctly show affected rows for LOAD DATA queries
    * gh#13010 Copy database: SQL error for copying PMADB metadata
    * gh#13002 Fixed OpenDocument exports
    * gh#13000 Align NULL values according to the column alignment
    * gh#13021 Show phpMyAdmin errors even with error_reporting
      set to 0
    * gh#13020 Removed warning about client and server versions
    * Hide comments on table Structure tab when no comment is set
    * Fixed submission of error reports
    * gh#13033 Use Referrer-Policy header to specify referrer policy
    * Fixed javascript confirmation of dangerous queries
    * gh#13040 Compatibility with hhvm 3.18
    * gh#13031 Fixed displaying of all rows
    * gh#12967 Fixed related field selection for native relations
    * gh#13045 Properly escape MIME transformatoin names
    * gh#13028 Always show 100% in font selector
    * gh#13047 Fix query simulating for more servers
    * gh#12846 Fix new version check for sites with wrongly
      configured curl
    * gh#12951 When exporting to Excel, the default is now to include
      column names in the first row
    * gh#13059 Removed debugging code
    * gh#13029 Fixed table tracking for nested table groups
    * gh#13053 Fixed broken links in setup
    * gh#12708 Removed phpMyAdmin version from User-Agent header
    * gh#13084 Do not point users to setup when it is disabled
    * gh#12660 Delete only phpMyAdmin cookies on upgrade
    * gh#13088 Fixed editing of rows with text primary key
    * gh#13092 Do not try to sync favorite tables if configuration
      storage is not enabled
    * gh#13105 Fixed changing attribute for virtual field
    * gh#12757 Fixed setting password on recent MariaDB with non
      working plugins
    * gh#12349 Fixed undefined variable on import from some formats
    * gh#13103 Do not offer default names for copying/renaming
    * [security] Possible to bypass
      $cfg['Servers'][$i]['AllowNoPassword'], see PMASA-2017-08
  - Drop patch phpMyAdmin-pma.patch because now in upstream
* Mon Mar 20 2017
  - add file
    * include one file for php5/php7 admin flags/values
* Wed Jan 25 2017
  - 4.6.6 (2017-01-23)
    * gh#12759 Fix Notice regarding 'Undefined index: old_usergroup'
    * gh#12760 Fix Notice regarding 'Undefined index: users'
    * gh#12762 Fixed parsing of SQL with BINARY function
    * gh#12588 ReCaptcha now works without allow_url_fopen
    * gh#12699 Show no local storage warning only on settings tab
    * gh#12778 Syntax Error in Adding/Changing TIMESTAMP columns with
      default value as NULL
    * gh#12769 Edit/Export links are not clickable under Routines tab
    * gh#12757 Fixed creating new user with older MariaDB
    * gh#12784 Remove ctype installation suggestion
    * gh#12780 Format button replaces all text with blank spaces
    * gh#12786 Fixed database searching
    * gh#12792 Fixed javascript error on new version link
    * gh#12785 Add information about required and suggested extensions
      to composer.json
    * gh#12801 Custom header shown twice with cookie login form
    * gh#12802 Custom footer not shown with auth_type http login failure
    * gh#12434 Improve documentation for servers running with Suhosin
    * gh#12800 Updated embedded phpSecLib to 2.0.4
    * gh#12800 Fixed various issues with PHP 7.1
    * gh#11816 Fixed operation with lower_case_table_names=2
    * gh#12813 Fixed stored procedure execution
    * gh#12826 Honor user configured connection collation
    * gh#12293 Correctly report OpenSSL errors from cookie encryption
    * gh#12814 DateTime won't allow to input length in Routine editor
    * gh#12840 Fix Notice regarding 'Undefined index: row_format' when
      altering table options
    * gh#12841 Fixed moving of columns with whitespace in name
    * gh#12847 Fixed editing of virtual columns
    * gh#12859 Changed WHERE condition to 0 instead of 1 for SQL query
      window to avoid accidents
    * gh#12872 Use same query for display and execution when dropping
    * gh#12868 Fix check for user groups freatures being enabled
    * gh#12876 Fix notices and warning related to dbs_to_test global
    * gh#12831 Fix table formatting on Insert tab, which mostly
      affected row highlighting
    * gh#12495 Reintroduced phpinfo page with limited capabilities
    * gh#12861 Fix renaming tables with lower_case_table_names=2
    * gh#12876 Fix possible PHP error in navigation
    * gh#12881 Fix database search with newer php-gettext
    * gh#12894 Fix linter error on unterminated variable name
    * gh#12732 Fixed filtering for active processes
  - fix for boo#1021597
    * PMASA-2016-44 (CVE-2016-6621, CWE-661)
    - Multiple vulnerabilities in setup script
    * PMASA-2017-1 (CVE-2017-1000013, CWE-661)
    - Open redirect
    * PMASA-2017-2 (CVE-2015-8980, CWE-661)
    - php-gettext code execution
    * PMASA-2017-3 (CVE-2017-1000014, CWE-661)
    - DOS vulnerabiltiy in table editing
    * PMASA-2017-4 (CVE-2017-1000015, CWE-661)
    - CSS injection in themes
    * PMASA-2017-5 (CVE-2017-1000016, CWE-661)
    - Cookie attribute injection attack
    * PMASA-2017-6 (CVE-2017-1000017, CWE-661)
    - SSRF in replication
    * PMASA-2017-7 (CVE-2017-1000018, CWE-661)
    - DOS in replication status
  - remove obsolete phpMyAdmin-12757_sql_syntax_errror.patch
  - rework phpMyAdmin-config.patch
* Thu Jan 19 2017
  - Add Patch phpMyAdmin-12757_sql_syntax_errror.patch to fix
    gh#12757 SQL syntax errror on MariaDB < 10.0.2 in check for mysql
    password check plugin.
    Will be fixed in 4.6.6
* Tue Dec 06 2016
  - update to (2016-12-05)
    * gh#12765 Fixed SQL export with newlines
  - update changes (update to 4.6.5 (2016-11-25))
    * add missing (Not yet available) CVE's
  - fix phpMyAdmin.http
* Sat Nov 26 2016
  - update to (2016-11-26)
    - quick fix for 4.6.5
    * an issue affecting a small number of users using
      $cfg['Servers'][$i]['hide_db'] or $cfg['Servers'][$i]['only_db'].
    * an issue affecting the create table dialog where the partition
      selection tool was overzealous and made it difficult to create
      a new table.
  - update to 4.6.5 (2016-11-25)
    - security fixes
    * Fix for expanding in navigation pane
    * Reintroduced a simplified version of PmaAbsoluteUri directive
      (needed with reverse proxies)
    * Fix editing of ENUM/SET/DECIMAL field structures
    * Improvements to the parser
    - other fixes
    * Remove potentionally license problematic sRGB profile
    * gh#12459 Display read only fields as read only when editing
    * gh#12384 Fix expanding of navigation pane when clicking on database
    * gh#12430 Impove partitioning support
    * gh#12374 Reintroduced simplified PmaAbsoluteUri configuration
    * Always use UTC time in HTTP headers
    * gh#12479 Simplified validation of external links
    * gh#12483 Fix browsing tables with built in transformations
    * gh#12485 Do not show warning about short blowfish_secret if none
      is set
    * gh#12251 Fixed random logouts due to wrong cookie path
    * gh#12480 Fixed editing of ENUM/SET/DECIMAL fields structure
    * gh#12497 Missing escaping of configuration used in SQL
      (hide_db and only_db)
    * gh#12476 Add error checking in reading advisory rules file
    * gh#12477 Add checking missing elements and confirming element
      types from json_decode
    * gh#12251 Automatically save SQL query in browser local storage
      rather than in cookie
    * gh#12292 Unable to edit transformations
    * gh#12502 Remove unused paramenter when connecting to MySQLi
    * gh#12303 Fix number formatting with different settings of
      precision in PHP
    * gh#12405 Use single quotes in PHP code
    * gh#12534 Option for the dropped column is not removed from
      'after_field' select, after the column is dropped
    * gh#12531 Properly detect DROP DATABASE queries
    * gh#12470 Fix possible race condition in setting URL hash
    * gh#11924 Remove caching of server information
    * gh#11628 Proper parsing of INSERT ... ON DUPLICATE KEY queries
    * gh#12545 Proper parsing of CREATE TABLE ... PARTITION queries
    * gh#12473 Code can throw unhandled exception
    * gh#12550 Do not try to keep alive session even after expiry
    * gh#12512 Fixed rendering BBCode links in setup
    * gh#12518 Fixed copy of table with generated columns
    * gh#12221 Fixed export of table with generated columns
    * gh#12320 Copying a user does not copy usergroup
    * gh#12272 Adding a new row with default enum goes to no selection
      when you want to add more then 2 rows
    * gh#12487 Drag and drop import prevents file dropping to blob
      column file selector on the insert tab
    * gh#12554 Absence of scrolling makes it impossible to read longer
      text values in grid editing
    * gh#12530 "Edit routine" crashes when the current user is not the
      definer, even if privileges are adequate
    * gh#12300 Export selective tables by-default dumps Events also
    * gh#12298 Fixed export of view definitions
    * gh#12242 Edit routine detail dialog does not fill "Return length"
      field in mysql functions
    * gh#12575 New index Confirm adds whitespace around the field name
    * gh#12382 Bug in zoom search
    * gh#12321 Assign LIMIT clause only to syntactically correct queries
    * gh#12461 Can't Execute SQL With Sub-Query Due To "LIMIT 0,25"
      Inserted At Wrong Place
    * gh#12511 Clarify documentation on ArbitraryServerRegexp
    * gh#12508 Remove duplicate code in SQL escaping
    * gh#12475 Cleanup code for getting table information
    * gh#12579 phpMyAdmin's export of a Select statment without a FROM
      clause generates Wrong SQL
    * gh#12316 Correct export of complex SELECT statements
    * gh#12080 Fixed parsing of subselect queries
    * gh#11740 Fixed handling DELETE ... USING queries
    * gh#12100 Fixed handling of CASE operator
    * gh#12455 Query history stores separate entry for every letter
    * gh#12327 Create PHP code no longer works
    * gh#12179 Fixed bookmarking of query with multiple statements
    * gh#12419 Wrong description on GRANT OPTION
    * gh#12615 Fixed regexp for matching browser versions
    * gh#12569 Avoid showing import errors twice
    * gh#12362 prefs_manage.php can leave an orphaned temporary file
    * gh#12619 Unable to export csv when using union select
    * gh#12625 Broken Edit links in query results of JOIN query
    * gh#12634 Drop DB error in import if DB doesn't exist
    * gh#12338 Designer reverts to first saved ER after EACH relation
      create or delete
    * gh#12639 'Show trace' in Console generates JS error for functions
      in query's trace called without any arguments
    * gh#12366 Fix user creation with certain MariaDB setups
    * gh#12616 Refuse to work with mbstring.func_overload enabled
    * gh#12472 Properly report connection without password in setup
    * gh#12365 Fix records count for large tables
    * gh#12533 Fix records count for complex queries
    * gh#12454 Query history not updated in console until page refresh
    * gh#12344 Fixed parsing of labels in loop
    * gh#12228 Fixed parsing of BEGIN labels
    * gh#12637 Fixed editing some timestamp values
    * gh#12622 Fixed javascript error in designer
    * gh#12334 Missing page indicator or VIEWs
    * gh#12610 Export of tables with Timestamp/Datetime/Time columns
      defined with ON UPDATE clause with precision fails
    * gh#12661 Error inserting into pma__history after timeout
    * gh#12195 Row_format = fixed not visible
    * gh#12665 Cannot add a foreign key - non-indexed fields not listed
      in InnoDB tables
    * gh#12674 Allow for proper MySQL-allowed strings as identifiers
    * gh#12651 Allow for partial dates on table insert page
    * gh#12681 Fixed designer with tables using special chars
    * gh#12652 Fixed visual query builder for foreign keys with more
    * gh#12257 Improved search page performance
    * gh#12322 Avoid selecting default function for foreign keys
    * gh#12453 Fixed escaping of SQL parts in some corner cases
    * gh#12542 Missing table name in account privileges editor
    * gh#12691 Remove ksort call on empty array in PMA_getPlugins
    * gh#12443 Check parameter type before processing
    * gh#12299 Avoid generating too long URLs in search
    * gh#12361 Fix self SQL injection in table-specific privileges
    * gh#12698 Add link to release notes and download on new version
    * gh#12712 Error when trying to setup replication (fatal error in
      call to an old PMA_DBI_connect function)
  - fix for boo#1012271
    * Unsafe generation of $cfg['blowfish_secret']
      see PMASA-2016-58 (CVE ids: CVE-2016-9847, CWE-661)
    * phpMyAdmin's phpinfo functionality is removed
      see PMASA-2016-59 (CVE ids: CVE-2016-9848, CWE-661)
    * AllowRoot and allow/deny rule bypass with specially-crafted
      see PMASA-2016-60 (CVE ids: CVE-2016-9849, CWE-661)
    * Username matching weaknesses with allow/deny rules
      see PMASA-2016-61 (CVE ids: CVE-2016-9850, CWE-661)
    * Possible to bypass logout timeout
      see PMASA-2016-62 (CVE ids: CVE-2016-9851, CWE-661)
    * Full path disclosure (FPD) weaknesses
      see PMASA-2016-63 (CVE ids: CVE-2016-9852, CVE-2016-9853,
      CVE-2016-9854, CVE-2016-9855, CWE-661)
    * Multiple XSS weaknesses
      see PMASA-2016-64 (CVE ids: CVE-2016-9856, CVE-2016-9857,
      CWE-661, CWE-352)
    * Multiple denial-of-service (DOS) vulnerabilities
      see PMASA-2016-65 (CVE ids: CVE-2016-9858, CVE-2016-9859,
      CVE-2016-9860, CWE-661, CW-400)
    * Possible to bypass white-list protection for URL redirection
      see PMASA-2016-66 (CVE ids: CVE-2016-9861, CWE-661, CWE-20,
    * BBCode injection to login page
      see PMASA-2016-67 (CVE ids: CVE-2016-9862, CWE-661)
    * Denial-of-service (DOS) vulnerability in table partitioning
      see PMASA-2016-68 (CVE ids: CVE-2016-9863, CWE-661, CWE-400)
    * Multiple SQL injection vulnerabilities
      see PMASA-2016-69 (CVE ids: CVE-2016-9864, CWE-661, CWE-89)
    * Incorrect serialized string parsing
      see PMASA-2016-70 (CVE ids: CVE-2016-9865, CWE-661)
    * CSRF token not stripped from the URL
      see PMASA-2016-71 (CVE ids: CVE-2016-9866, CWE-661)
* Sun Nov 06 2016
  - fix deps
    * add missing Recommends php5-curl
  - fix phpMyAdmin.http
    * add <IfModule mod_php7.c>
* Sat Nov 05 2016
  - fix phpMyAdmin.http
* Thu Aug 18 2016
  - 4.6.4 (2016-08-16)
    - securitiy fixes
    * Improve session cookie code for openid.php and signon.php example
    * Full path disclosure in openid.php and signon.php example files
    * Unsafe generation of BlowfishSecret (when not supplied by the user)
    * Referrer leak when phpinfo is enabled
    * Use HTTPS for wiki links
    * Improve SSL certificate handling
    * Fix full path disclosure in debugging code
    * Administrators could trigger SQL injection attack against users
    - other fixes
    * Remove Swekey support
    * Include X-Robots-Tag header in responses
    * Enforce numeric field length when creating table
    * Fixed invalid Content-Length in some HTTP responses
    * gh#12394 Create view should require a view name
    * gh#12391 Message with 'Change password successfully' displayed,
      but does not take effect
    * Tighten control on PHP sessions and session cookies
    * gh#12409 Re-enable overhead on server databases view
    * gh#12414 Fixed rendering of Original theme
    * gh#12413 Fixed deleting users in non English locales
    * gh#12416 Fixed replication status output in Databases listing
    * gh#12303 Avoid typecasting to float when not needed
    * gh#12425 Duplicate message variable names in
    * gh#12399 Adding index to table shows wrong top navigation
    * gh#12424 Fixed password change on MariaDB without auth plugin
    * gh#12339 Do not error on unset server port
    * gh#12422 Improvements to the original theme
    * gh#12395 Do not try to load old transformation plugins
    * gh#12423 Fixed replication status in database listing
    * gh#12433 Copy table with prefix does not copy the indexes
    * gh#12375 Search in database: Window content is not scrolling down
      when clicking first time on Browse link
    * gh#12346 SQL Editor textareas can have their size increased from
      the top, distorting the page view
  - fix for boo#994313
    * Weaknesses with cookie encryption
      see PMASA-2016-29 (CVE-2016-6606, CWE-661)
    * Multiple XSS vulnerabilities
      see PMASA-2016-30 (CVE-2016-6607, CWE-661)
    * Multiple XSS vulnerabilities
      see PMASA-2016-31 (CVE-2016-6608, CWE-661)
    * PHP code injection
      see PMASA-2016-32 (CVE-2016-6609, CWE-661)
    * Full path disclosure
      see PMASA-2016-33 (CVE-2016-6610, CWE-661)
    * SQL injection attack
      see PMASA-2016-34 (CVE-2016-6611, CWE-661)
    * Local file exposure through LOAD DATA LOCAL INFILE
      see PMASA-2016-35 (CVE-2016-6612, CWE-661)
    * Local file exposure through symlinks with UploadDir
      see PMASA-2016-36 (CVE-2016-6613, CWE-661)
    * Path traversal with SaveDir and UploadDir
      see PMASA-2016-37 (CVE-2016-6614, CWE-661)
    * Multiple XSS vulnerabilities
      see PMASA-2016-38 (CVE-2016-6615, CWE-661)
    * SQL injection vulnerability as control user
      see PMASA-2016-39 (CVE-2016-6616, CWE-661)
    * SQL injection vulnerability
      see PMASA-2016-40 (CVE-2016-6617, CWE-661)
    * Denial-of-service attack through transformation feature
      see PMASA-2016-41 (CVE-2016-6618, CWE-661)
    * SQL injection vulnerability as control user
      see PMASA-2016-42 (CVE-2016-6619, CWE-661)
    * Verify data before unserializing
      see PMASA-2016-43 (CVE-2016-6620, CWE-661)
    * SSRF in setup script
      see PMASA-2016-44 (CVE-2016-6621, CWE-661)
    * Denial-of-service attack with
      $cfg['AllowArbitraryServer'] = true and persistent connections
      see PMASA-2016-45 (CVE-2016-6622, CWE-661)
    * Denial-of-service attack by using for loops
      see PMASA-2016-46 (CVE-2016-6623, CWE-661)
    * Possible circumvention of IP-based allow/deny rules with IPv6 and
      proxy server
      see PMASA-2016-47 (CVE-2016-6624, CWE-661)
    * Detect if user is logged in
      see PMASA-2016-48 (CVE-2016-6625, CWE-661)
    * Bypass URL redirection protection
      see PMASA-2016-49 (CVE-2016-6626, CWE-661)
    * Referrer leak
      see PMASA-2016-50 (CVE-2016-6627, CWE-661)
    * Reflected File Download
      see PMASA-2016-51 (CVE-2016-6628, CWE-661)
    * ArbitraryServerRegexp bypass
      see PMASA-2016-52 (CVE-2016-6629, CWE-661)
    * Denial-of-service attack by entering long password
      see PMASA-2016-53 (CVE-2016-6630, CWE-661)
    * Remote code execution vulnerability when running as CGI
      see PMASA-2016-54 (CVE-2016-6631, CWE-661)
    * Denial-of-service attack when PHP uses dbase extension
      see PMASA-2016-55 (CVE-2016-6632, CWE-661)
    * Remove tode execution vulnerability when PHP uses dbase extension
      see PMASA-2016-56 (CVE-2016-6633, CWE-661)
  - fix deps
    * add missing php-gettext
  - rebase phpMyAdmin-config.patch
* Thu Jun 23 2016
  - update to 4.6.3 (2016-06-23)
    * gh#12249 Fixed cookie path on Windows
    * gh#12279 Fixed error reporting on connect problems
    * gh#12290 Fixed export of tables without explicitly set engine
    * gh#12285 Designer JavaScript error: Show/Hide tables list
    * gh#12293 Fix MySQL SSL connection with some PHP versions
    * gh#12279 Fix MySQL connection error on version mismatch
    * gh#12281 Keep user attributes (privileges, authentication mode, etc) when copying a user
    * gh#12308 Fix division by zero in case of misconfigured MySQL server
    * gh#12317 Fix editing server variables
    * gh#12303 Fix table size calculation in some circumstances
    * gh#12310 Fix listing routines for non privileged user
    * issue Escape generated query in exporting a database
    * issue Setup script did not properly use input type password for some input types
  - fix for boo#986154
    * PMASA-2016-17 (CVE-2016-5701, CWE-661)
    - BBCode injection vulnerability
    * PMASA-2016-18 (CVE-2016-5702, CWE-661)
    - Cookie attribute injection attack
    * PMASA-2016-19 (CVE-2016-5703, CWE-661)
    - SQL injection attack
    * PMASA-2016-20 (CVE-2016-5704, CWE-661)
    - XSS on table structure page
    * PMASA-2016-21 (CVE-2016-5705, CWE-661)
    - Multiple XSS vulnerabilities
    * PMASA-2016-22 (CVE-2016-5706, CWE-661)
    - DOS attack
    * PMASA-2016-23 (CVE-2016-5730, CWE-661)
    - Multiple full path disclosure vulnerabilities
    * PMASA-2016-24 (CVE-2016-5731, CWE-661)
    - XSS through FPD
    * PMASA-2016-25 (CVE-2016-5732, CWE-661)
    - XSS in partition range functionality
    * PMASA-2016-26 (CVE-2016-5733, CWE-661)
    - Multiple XSS vulnerabilities
    * PMASA-2016-27 (CVE-2016-5734, CWE-661)
    - Unsafe handling of preg_replace parameters
    * PMASA-2016-28 (CVE-2016-5739, CWE-661)
    - Referrer leak in transformations
* Sun May 29 2016
  - rebase phpMyAdmin-config.patch
* Sat May 28 2016
  - update to 4.6.2 (2016-05-25)
    - gh#12225 Use https for documentation links
    - gh#12234 Fix schema export with too many tables
    - gh#12240 Avoid parsing non JSON responses as JSON
    - gh#12244 Avoid using too log URLs when getting javascripts
    - gh#12118 Fixed setting mixed case languages
    - gh#12229 Avoid storing objects in session when debugging SQL
    - gh#12249 Fix cookie path on IIS
    - gh#11705 Fix occassional 200 errors on Windows
    - gh#12219 Fix locking issues when importing SQL
    - gh#12231 Avoid confusing warning when mysql extension is missing
    - fix issue Improve handling of logout
    - fix issue Safer handling of sessions during authentication
    - gh#12209 Fix server selection on main page
    - gh#12192 Avoid storing full error data in session
    - gh#12082 Fixed export of ARCHIVE tables with keys
    - gh#11565 Add session reload for config authentication
    - gh#12229 Do not fail on errors stored in session
    - gh#12248 Fix loading of APC based upload progress bar
  - remove PmaAbsoluteUri from phpMyAdmin-config.patch because since
    version 4.6.0 it is remove
  - Security fixes:
    * PMASA-2016-14 (CVE-2016-5097, CWE-661, boo#982126)
    - User SQL queries can be revealed through URL GET parameters,
      see PMASA-2016-14
    * PMASA-2016-16 (CVE-2016-5099, CWE-661, boo#982128)
    - Self XSS vulneratbility, see PMASA-2016-16
* Mon May 09 2016
  - phpMyAdmin 4.6.1:
    * Problems with SQL syntax warnings from the linter/parser
    * Fixing an error about "PMA_Util" not found
    * Better handling of JSON columns
    * Fixed quoting with the SQL parser, which in particular adversely
      affected SQL imports and exports
* Thu Mar 24 2016
  - phpMyAdmin 4.6.0:
    * Allow setting routine-wise privileges
    * UI for defining partitioning in create table window
    * Support JSON data type
    * Editing partitions in table Structure
    * Copy results to clipboard
    * Reactivate cut&paste possibility in print view
    * Display binary strings as text if they are valid UTF-8
    * Copy multiple tables to database
    * Show MySQL error messages in user language
    * Add new configuration directive 'ssl_verify' for self-signed
      certificates with mysqlnd and PHP >= 5.6
    * Remove ForceSSL and PmaAbsoluteUri configuration directives
      (these are better handled by proper webserver configuration)
    * Fixed several bugs relating to exporting, particularly with
      DEFAULT and COMMENT fields
* Tue Mar 01 2016
  - phpMyAdmin
    The following vulnerabilities were fixed:
    * CVE-2016-2559: XSS vulnerability in SQL parser (PMASA-2016-10 boo#968940)
    * CVE-2016-2560: Multiple XSS vulnerabilities (PMASA-2016-11 boo#968938)
    * CVE-2016-2561: Multiple XSS vulnerabilities (PMASA-2016-12 boo#968941)
    * CVE-2016-2562: Vulnerability allowing man-in-the-middle attack on API call to GitHub (PMASA-2016-13 boo#968928)
    The following upstream bugs were fixed:
    * CREATE UNIQUE INDEX index type is not recognized by parser.
    * Row count wrong when grouping joined tables.
    * Column definition with default value and comment in CREATE TABLE expoerted faulty.
    * New statement but no delimiter and unexpected token with REPLACE.
    * Fixed incorrect usage of SQL parser context in SQL export
    * Fixed inclusion of gettext library from SQL parser
* Wed Feb 24 2016
  - phpMyAdmin 4.5.5
    * improvements to changing passwords on newer MariaDB servers
    * several fixes to the SQL parser
* Sat Jan 30 2016
  - update to (2016-01-28)
    - gh#11892 Error with PMA
    - gh#11896 Remove hard dependency on phpseclib
* Thu Jan 28 2016
  - phpMyAdmin 4.5.4
    The followinng vulnerabilities were fixed: (boo#964024)
    * CVE-2016-2038: Multiple full path disclosure vulnerabilities
    * CVE-2016-2039: Unsafe generation of XSRF/CSRF token
    * CVE-2016-2040: Multiple XSS vulnerabilities
    * CVE-2016-1927: Insecure password generation in JavaScript
    * CVE-2016-2041: Unsafe comparison of XSRF/CSRF token
    * CVE-2016-2042: Multiple full path disclosure vulnerabilities
    * CVE-2016-2043: XSS vulnerability in normalization page
    * CVE-2016-2044: Full path disclosure vulnerability in SQL parser
    * CVE-2016-2045: XSS vulnerability in SQL editor
  - update upstream singing keyring
* Sun Jan 10 2016
  - 4.5.x package was missing template - fix boo#961285
* Wed Jan 06 2016
  - fix for boo#960854
    * add missing dependency of php-json
* Mon Jan 04 2016
  - phpMyAdmin
    * Minimum requirement is PHP 5.5
  - Highlights of the 4.5.x.x series:
    * Improvements to the Console feature
    * Include structure in PDF export
    * Validate data before import
    * Support CHECKSUM TABLE operation
    * Improved operations regarding partitions
    * Alter privileges when renaming or copying a database or table
    * Several improvements related to speed and responsiveness
    * Improved print view
    * Use CTRL or ALT plus arrow keys to navigate in grid editor
    * Use plain-English destinations for
      $cfg['NavigationTreeDefaultTabTable'], $cfg['DefaultTabServer'],
      $cfg['DefaultTabDatabase'], and $cfg['DefaultTabTable'].
      The old style values will still work, but this makes it easier for
      new users to easily understand the destination links.
    * Integrate SQL debugging into Console
    * Restore row editing when no unique/primary key exists
    * Allow exporting one file per table and one file per database
    * Improvements to using multiple servers with the auth_type cookie
    * Support virtual columns (MySQL 5.7.5+)
    * Add or improve support for several MariaDB features including
      process list and virtual/persistent columns
    * Improved handling of cached data when upgrading phpMyAdmin
    * Add SHA256 security password support
* Tue Dec 29 2015
  - update to (2015-12-25)
  - Security fixes:
    * PMASA-2015-5 (CVE-2015-8669, CWE-661 CWE-200) boo#960282
    - [Security] Path disclosure, see PMASA-2015-6
* Mon Oct 26 2015
  - update to (2015-10-23)
    - gh#11464 phpMyAdmin suggests upgrading to newer version not
      usable on that system
  - Security fixes: [boo#951960]
    * PMASA-2015-5 (CVE-2015-7873, CWE-661 CWE-20)
    - fix issue [security] Content spoofing on url.php
* Sun Sep 20 2015
  - update to 4.4.15 (2015-09-20)
    - gh#11411 Undefined "replace" function on numeric scalar
    - gh#11421 Stored-proc / routine - broken parameter parsing
    - fix issue  Missing name for configuration read_as_multibytes
    - gh#11431 Incorrect "No row selected" message
    - gh#11447 MySQL 5.5 and the language system variable
    - gh#11452 Semantics of export and import icons are mixed up
    - gh#11451 Designer-Bug in move.js on multiple server
    - gh#11458 Invalid UTF-8 sequence in argument
    - gh#11457 Request URI too large
    - fix issue Invalid argument supplied for foreach()
    - gh#11461 Foreign key constraints for InnoDB tables with
      upper-case letters disabled
    - gh#11487 Warning when entering Query page
  - change entrys in changelog from sf to gh from 4.13.0 to now
* Thu Sep 17 2015
  - boo#945999 enable required apache modules in spec at install
* Fri Sep 11 2015
  - update (2015-09-08)
  - Security fixes: [boo#945420]
    * PMASA-2015-4 (CVE-2015-6830, CWE-661 CWE-307)
    - fix issue [security] reCaptcha bypass
* Tue Aug 25 2015
  - update to 4.4.14 (2015-08-20)
    - gh#11367 Export after search, missing WHERE clause
    - gh#11380 Incomplete message after import
    - fix issue Incorrect scalar type declaration
      (reported under PHP 7)
    - gh#11389 ReCaptcha produces deprecated messages under PHP 7
    - gh#11387 phpseclib < 2.0 produces deprecated messages on PHP 7
    - gh#11404 "Switch to copied table" doesn't work
    - gh#11406 Missing quotes after calling "distinct values"
    - gh#11386 Cannot import database with long data in one column
    - gh#11410 SPATIAL index option is not clickable
* Sun Aug 09 2015
  - update to (2015-08-08)
    - gh#11368 SQL error when importing phpMyAdmin dump file
* Sat Aug 08 2015
  - update to 4.4.13 (2015-08-07)
    - gh#1808 "Improve table structure" generates invalid SQL
    - fix issue Once checked "Show only active" checkbox is always
    - gh#1813 Delete rows using "Check All" is broken
    - fix issue Fix PHP 7 possible binding ambiguity
    - gh#11326 Exported schema includes all the tables of the
    - gh#11339 Results not displayed if query ends in delimiter and
    - gh#11320 Live edit of data fields is not working always
    - fix issue Table list in navigation collapses when entering into
      a table in another page
    - gh#11364 JS error while trying to auto navigate to db structure
      page when db creation has failed
* Tue Jul 21 2015
  - Apache configuration compatible with both 2.2 and 2.4
* Mon Jul 20 2015
  - update to 4.4.12 (2015-07-20)
    - Saved chart image does not have a proper name or an extension
    - sf#4976 Timepicker CSS issues in Original theme
    - sf#4975 Move/Copy/Rename operations on Table/Db fail on Drizzle server
    - sf#4826 Two inline edit windows
    - sf#4979 Problem when import *.ods file
    - Add missing head tag
    - sf#4985 Column headers move when scrolling
  - use smaller xz compressed archive
  - update Apache configuration to be compatible with 2.4
* Wed Jul 08 2015
  - update to 4.4.11 (2015-07-06)
    - fix bug Missing selected/entered values when editing active
    options in visual query builder
    - sf#4969 Autoload from prefs_storage not behaving properly
    - sf#4972 Incorrect length computed for binary data
    - fix bug Remove character set from create_tables_drizzle.sql
    - sf#4973 Users overview needs clarification
    - sf#4974 Creating a database from console doesn't update
      navigation panel
    - sf#4844 FAQ 1.17 needs an update
  - change sourcepath in spec
* Thu Jul 02 2015
  - switch upstream url to https
  - include signed release together with keyring to verify signatures
* Wed Jun 17 2015
  - add missing sql-scripts to doc
* Wed Jun 17 2015
  - update to 4.4.10 (2015-06-17)
    - sf#4950 Issues in database selection for replication
    - sf#4951 Trying to save chart as image crashes the browser
    - sf#4953 cant drag sql.gz file onto import input
    - sf#4960 Table creation results in GET request with missing
      server parameter that invalidates the session
    - sf#4961 Javascript error when Designer is opened
    - sf#4962 Insert by foreign key scrolls page to top
    - sf#4955 Clicking on the navi logo does not always work
    - fix bug External URL for $cfg['NavigationLogoLink'] causes
      JavaScript error when clicked
* Fri Jun 05 2015
  - update to 4.4.9 (2015-06-04)
    - sf#4920 relation view doesn't list fields of table in other
    - sf#4905 Sorting by an alias
    - sf#4931 False error before entering reCAPTCHA
    - sf#4909 central column with multiple server
    - sf#4937 Custom export with backquotes off is not working
    - sf#4908 Reverse proxy: infinite internal redirect
      (added warning in doc)
    - sf#4942 Export to gzip saves plain text under Chrome
* Thu May 28 2015
  - update to 4.4.8 (2015-05-28)
    - fix bug Allow accessing visual query builder when pmadb is not
    - sf#4893 Nav tree line alignment issue
    - sf#4911 Lock page icon is not shown after fresh reload
    - sf#4912 "Highlight pointer" and "Row marker" doesn't work
    - fix bug Browse foreigners window goes out of the window
    - sf#4918 Date field popup dialog position bug
    - fix bug In /setup, PMA_messages is not defined
    - sf#4924 Recaptcha failure
    - sf#4930 Database copy doesn't work for tables with more than
      one FULLTEXT index
    - sf#4929 Edit view structure doesn't load the algorithm
    - sf#4923 Do not limit table comments to 60 characters
* Sat May 16 2015
  - update to 4.4.7 (2015-05-16)
    - sf#4876 Settings issues (Favorite tables shown twice in
    - sf#4896 Non-styled error page when following results link
    - sf#4894 Deleting without confirmation
    - sf#4858 Issues with SQL autocomplete
    - sf#4897 Column hint in SQL autocomplete is sometimes not shown
    - sf#4898 JS error after selecting a field and press Enter
    - fix bug Honor proxy settings when getting Git commit
    - fix bug Missing title on link
    - sf#4512 ForceSSL Redirect Check
    - fix bug Undefined index collation_connection
    - fix bug Error when the reporting server is down
    - fix bug Escape database and table names for partition
    - fix bug Invalid value for CURLOPT_SSL_VERIFYPEER
    - sf#4367 Import status infinite loop
    - sf#4902 Designer: Loading does not work
    - sf#4904 Setup: Overview > Display does not work
    - sf#4906 Designer: pages from all databases
* Wed May 13 2015
  - update (2015-05-13)
    This update fixes several vulnerabilities
  - Security fixes:
    * PMASA-2015-2 (CVE-2015-3902, CWE-661 CWE-352)
    - sf#4899 [security] CSRF vulnerability in setup
    * PMASA-2015-3 ( CVE-2015-3903, CWE-661 CWE-295)
    - sf#4900 [security] Vulnerability allowing man-in-the-middle
* Thu May 07 2015
  - update to 4.4.6 (2015-05-07)
    - sf#4890 webkitStorageInfo and webkitIndexedDB is deprecated
    - sf#4892 Undefined variable: unique_conditions
    - sf#4891 CSV Import ignores "Replace table data with file"
* Tue May 05 2015
  - update to 4.4.5 (2015-05-05)
    - fix bug Table overhead stats: missing space before the unit
    - fix bug Fix resize icon in Designer
    - sf#4879 Exit fullscreen in Designer does not change
      the button text
    - sf#4880 Designer icons missing when using original theme
    - sf#4878 Column list of central columns is not cleared
    - sf#4881 jQuery dialogs of the Designer are not displayed in
    - sf#4883 Search function breaks when searching for certain
      combinations of backslashes and slashes
    - sf#4830 Maximum execution time exceeded in Util.class.php
      (better fix)
    - sf#4885 Some icons are above the overlay of jQuery dialogs
    - sf#4886 Clicking on external links in advisor rules give
      JS error
    - sf#4888 Filter in central columns does not work in other
* Sun Apr 26 2015
  - update to 4.4.4 (2015-04-26)
    - sf#4863 Edit vs Change
    - sf#4859 Don't scroll (to bottom) when editing multiple rows
    - sf#4862 Misaligned Inline edit field
    - sf#4861 Use of undefined constant PMA_DRIZZLE
    - sf#4865 sprintf(): Too few arguments
    - sf#4866 Limit column ordering in index edit dialog
    - sf#4867 Incorrect ALTER TABLE statement generated
    - sf#4870 Inconsistency in 'Ignore' checkbox in insert page
    - sf#4869 Drop column action not asking to confirm
    - sf#4871 Error on creating table
    - fix bug Undefined index: Rows
* Mon Apr 20 2015
  - update to 4.4.3 (2015-04-20)
    - sf#4851 PHP errors in login dialogue
    - sf#4845 White screen (Cloudflare)
    - sf#4207 json_encode error due to strftime returning non utf8
      chars in Windows 8.1 Chinese version
    - sf#4794 Server error viewing table content
    - fix bug Fix issues related to number of decimal places in time
    - sf#4853 Relation view between 1600 and 1780 px
    - fix bug PHP 7 compatibility in php-gettext
    - fix bug PHP 7 compatibility in bfShapeFiles
    - fix bug PHP 7 session_regenerate_id() warning
    - sf#4857 Alter table after changing column name error
    - sf#4830 Maximum execution time exceeded in Util.class.php
* Mon Apr 13 2015
  - update to 4.4.2 (2015-04-13)
    - sf#4835 PMA_hideShowConnection not called after
    - sf#4836 Server warning after moving from console to
      direct clicks
    - sf#4837 Duplicate new version notification when using
      the "Back" button
    - sf#4839 DOC link in setting is broken
    - sf#4841 Status page: Mislukte pogingen per uur value is
    - fix bug   MIME Transformation link fixed
    - sf#4838 Prevents console window from moving out of the
      screen height
    - sf#4829 Create procedure via SQL Editor not more possible
    - sf#4833 CSS and Javascript are not compressed
    - sf#4849 Functions accessed from navigation do not load on
      ajax dialog
    - sf#4850 Relation view on 1920
* Sat Apr 11 2015
  - update (2015-04-08)
    - sf#4846 Web server's error log is flooded
  - changes from 4.4.1 (2015-04-07)
    - sf#4813 MySQL 5.7.6 and the Users menu tab
    - sf#4818 MySQL 5.7.6 and changing the password for another user
    - sf#4819 Request URI too large
    - sf#4814 MySQL 5.7.6 and Databases
    - fix bug Use 'server' parameter in console to work in multi
      server environments
    - fix bug Missing tooltip in monitor
    - fix bug Missing sort icons in monitor
    - sf#4805 Inline edit broken when using functions in query
    - sf#4821 Timed-out import fails to restart when file represented
    - sf#4754 pMA DB not detected properly
    - sf#4825 Datepicker missing when changing number of rows on
      Insert page
    - sf#4824 INNODB STATUS page is empty
    - sf#4828 JavaScript is loaded in wrong order
    - sf#4827 TEXT formatting doesn't work after inline editing
    - sf#4822 Compress when php.ini output_buffering is active
    - sf#4832 Sorting distinct values result loses links
    - sf#4834 Do not attach token to css requests to improve caching
* Fri Apr 03 2015
  - update to 4.4.0 (2015-04-01)
    + rfe #1553 InnoDB presently supports one FULLTEXT index creation
      at a time
    + rfe #1562 Allow tracking multiple table at once from database
      level tracking page
    + rfe #1564 Improve action message on Tracking page
    + rfe #1566 Change value of "Number of rows:" when "Show all"
      is checked
    + rfe Focus console by clicking on white space
    + rfe #1507 Part 1: Cycle through console history with keyboard
      up/down arrows
    + rfe #1579 Default to primary key when adding relation
    + rfe #1572 User prefs: Diff-friendly JSON for config
    + rfe #1567 Sever Variables Table UI Improvements
    - sf#4675 phpMyAdmin should be able to work without 'examples'
      DIR - move SQL scripts to sql directory
    + rfe #1578 Warn about reserved word only when a column is
    + rfe #1590 Recaptcha API v2
    + rfe #1580 Individual Zeroconf PMA tables support
    + rfe #1525 Generate keys one per line
    + rfe #347 allow table with transformed column anywhere in
      FROM clause
    + rfe #1591 Shortcut link to search page
    + rfe #1568 Fold Add Column After / Before into dropdown
    - sf#4705 Table structure: adding primary key doesn't refresh
    + rfe #1582 SQL formatter
    + rfe #1597 Fast filter improvement: remove
      "x other results found"
    - sf#4720 No error message on Missing extension mbstring
    + rfe #801 Builtin transformations and relations
    + rfe #767 USING BTREE support for HEAP/MEMORY tables
    + rfe #1596 Make "Options > Relational" configurable
    + rfe #719 More details in PDF relation view
    + rfe #1096 Cannot enter connection for federated engine table
    + rfe #954 Allow SALT in ENCRYPT function
    + rfe #1260 Setting LoginCookieValidity > session.gc_maxlifetime
    + rfe Transformation for JSON
    - bug Fix isCanvasSupported for new window
    + rfe #1600 Clarify the "Inline" link
    + rfe #1179 Speed up slow triggers by using EVENT_OBJECT_SCHEMA
    + rfe #1192 ON DUPLICATE KEY UPDATE for loading CSV
    - bug fix Cannot execute command from console
      (multi-server installation)
    + rfe #1208 linking from information_schema
    + rfe #1235 Relation view: move to main "Structure" page
    + rfe #1558 Designer menu with explicit text
    + rfe #937 Relations with views like with tables
    + rfe #1241 Browse Field -> Search
    + rfe #723 Provide sanity check for table/column names
      (table names)
    + rfe #1312 SessionTimeZone configuration directive
    - bug fix Add missing confirmation when deleting tracking report
    + rfe Ability to disable foreign key check when emptying tables
    + rfe #1549 Reset auto-increment when exporting structure
    + rfe #1602 Recover query in redaction after session end
    + rfe #1605 After database creation, go to database structure
    + rfe #1604 Show PHP version
    - sf#4770 Multiple delete on table browse ignoring foreign key
    + rfe CodeMirror based SQL editor as an input transformation
    + rfe #1275 CodeMirror based JSON editor as an input
    + rfe #685 Editor for HTML content
    + rfe #1595 make professional code editor suggestion
    + rfe #1606 processlist filter
    + rfe Change tracking activation status from db level tracking
    + rfe #1207 Export users associated with a specific
    + rfe #1575 "Disable database expansion" : unclear directive name
      and explanation
    + rfe #1607 Tool tip for lock icon when making changes to a page
    + rfe #1327 Hide 'Add user' link if user does not have privileges
    + rfe #501 Support for SSL GRANT option
    + rfe #1608 Central columns allowing setting SIGNED / UNSIGNED
      attribute for integer
    + rfe #1441 Add regexp match when using AllowArbitraryServer
    - sf#4806 Unable to work with two different servers in two tabs
  - fix incorrect fsf-address
  - change pma.patch
* Sun Mar 29 2015
  - update to 4.3.13 (2015-03-29)
    - sf#4803 "Show hidden items" is sometimes hidden
    - sf#4807 Breaks when sorting by multiple columns
      while using UNION
    - sf#4798 Missing column when exporting in sql
    - sf#4810 Broken find and replace
    - sf#4804 Undefined Index after export schema
    - sf#4802 Changelog page is not working
    - sf#4815 Infinite calls to index.php
    - sf#4820 Invalid links to
    - sf#4718 simulate query fails, but actual query does not
* Sat Mar 14 2015
  - update to 4.3.12 (2015-03-14)
    - sf#4746 Right-aligned columns have left-aligned header
    - sf#4779 PMA_Util::parseEnumSetValues fails on enums with UTF-8
    - fix bug Undefined index savedsearcheswork
    - sf#4788 Inline edit of DATE fields with NULL, NULL checkbox is
      under datepicker
    - sf#4790 DROP TABLE/VIEW IF EXISTS are not tracked
    - fix bug Compatibility with central columns of version 4.4
    - sf#4758 Firefox with auth_type to http with multiple server
      doesn't work anymore
    - sf#4789 Views aren't dropped when copying a database
    - sf#4784 Incomplete bookmark saving
    - sf#4786 SELECT width on relations page
* Wed Mar 04 2015
  - update to (2015-03-04)
    This update fixes several vulnerabilities
  - Security fixes:
    * PMASA-2015-1 (CVE-2015-2206, CWE-661 CWE-352) [boo#920773]
    - fix bug [security] Risk of BREACH attack
* Wed Mar 04 2015
  - fix error displayed in Status/Advisor and not functional display
    of cpu and memory under Status/Monitor/
* Tue Mar 03 2015
  - update to 4.3.11 (2015-03-02)
    - sf#4774 SQL links are completely wrong
    - sf#4768 MariaDB: version mismatch
    - sf#4777 Some images are missing in Designer for original theme
    - sf#4767 Drizzle: undefined index in
    - sf#4753 Normal field and multi-line field have different
    - sf#4760 Cannot re-import settings from local storage
    - sf#4778 SQL error when database list is sorted by additional
    - sf#4780 Notice when timestamp column does not have default
* Fri Feb 20 2015
  - update to 4.3.10 (2015-02-20)
    - fix bug Undefined index navwork
    - sf#4744 Opening console scroll down the page
    - fix bug Remove extra column heading in view structure page
    - fix bug Add missing confirmation when deleting central columns
    - fix bug Undefined index DisableIS
    - sf#4763 Database export with more than 512 tables fails
    - sf#4769 Previously set column aliases are destroyed if returned
      to the same table
    - sf#4752 Incorrect page after creating table
    - sf#4771 Central Columns not working, showing error
* Fri Feb 06 2015
  - update to 4.3.9 (2015-02-05)
    - sf#4728 Incorrect headings in routine editor
    - sf#4730 Notice while browsing tables when phpmyadmin
      pma database exists, but not all the tables
    - sf#4729 Display original field when using "Relational display
      column" option and display column is empty
    - sf#4734 Default values for binary fields do not support
      binary values
    - sf#4736 Changing display options breaks query highlighting
    - fix bug Undefined index submit_type
    - sf#4738 Header lose align when scrolling in Firefox
    - sf#4741 in ./libraries/Advisor.class.php#184 vsprintf():
      Too few arguments
    - sf#4743 Unable to move cursor with keyboard in filter rows box
    - fix bug Incorrect link in doc
    - sf#4745 Tracking does not handle views properly
    - sf#4706 Schema export doesn't handle dots in db/table name
    - sf#3935 Table Header not displayed correct (Safari 5.0.5 Mac)
    - sf#4750 Disable renaming referenced columns
    - sf#4748 Column name center-aligned instead of left-aligned
      in Relations
* Sat Jan 24 2015
  - update to 4.3.8 (2015-01-24)
    - fix bug Undefined constant PMA_DRIZZLE
    - sf#4712 Wrongly positioned date-picker while Grid-Editing
    - sf#4714 Forced ORDER BY for own sql statements
    - sf#4721 Undefined property: stdClass::$version
    - sf#4719 'only_db' not working
    - sf#4700 Error text: Internal Server Error
    - sf#4722 Incorrect width table summary when favorite tables
      is disabled
    - sf#4716 Collapse all in navigation panel is sometimes broken
    - sf#4724 Cannot navigate in filtered table list
    - sf#4717 Database navigation menu broken when resolution/screen
      is changing
    - sf#4727 Collation column missing in database list
      when DisableIS is true
    - fix bug Undefined index central_columnswork
    - fix bug Undefined index favorite_tables
* Sat Jan 17 2015
  - update to 4.3.7 (2015-01-15)
    - sf#4694 js error on marking table as favorite in Safari (in private mode)
    - sf#4695 Changing $cfg['DefaultTabTable'] doesn't update link and title
    - fix bug Undefined index menuswork
    - fix bug Undefined index navwork
    - fix bug Undefined index central_columnswork
    - sf#4697 Server Status refresh not behaving as expected
    - fix bug Null argument in array_multisort()
    - sf#4699 Navigation panel should not hide icons based on 'TableNavigationLinksMode'
    - sf#4703 Unsaved schema page exported as pdf.pdf
    - sf#4707 Call to undefined method PMA_Schema_PDF::dieSchema()
    - sf#4702 URL is non RFC-2396 compatible in get_scripts.js.php
* Thu Jan 08 2015
  - update to 4.3.6 (2015-01-07)
    - fix bug Undefined index notices while configuring recent and
      favorite tables
    - sf#4687 Designer breaks without configuration storage
    - sf#4686 Select elements flicker and selects something else
    - sf#4689 Setup tool creates "pma__favorites" incorrectly
    - sf#4685 Call to a member function isUserType() on a non-object
    - sf#4691 Do not include console when no server is selected
    - sf#4688 File permissions in archive
    - sf#4692 Dynamic javascripts gives 500 when db selected
* Mon Jan 05 2015
  - fix for boo#911360
    * problems with pma__config enabled by default in phpMyAdmin
  - rework config patch
    * fix for pma storage config (disabled by default)
  - add phpMyAdmin-pma.patch
    * fix create_tables.sql
  - fix restart_on_update
* Mon Jan 05 2015
  - update to 4.3.5 (2015-01-05)
    - fix bug Auto-configuration: tables were not created
    - sf#4677 Advanced feature checker does not check for
      favorite tables feature
    - sf#4678 Some of the data stored in configuration storage
      are not deleted upon db or table delete
    - sf#4679 Setup does not allow providing a name for
      favorites table
    - sf#4680 Number of favorite table are not configurable in setup
    - sf#4681 'Central columns table' field in setup does not have
      a description
    - sf#4318 Default connection collation and sorting
    - sf#4683 Relational data is not properly updated on table rename
    - sf#4655 Undefined index: collation_connection (second patch)
    - sf#4682 4.3.3 & 4.3.4 Import sql created by mysqldump fails on
      foreign keys
    - sf#4676 Auto-configuration issues
    - sf#4416 New lines are removed when grid editing (part two: TEXT)
* Mon Dec 29 2014
  - update to 4.3.4 (2014-12-29)
    - sf#4653 Always connection error was shown, on /setup
      at tab "configuration storage"
    - sf#4661 Drag and drop file import always fails
    - sf#4651 don't open console with esc
    - sf#4664 select min() displays 1 row, but reports the table
      amount of rows returned
    - sf#4666 Undefined indexes in table stucture print view
      of a view
    - sf#4663 Export missing back ticks for order table name
    - sf#4668 Remove from central columns error
    - sf#4670 CSV import reads both commas and values into
      first column after first row
    - sf#4642 phpmyadmin often fails to load due to specific
      load order
    - sf#4671 Unable to move all columns
    - sf#4645 Import of export created with mysqldump
    - sf#4672 "Distinct values" does not page
    - sf#4667 Consistency in borders
    - sf#4658 Illegal string offset (Data_length, Index_length)
    - sf#4655 Undefined index: collation_connection
    - sf#4673 Delimiter causing page lock
* Sun Dec 21 2014
  - update to 4.3.3 (2014-12-21)
    - fix bug The "Recently used tables" setting should be with
      Nav panel
    - sf#4647 Can't disable Favorites
    - sf#4646 Version Check Broken
    - sf#4630 AJAX request infinite loop
    - sf#4649 Attributes field size smaller than others
    - sf#4622 Cannot remove table ordering on a Mac
    - fix bug Fix initial replication configuration
    - fix bug Undefined index central_columnswork
    - sf#4657 Don't have default blowfish_secret
    - sf#4656 Some error popups fade away too quickly
    - sf#4648 Consistency in borders
    - fix bug $cfg['Error_Handler']['display'] no longer necessary
    - sf#4659 Leading and trailing whitespace in column name
* Fri Dec 12 2014
  - update to 4.3.2 (2014-12-12)
    - sf#4628 PHP error while exporting schema as PDF
    - sf#4631 Server selector submits two server parameter values
    - sf#4629 Problem with custom SQL queries using cookie
    - fix bug Undefined index central_columnswork
    - sf#4632 Notice in ./libraries/Util.class.php#1916
      Undefined index: query
    - sf#4633 Wrong parameter in fetchValue
    - sf#4634 Error reporting creates an infinite loop
    - sf#4635 Token mismatch while creating configuration storage
    - sf#4640 Incorrect reference to PHP 6
    - sf#3794 failure to handle repeating empty columns when
      importing ODS
    - sf#4638 Default Export Method setting broken
    - sf#4639 Export SQL missing indentation first field
    - sf#4637 Field Alignment
    - sf#4644 Error when browsing tables
* Mon Dec 08 2014
  - update to 4.3.1 (2014-12-08)
    - sf#4609 'Show all' checkbox label is not clickable
    - sf#4610 JS error reporting: Hash fragment is reset
    - fix bug Undefined index menuswork
    - sf#4614 Separator between "Show All" and "Number of rows"
    - sf#4615 SQL highlighting in process list breaks on auto refresh
    - sf#4616 Warning in db structure print view page
    - fix bug Undefined index navwork, savedsearcheswork, fields
    - sf#4620 Undefined index while adding to the central
      columns list
    - sf#4618 Page scrolls while GIS visualization is zoomed in/out
      with mousewheel
    - sf#4613 HHVM: method 'ob_gzhandler' not found
    - sf#4593 Manual "SELECT" doesn't change active table
    - sf#4623 Incomplete PHP OpenSSL support
    - sf#4626 Ctrl + click on a column not in sort triggers a server
      call to erroneous url
    - sf#4625 "Insufficient space to save the file" on export SQL to
      file on server
    - sf#4627 "file_get_contents(examples/create_tables.sql): failed
      to open stream" after update
    - sf#4617 UI issues with sortable tables
    - sf#4619 SELECT LENGTH(`field`) FROM `table` does not sort
* Sat Dec 06 2014
  - update to 4.3.0 (2014-12-05)
    + rfe #1502 Smart sorting for int keys
    + rfe #1521 Confirmation message when dropping user(s)
    + rfe #1518 Confirm dialog on accidentally leaving a page
    + rfe #1445 Easy access to "SHOW CREATE ..."
    + rfe #1448 Allow clicking an approximate row count to get
      a correct one
    + rfe #1487 "Browse foreign values" should be a modal dialog
    + rfe #1523 Better visual clue for table structure
      primary key column
    + rfe #982 Support for editing binary fields in hexadecimal
    - sf#4416 New lines are removed when grid editing
    + rfe #706 Multi-db privileges adding
    + rfe #1527 Charts for data in <x-axis, series, value> format
    + rfe Allow saving query charts as images
    + rfe #1145 Preview SQL instead of executing it
    + rfe #759 Use aliases in SQL export for tables and columns
    - sf#4450 Query is duplicated on Ctrl+Enter
    + rfe #755 Export with table/column name changes
    + rfe #869 Run SQL query: Allow rollback for InnoDB tables
    + rfe #654 Range Search Capability
    + rfe #1490 Dynamic process list
    + rfe #1522 Drag and Drop SQL import
    + rfe #637 Custom Field Handlers
    + rfe #1488 User privilege tab not shown in all relevant cases
    + rfe #781 Privileges for non superuser
    + rfe #908 Improvements for the table editor (index creation)
    + rfe #1426 Navigation state lost on reload
    - sf#4439 Table list in left panel doesn't expand
    + rfe Improved validation when inserting data
    + rfe #1491 Support InnoDB for database Query by example
    + rfe #345 Normalize a table
    + rfe #1123 Zeroconf PMA tables support
    + rfe #1492 Remove the distinct query window / Add SQL
      log+history panel
    + rfe #919 Multiple-column foreign key relation
    - sf#3165 Redundant foreign keys not supported
    - fix bug Incorrect link to documentation
    + rfe #857 Regexp replace
    - fix bug Incorrect path in change password when on reverse proxy
      non-root directory
    + MariaDB 10+ multi-master replication support
    + rfe #1544 MySQL 5.7.5 compatibility
    + rfe #1529 Avoid session timeout when user is active
    - sf#4528 Can't import dump via SQL field
    + rfe #1251 Show "Overhead" with same precision for all tables
    + rfe #1546 Improve the js printf library
    + rfe #1542 Better error reporting in Designer
    - sf#4547 Micro history does not work in Users page
    - sf#4551 Wrong test in source code
    - sf#4537 BLOB inline-view JPG column transformation does
      not work for anything except simple queries
    + rfe #1535 Keyword-based autocompletion in SQL query editors
    - sf#4558 Unable to Add Rows while Creating Table
    + rfe #1547 Wrap No Tables Found message with message box
    - sf#4559 Logging in causes 100% CPU usage
    - sf#4564 Designer: spaces in table name with edit table link
      generates bad links
    - sf#4582 Debug SQL works only for the first page
    - sf#3869 Count(*) on information_scheme.INNODB_BUFFER_PAGE
      with a huge bufferpool
    - sf#4495 Comment lines in multiquery
    - sf#4535 Loads of Warnings/Notices in PMA_getServerSlaveStatus
      on replication slave
    - sf#4585 Multi query results not shown
    + rfe #1556 Disabling Show all
    - sf#4513 phpmyadmin run very slow (information_schema)
    - sf#4243 Super slow page rendering with tens of thousands of DBs
    - sf#4391 Upgraded to 4.2.0, insanely slow now
    + rfe #1537 PHP OpenSSL support for cookie encryption/decryption
    - sf#4227 Token mismatch when using HTTP AUTH and the SESSION
  - change all my old mail address in this changelog
    from ecsos@old.domain to
* Wed Dec 03 2014
  - update to (2014-12-03)
    This update fixes several vulnerabilities
  - Security fixes:
    * PMASA-2014-18 (CVE-2014-9219, CWE-661 CWE-79) [boo#908364]
    - sf#4612 [security] XSS vulnerability in redirection mechanism
    * PMASA-2014-17 (CVE-2014-9218, CWE-661 CWE-400) [boo#908363]
    - sf#4611 [security] DOS attack with long passwords
* Sun Nov 30 2014
  - update to 4.2.13 (2014-11-30)
    - sf#4604 Query history not being deleted
    - sf#4057 db/table query string parameters no longer work
    - sf#4605 Unseen messages in tracking
    - sf#4606 Tracking report export as SQL dump does not work
    - sf#4607 Syntax error during db_copy operation
    - sf#4608 SELECT permission issues with relations and restricted
* Thu Nov 20 2014
  - update to 4.2.12 (2014-11-20)
    This update fixes several vulnerabilities, as well as a number of
    other bug fixes.
  - Security fixes:
    * PMASA-2014-16 (CVE-2014-8961, CWE-661 CWE-23) [boo#906488]
    - sf#4595 [security] Path traversal can lead to leakage of
      line count
    * PMASA-2014-15 (CVE-2014-8960, CWE-661 CWE-79) [boo#906487]
    - sf#4596 [security] XSS through exception stack
    * PMASA-2014-14 (CVE-2014-8959, CWE-661 CWE-98) [boo#906486]
    - sf#4594 [security] Path traversal in file inclusion of
      GIS factory
    * PMASA-2014-13 (CVE-2014-8958, CWE-661 CWE-79) [boo#906485]
    - sf#4578 [security] XSS vulnerability in table print view
    - sf#4579 [security] XSS vulnerability in zoom search page
    - sf#4598 [security] XSS in multi submit
    - sf#4597 [security] XSS through pma_fontsize cookie
  - Other bug fixes:
    - sf#4574 Blank/white page when JavaScript disabled
    - sf#4577 Multi row actions cause full page reloads
    - fix ReferenceError: targeturl is not defined
    - fix Incorrect text/icon display in Tracking report
    - sf#4404 Recordset return from procedure display nothing
    - sf#4584 Edit dialog for routines is too long for
      smaller displays
    - sf#4586 Javascript error after moving a column
    - sf#4576 Issue with long comments on table columns
    - sf#4599 Input field unnecessarily selected on focus
    - sf#4602 Exporting selected rows exports all rows of the query
    - sf#4444 No insert statement produced in SQL export for
      queries with alias
    - sf#4603 Field disabled when internal relations used
* Fri Oct 31 2014
  - update to 4.2.11 (2014-10-31)
    - fix ReferenceError: Table_onover is not defined
    - sf#4552 Incorrect routines display for database due to case
      insensitive checks
    - sf#4259 reCaptcha sound session expired problem
    - sf#4557 PHP fatal error, undefined function __()
    - sf#4568 Date displayed incorrectly when charting a timeline
    - sf#4571 Database Privileges link does not work
    - fix makegrid.js: where_clause is undefined
    - sf#4572 missing trailing slash (import and open_basedir)
* Tue Oct 21 2014
  - phpMyAdmin [boo#902154] [CVE-2014-8326]
    This release fixes cross-site scripting vulnerabilities in the
    SQL debug output and server monitor pages. This developer option
    is not enabled by default.
    - sf#4562 [security] XSS in debug SQL output
    - sf#4563 [security] XSS in monitor query analyzer
* Sat Oct 11 2014
  - update to 4.2.10 (2014-10-11)
    - sf#4361 Can't change font size
      (when not present)
    - sf#4542 Tab key in column name not shown
    - fix bug PDF export: title not present in PDF
    - sf#4543 Changing column name can break saved "order by" clause
    - sf#4545 trying to favorite table while browser localStorage
      is disabled throws JS error
    - sf#4259 reCaptcha sound session expired problem
    - sf#4548 Inline editing a field converts tab to spaces
    - sf#4252 Database-level permission bug for db names containing
    - sf#3120 Events are not exported when using xml
    - sf#4554 Grid-editing timestamp column forces datepicker
    - sf#4556 Fast filters for tables, views etc. should be governed
      by NavigationTreeDisplayItemFilterMinimum
* Wed Oct 01 2014
  - phpMyAdmin [bnc#899452] [CVE-2014-7217]
    Contains a fix for a cross-site scripting vulnerability in the
    table search and table structure pages which could be trigged
    with a crafted ENUM value
    - sf#4544 [security] XSS vulnerabilities in table search and
      table structure pages
* Sat Sep 20 2014
  - update to 4.2.9 (2014-09-20)
    - fix bug ajax.js responseHandler: cannot read property of null
    - fix bug sql.js: str is undefined
    - sf#4524 Allow for direct selection of "0"
      on the "user overview" page
    - sf#4529 Undefined index: pos
    - sf#4523 tbl_change.js: insert as new row submit type on
      multiple selected records does not set all AUTO_INCREMENTs
      to 0 value
    - fix bug ajax.js responseHandler: another "cannot read property"
    - fix bug tbl_structure.js "cannot read property"
* Sun Sep 14 2014
  - fix for bnc#896635
    * update to (2014-09-13)
    * PMASA-2014-10 (CVE-2014-6300, CWE-661 CWE-352)
    - sf#4530 [security] DOM based XSS that results to a CSRF
      that creates a ROOT account in certain conditions
* Fri Sep 05 2014
  - rollback changes introduced by fix for bnc#894107 cause they
    broke apache pkg.
* Sun Aug 31 2014
  - update to 4.2.8 (2014-08-31)
    - sf#4516 Odd export behavior
    - sf#4519 Uncaught TypeError: Cannot read property 'success'
      of null
    - sf#4520 sql.js: cannot read property
    - sf#4521 Initially allowed chart types do not match selected
    - sf#4518 Export to SQL: CREATE TABLE option AUTO_INCREMENT
    - sf#4522 Duplicate column names while assigning index
    - sf#4487 Export of partitioned table does not import
    - fix bug server_privileges.js: cannot read property
    - sf#4527 Importing ODS files with column names having trailing
      spaces fails
    - sf#4413 Navigation Error in Nav Tree for Search Results Past
      the First Page
    - fix bug functions.js: Cannot read property 'replace' of undefined
* Fri Aug 29 2014
  - fix for bnc#894107
    * fix post/postun for systemd
* Tue Aug 19 2014
  - fix changes file
    * add missing PMASA / CVE info
* Mon Aug 18 2014
  - fix for bnc#892401
    * update to
    * PMASA-2014-8 (CVE-2014-5273, CWE-661 CWE-79)
    - sf#4501 [security] XSS in table browse page
    - sf#4502 [security] Self-XSS in enum value editor
    - sf#4503 [security] Self-XSSes in monitor
    - sf#4504 [security] Self-XSS in query charts
    - sf#4517 [security] XSS in relation view
    * PMASA-2014-9 (CVE-2014-5274, CWE-661 CWE-79)
    - sf#4505 [security] XSS in view operations page
* Thu Jul 31 2014
  - update to 4.2.7 (2014-07-31)
    - sf Broken links on home page
    - sf#4494 Overlap in navigation panel
    - sf#4427 Action icons not in horizontal order
    - sf#4493 s_attention.png is missing
    - sf#4499 Uncaught TypeError: Cannot call method 'substr' of undefined
    - sf#4498 PMA 4.2.x and HHVM
    - sf#4500 mysql_doc_template is not defined
* Fri Jul 18 2014
  - update to 4.2.6 (2014-07-17)
    - sf#4471 Undefined index warning with referenced column.
    - sf#4027 $cfg['MaxExactCount'] is ignored when BROWSING is
    - sf#4482 Multi Column sorting (improved user experience)
    - sf#4478 Server validation does not work while in setup/mysqli
    - sf Undefined variable when grid editing a foreign key column
    - sf#4481 Undefined variable Error
    - sf#4485 Sorting breaks the copy column feature
    - sf#4440 Javascript error when renaming table
    - sf#4483 'New window' link (selflink) disappears, causing
      Javascript error
    - sf#4489 Incorrect detection of privileges for routine
    - sf#4459 First few characters of database name aren't
      clickable when expanded
    - fix for PMASA-2014-4 (CVE-2014-4954, CWE-661, CWE-79)
    * sf#4486 [security] XSS injection due to unescaped table
    - fix for PMASA-2014-5 (CVE-2014-4955, CWE-661, CWE-79)
    * sf#4488 [security] XSS injection due to unescaped table name
    - fix for PMASA-2014-6 (CVE-2014-4986, CWE-661, CWE-79)
    * sf#4492 [security] XSS in AJAX confirmation messages
    - fix for PMASA-2014-7 (CVE-2014-4987, CWE-661)
    * sf#4491 [security] Missing validation for accessing User
      groups feature
* Thu Jun 26 2014
  - update to 4.2.5 (2014-06-26)
    - sf#4467 shell_exec() has been disabled for security reasons
    - sf#4470 Error while submitting empty query
    - sf#4463 Fatal error: Class 'PMA_DatabaseInterface' not found
    - sf#4469 Fixed cookie based login for installations without mcrypt
    - sf#4473 incorrect result count when having clause is used
    - mcrypt: remove the requirement (64-bit) and the related warning
* Sat Jun 21 2014
  - update to 4.2.4 (2014-06-20)
    - sf#4449 Mediawiki export does not produce table header row;
      also fix related PHP warnings
    - sf#4442 New lines are added to query every time
    - sf#4445 Fatal error on SQL Export of join query
    - sf#4448 Dump binary columns in hexadecimal notation not working
    - Regenerate cookie encryption IV for every session
    - sf#4405 Cannot import (open_basedir): fix another case
    - sf#4457 SQL tab - Insert queries not showing affected row count
    - bug Missing warning about existing account, on multi-server config
    - sf#4435 WHERE clause can be undefined
    - bug SQL export views as tables option getting ignored
    * fix for PMASA-2014-3 ( CVE-2014-4349, CWE-661, CWE-79 )
    - sf#4464 [security] XSS injection due to unescaped db/table name
      in navigation hiding
    * fix for PMASA-2014-2 ( CVE-2014-4348, CWE-661, CWE-79 )
    - sf#4465 [security] XSS injection due to unescaped db/table name
      in recent/favorite tables
* Mon Jun 09 2014
  - update to 4.2.3:
    - sf#4423 Moving fields not working
    - sf#4424 Table indexes disappear after altering field
    - sf#4432 Error while displaying chart at server level
    - sf#4405 Cannot import (open_basedir)
    - sf#4396 Problem copying constraints (such as Sakila)
    - sf#4433 Missing privileges submenu
    - sf#4394 Drop db confirmation message when dropping a user
    - sf#4436 Insert form numeric field with function drop-down list
    - sf#4437 Problems due to missing enforcement of the minimum
      supported MySQL version
    - Add enforcement of the minimum supported PHP version (5.3.0)
    - bug: Query error on submitting a column change form containing
      a disabled input field
    - bug: Incorrect menu tab generation from usergroups
    - bug: Missing space in index creation/edit generated query
    - sf#4434 Unchecking 'Show SQL queries' results NaN
* Tue May 20 2014
  - update to 4.2.2 (2014-05-20)
    - sf#4388 Disable database expansion when enabled throws Error 500
      when database name is clicked in navigation tree
    - sf#4414 table display of performance_schema DB structure
    - sf#4411 Protect Binary Columns: many problems
    - sf#4395 BLOB link transformation is broken
    - sf Respect ['ShowCreateDb'] in the navi panel
    - sf#4392 Cannot see databases in nav panel on databases grouping
      when disabled database expansion
    - sf#4419 No more calendar into search tab
    - sf#4398 Monitor should fit into screen width
    - sf#4418 When copying databases, primary key attributes get lost
    - sf#4421 empty maxInputVars on js/messages.php
* Tue May 13 2014
  - update to 4.2.1 (2014-05-13)
    - sf#4380 Cannot display table structure with enums
      containing special characters
    - sf#4381 Cannot remove the last remembered sorted column
    - sf Correctly fetch length of user and host fields in MySQL tables
    - sf#4364 examples/signon.php does not support
      the SessionSavePath directive
    - sf#4382 Missing source for OpenLayers library
    - sf Incorrect attributes for number fields
    - sf#4383 Cannot update values in Zoom search
    - sf#4313 GIS Visualization Extension does not work
      with PointFromText() function
    - sf#4384 Incorrect "Rows" total shown when truncating
      or dropping a table on DB Structure page
    - sf#4385 Grid edit on sorted columns fails
    - sf#4389 Null checkbox covering data input when editing
    - sf#4390 Data type changing by itself
      (no size but attribute present)
* Thu May 08 2014
  - update to 4.2.0 (2014-05-08)
    + rfe #1403 Export only triggers
    + rfe #1483 Export Server/Database/Table without triggers
    + rfe #1662 Add table comment tool tip in database structure page
    + rfe #1447 Single table for display Character Sets and Collations
    + rfe #1455 Display icons/text/both for the table row actions
    + rfe #1473 Transformation to convert Boolean value to text
    - sf#4157 Changing users password will delete it
    + rfe #1474 Text transformation combines Append and Prepend
    + Added warning about the mysql extension being deprecated
      and removed the extension directive
    + Added support for scatter charts
    + rfe #1478 Make Column Headings Sticky
    + rfe #1480 Enhance privileges initials table
    + rfe #1472 [interface] Break "Edit privileges" with sub-menus
    + rfe #1466 Minor refactoring required
    + rfe #1004 Create indexes at the end in SQL export
    + rfe #1479 Relations edit form for larger monitors
    + rfe #1475 Inline query box vertical resize
    + rfe #1500 [interface] Add bottom border to top menu container
    + rfe #1498 Add datepicker for 'TIME' type
    - sf#4237 HTTP Referer disclosure in SQL links
    + rfe Show full names on navigation hover
    + rfe #1505 Behaviour on click on a routine in nav panel
    + rfe #1418 Support more than one separating character on CSV import
    + rfe #569 Load/Save Query By Example
    - sf#4281 Grid edit ENUM field, dialog disappears when trying to select
    - sf#4304 DB export using zip compression generates an empty archive
    + rfe #1508 confirmation message at the top
    - sf#4306 breadcrubs wrong on table create
    + rfe #1511 better validate database name for copying
    + rfe #1510 Database tab "Drop" button should be a link
    + rfe #1513 Highlight required form fields after failed submission
    + rfe #1460 Redirect to login page after session has expired
    - sf#4316 Grid edit: can't change month on date fields
    + rfe #1501 add maxlength by field with length-spec
    + rfe #1512 Import happily doesn't do anything with no file name provided
    + rfe #1514 Add function to all the insert boxes automatically
    + rfe #1515 Option to skip tables larger than n
    + rfe #1486 Possibility of disabling database expansion
    + rfe #1476 Favourite tables select box
    + rfe #420 $cfg['CharEditing']='textarea' for structure edit
    + rfe #1329 Avoid editing of fields which are part of relation
    + rfe [interface] Highlight active left menu item in setup
    + rfe Filter on-screen rows during Browse
      Removed support for SQL Validator (SOAP service no longer offered)
    - sf#4352 Settings > Manage: incorrect messages
    - sf#4337 "More" in Actions area doesn't collapse to fit available space
    - sf#4375 Group two DB, one's name is the prefix of the other one
    - sf#4070 Confusing database/table grouping
    - sf#4366 Creating Index doesn't update index-list
* Sat Apr 26 2014
  - phpMyAdmin 4.1.14
    * sf#4365 Creating bookmark with multiple queries not working
    * sf#4372 Changing browser transformation results in unnecessary
      table rebuild
    * sf#4375 Group two DB, one's name is the prefix of the other one
    * sf#4376 [interface] Login fields show in separate line
* Sun Apr 13 2014
  - update to 4.1.13 (2014-04-13)
    * sf#4279 CTRL + up or down moves 2 fields
    * sf#4336 List server css style wrong
    * sf      Missing value on the Status > Server page
    * sf#4347 Fixed PHP Parse error in Advisor
    * sf#4350 Deleting the DB if it is renamed by the same name
    * sf#4353 makeProfilingChart is not defined
    * sf#4355 Precision specifier for DOUBLE type is truncated
    * sf#4346 Incorrect "Export incomplete" message
    * sf#4359 Notices on create table page
    * sf#4356 GROUPed selects show number of rows as if not grouped
    * sf#4357 JS Form submitted on "enter" even if focus
      is inside a select field
* Thu Mar 27 2014
  - update to 4.1.12 (2014-03-27)
    * sf#4334 Add event : datepicker won't open
    * sf#4338 Fix missing value error while executing SQL query
    * TCPDF library is now optional dependency
    * sf#4326 Cannot find the import plugins which start with uppercase 'I'
* Sat Mar 22 2014
  - phpMyAdmin 4.1.11:
    * sf#4335 reCaptcha problem (4.1.10 regression)
* Sat Mar 22 2014
  - update to 4.1.10 (2014-03-22)
    * sf#4301 Grid edit: "SELECT" query is replaced by "UPDATE"
      query after edit
    * sf#4278 reCaptcha re-login requires double effort
    * sf#4324 Datepicker not showing up on insert page
    * sf#3991 Problem selecting item in select boxes
      with the ENTER keystroke in some browsers
    * sf#4323 QueryWindow ignores CodeMirror
    * sf      None of the live charts shown on "Status -> Monitor" (Chrome)
* Sat Mar 08 2014
  - update to 4.1.9 (2014-03-06)
    * sf#4279 CTRL + up or down moves two fields (part one)
    * sf#4294 output as text radio clickable for "OpenDocument Text" export
    * sf#4297 DROP DATABASE tick box in export no longer works
    * sf#4291 Unable to export comments in OpenDocument text format
    * sf#4299 Deletion even when the user says "No" to the confirmation message
    * sf#4303 "New" link in navi panel is shown even if no privileges
    * sf#4302 Some params are being omitted from microhistory
    * sf#4298 Missing validation on Import CSV: "Columns enclosed with"
      and "Columns escaped with"
    * sf#4040 Fatal error while resetting settings
    * sf#4305 JS error when editing procedure from nav panel
    * sf#4308 Edit routine form submitting when pressing enter
    * sf#4307 Nav: "Columns" won't expand with specific schema
* Wed Feb 26 2014
  - fix changes file
* Sat Feb 22 2014
  - update to 4.1.8 (2014-02-22)
    * sf#4276 Login loop on session expiry
    * sf#4249 Incorrect number of result rows for SQL with subqueries
    * sf#4275 Broken Link to php extension manual
    * sf#4053 List of procedures is not displayed after executing with Enter
    * sf#4081 Setup page content shifted to the right edge of its tabs
    * sf#4284 Reordering a column erases comments for other columns
    * sf#4286 Open "Browse" in a new tab
    * sf#4287 Printview - Always one column too much
    * sf#4288 Expand database (+ icon) after timeout doesn't do anything
    * sf#4285 Fixed CSS for setup
    * Fixed altering table to DOUBLE/FLOAT field
    * sf#4292 Success message and failure message being shown together
    * sf#4293 opening new tab (using selflink) for import.php based actions
      results in error and logout
* Sun Feb 09 2014
  - fix for bnc#864917
    * PMASA-2014-1 ( CVE-2014-1879, CWE-661 CWE-79)
    * update to >= 4.1.7
  - update to 4.1.7 (2014-02-09)
    * sf#4245 initial Browse query does not match sorting order
    * sf#4250 Notice on export page
    * sf#4253 "New" text in navigation frame acts like a database
    * sf#4262 Cannot define a column with fractional seconds
    * sf#4265 Missing datepicker icon for DATETIME(length)
    * sf#4257 Hide fractional seconds when applicable
    * sf#4264 Uncheck "Ignore" while inserting, upon leaving a textarea
    * sf#4260 reCaptcha is ignoring language settings
    * sf#4259 reCaptcha sound session expired problem
    * sf#4263 Japanese character encoding not working properly when exporting
    * sf#4269 Notice on table relation page
    * sf#4270 Bad text-color for table comments
    * sf#4278 reCaptcha re-login requires double effort
    * sf#4272 Incorrect tabindex
    * sf#4271 Query by example and the second criteria line
    * sf#4242 Wildcard-containing only_db failure in sidebar
* Sun Jan 26 2014
  - update to 4.1.6 (2014-01-26)
    * sf#4232 User not found after creating the user
    * sf#4241 Confusing dialog when trying to create an already existing user
    * sf#4239 Missing LIMIT clause for some queries
    * rfe #1489 Do not show create icon when user has no privileges
    * sf#4218 Chrome behavior with date fields
    * sf#3579 NOW() function incorrectly selected (regression)
    * sf#4244 Advisor complaints about MariaDB 10.x is version less than 5.1
    * sf#3889 When login fails and error display is active, login data is displayed (regression)
    * sf#4247 open_basedir warnings on export page
    * sf#4013 AJAX request waiting until version info is retrieved
    * sf#4248 js error when changing number of columns in status monitor
* Fri Jan 17 2014
  - phpMyAdmin 4.1.5
    * sf#3780 Allow aborting loading pages
    * sf#4223 Database list: Create database misses collation column
    * sf#4224 Empty table names when a table is "inuse"
    * sf#4225 Partition maintenance broken
    * sf#4219 Table list (left panel) does not reload when table renamed
    * sf#4230 "in use" displayed for all views in database print view
    * sf#4226 Notice: Undefined index: pma_config_loading
    * sf#4221 Bzip2 export cannot be directly imported (so withdraw bz2 export)
    * sf#4204 Reloading user privileges hides user groups submenu
    * sf#4231 DATE columns quick edit decrement by one day
* Wed Jan 08 2014
  - update to 4.1.4 (2014-01-07)
    * sf#3840 (additional fix) When exporting to gzip format, the data is compressed 2 times
    * sf#4209 Missing compression in one case
    * sf#4208 Can't browse tables after sorting on columns with fieldnames that have a '-'
    * sf#4184 Switch to wrong page after adding an index
    * sf#3885 Additional fix for this bug
    * sf#4212 Table "disappears" if it has the same name as its tablegroup
    * sf#4213 Datetime Quick Edit decrements by one day
    * sf#4217 Current value not highlighted when browsing foreign values
    * sf#4220 Incorrect key values in foreign key browser
    * sf#4215 MariaDB 5.5: error in Drizzle detection
* Wed Jan 01 2014
  - add source URL, see
* Wed Jan 01 2014
  - update to 4.1.3 (2013-12-31)
    * sf#3938 PDFDefaultPageSize doc and easy configurability
    * sf#4198 Hovering over pie chart gives fatal JS error
    * sf#4200 Missing syntax highlighting
    * sf#4201 Exports are not compressed
    * sf#4131 Import: "number of rows to skip" is ambiguous
    * sf#4205 Add a user shows additional "edit user group" link
    * sf#4202 Cannot read property 'token' of undefined
    * sf#4203 On refreshing designer, $.FullScreen is undefined
    * sf#3920 Lost space in navigation area
  - Fix python-bytecode-inconsistent-mtime
* Mon Dec 23 2013
  - update to 4.1.2 (2013-12-23)
    * sf#4178 Quick edit for BIT type does not work
    * sf#2760 Warn about incomplete exports
    * sf#4190 Fractional seconds cause row update even if the value is not changed
    * sf#4170 Overflow scroll for table grid is not a good solution
    * sf#2961 Relations settings not updated on config change
    * sf#4187 SQL query inline edit doesn't post changes on the first run
    * rfe #1465 Docs for connections to IPv6 only MySQL instances
    * rfe #1468 [interface] No floating for server breadcrumb menu
* Tue Dec 17 2013
  - update to 4.1.1 (2013-12-17)
    * sf#4154 Error using UNION query
    * sf#4173 Transformations overview not reachable
    * sf#4149 Js freezes in the management of replication
    * sf#3903 Query fails when using aliases after ordering result
    * sf#4181 Adding columns in table creation clears existing columns
    * sf#4023 Requires wildcard EXECUTE/ALTER ROUTINE on DB to allow
    Procedures to be executed by user
    * sf#4186 Adding a column when creating a table does not propagate index info
    * sf#4185 Unable to execute create procedure statement from query window
* Sun Dec 15 2013
  - update to 4.1.0 (2013-12-11)
    * rfe #499 On user creation, warn if the user already exists
    * Use indeterminate check all checkbox in server privileges
    * Break server_status.php functions into smaller functions
    * PMA_DBI functions in database_interface.lib.php renamed to be compliant with PEAR standards
    * [interface] Make warning about existing config directory clearer
    * rfe #1414 Allow specifying controlport
    * PMA_DBI functions in database interface libraries renamed to be compliant with PEAR standards
    * rfe #1412 Creating a view from an empty set of results
    * Improved layout on db and table operations pages
    * rfe #1410 Added support for AES_ENCRYPT for blob fields
    * rfe #1423 Clarify option text for icon/text settings
    * [interface] Upgraded CodeMirror to 3.x series
    * rfe #1363 Improved query profiler
    * [interface] rfe #1429 Better suggestion for database name
    * rfe #1433 Support relations with ndbcluster
    * sf#3962 Proper escaping of JSON export
    * rfe #1382 Optional ReCAPTCHA support
    * rfe #1434 Improvements to the table browsing navigation bar
    * rfe #1233 and rfe #1283 Improvements to Relation View interface
    * rfe #1397 Use fractional seconds in time, datetime, and timestamp
    * rfe #175 Allow cross-database relations
    * [core] Dropped support for PHP 5.2.
    * rfe #487 and rfe #1405 Find and Replacing column wise
    * rfe #1373 Use same create view dialog for editing a view
    * rfe #316 Configurable menus; allow user groups with customized menus per group
    * sf#4024 Editing field a record is selected by makes pma load forever
    * sf#4035 Query "inline" link disappears when turning off "Explain SQL" option
    * rfe #1385 Hide tables, functions, procedures, events and views in navigation tree
    * rfe #1321 Export view as if it was a table
    * Dropped configuration directive: SQP
    * Dropped configuration directive: MySQLManual*
    * rfe #1041 and bug #2954 Improved support for SSL connections between MySQL and phpMyAdmin
    * sf#4056 Language: Vague error message when adding a varchar field
    * [setup] rfe #1452 Use type="password" for server passwords
    * rfe #1451 HTML5 input tag enhancements
    * sf#1193 Text field too small when editing a row longer than $cfg['LimitChars']
    * Privileges tab for table level
    * sf#4068 Headline in operations not readable in IE10
    * sf#4000 "Table does not contain unique column" message appears after adding a unique column
    * rfe #1428 add 'new database' entry to nav tree
    * rfe #1457 Stone Age icon found
    * rfe #1463 Filter tables and databases by regular expression
    * Change the proxy variable names in the config to remove the VersionCheck prefix from them
    * Added an Error Reporting Component
    * Javascript files are no longer uglified
    * sf#4145 Config screen fails to validate MemoryLimit = -1 (new default)
    * sf#4123 Double config including
    * sf#4134 After deleting all rows on a page, it returns to a blank page
    * Dropped configuration directive: DisableIS, ShowDatabasesCommand
    * sf#4152 Not possible to enter % for search in date fields
    * sf#3931 IN Clause search does not permit multiple values
    * sf#4086 Clicking OK from edit popup opens new tab
    * sf#2983 unknown table status: TABLE_TYPE
    * sf#4030 ORDER BY SUM(`field`) does not sort DESC
    * sf#4133 CSV import breaks when no blank line at end of file
    * sf#4153 Unable to import if newline encoding is MAC style
    * sf#4096 horizontal scrollbar should not overflow on the left column
    * sf#4159 bug with navigation between database and table filter
    * sf#4119 Huge session data with $cfg['Error_Handler']['gather']
    * sf#4169 Table list jumps to table on click
    * sf#4168 Rename multiple columns is not working
* Fri Dec 06 2013
  - update to 4.0.10 (2013-12-04)
    * sf#4150 Clicking database name in query window opens a new tab
    * sf#4141 Wrong page is shown after editing; also, do not show a modal
    dialog for multi-row edit
    * sf#3939 PHP NavigationTree error when paging through list
    * sf#4075 Support A10 Networks load balancer
    * sf#4083 row deleting isn't binlogs friendly
    * sf#4163 Setup script does not recognize manually-configured server
    * sf#4158 Events page says no privileges with ALL PRIVILEGES
* Sun Nov 10 2013
  - update to 4.0.9 (2013-11-04)
    * sf#4104 Can't edit updatable view when searching
    * sf#4108 Missing refresh by deleting databases
    * sf#3995 Drizzle server charset notice
    * sf#3911 Filtering database names includes empty groupings
    * sf#3678 Does not display or manipulate bit(64) fields appropriately
    * sf#4129 Unneeded navi panel refresh
    * sf#4120 SSL redirects to port 80
    * sf#4144 DROP DATABASE displays wrong database name
    * sf#4059 Running delete query asks for confirmation but says it was already executed
    * sf#4147 Accessibility: Images without Alt nor title attribute
* Mon Oct 07 2013
  - update to 4.0.8 (2013-10-06)
    * sf#3988 Rename view is not working
    * sf#4041 Interaction between linkified fields and grid editing
    * sf#3975 Table grouping isn't implemented properly
    * sf#4060 Browser tries to remember wrong password when creating new user
    * sf#4002 Edit Index on big table doesn't show "Loading" or any message
    * sf#4098 Default table tab is ignored
    * sf#4099 Server/library difference warning: setting is ignored
    * sf#4100 table tree group strategy
    * sf#4102 ALTER TABLE ORDER BY and InnoDB
    * sf#4103 Tracking report: cannot delete a statement
    * sf#3996 Drizzle navigation doesn't expand
    * sf#4074 GIS column editor: point not displayed
    * sf#4109 Drizzle tables in navigation are shown as views
    * sf#4095 NUL symbols added to the end of database dump file
    * sf#4105 More disappears in table Structure
    * sf#3992 Multi-row edit doesn't clear values when checking NULL
* Sun Sep 29 2013
  - update to 4.0.7 (2013-09-23)
    * sf#3993 Sorting in database overview with statistics doesn't work
    * bug Handle the situation where PHP_SELF is not set
    * sf#4080 Overwrite existing file not obeyed
    * sf#3929 Database-specific privileges are not copied when cloning user
    * sf#3997 Error handling in case MySQL extension is missing
    * sf#4089 Moving Columns will alter column definition
    * sf#4091 Insert ignore option does not work
    * sf#4090 Downloading BLOB downloads page template
    * sf#4092 Clicking on table name in view of information_schema redirects to wrong page
    * sf#4079 Copy Table Add AUTO_INCREMENT value checkbox not working
    * sf#4088 MySQL server version at index.php incorrect w/ controlhost
    * sf#4001 Import error: Class 'ImportOds' not found
    * sf#3986 Missing DROP VIEW button
* Sat Sep 07 2013
  - update to 4.0.6 (2013-09-05)
    * sf#4036 Call to undefined function mb_detect_encoding (clarify the doc)
    * sf Missing hints when changing a column's structure
    * sf#4048 Cannot select foreign value in Search
    * sf#4025 gzip export is not actually compressed with mod_deflate
    * sf#4054 query analysis doesn't launch in status monitor
    * Add pmahomme icon credits (FamFamFam silk icon set)
    * sf#4064 Table structure statistics "Space usage" caption too small for l10n
    * sf#4051 Wrong tabindex when inserting rows
    * sf#4066 varchar field not truncated in table browse mode
    * rfe #1435 Opening database should expand it in the navigation menu
    * (performance) Removed ShowTooltip directive
    * sf#4046 Exporting huge Tables causes memory-Problems
* Wed Aug 07 2013
  - fix for bnc#833731
    * PMASA-2013-10 (CVE-2013-5029 CWE-661 CWE-693)
* Mon Aug 05 2013
  - update to 4.0.5 (2013-08-04)
    * sf#3977 Not detected configuration storage
    * sf#3970 Pressing enter in the filter field reloads page
    * sf#3984 Cannot insert in this table (PHP < 5.4)
    * sf#3989 Reloading privileges does not update the interface
    * sf#3960 NavigationBarIconic config not honored
    * sf#3985 Call to undefined function mb_detect_encoding
    * sf#4007 Analyze option not shown for InnoDB tables
    * sf#4015 Forcing a storage engine for configuration storage
    * bug Incorrect Drizzle 7 detection
    * sf#4019 Create database if not exists (export): add an option to the
      interface to enable generating CREATE DATABASE and USE (false by default)
    * sf#4012 Crash on CSV file import
    * sf#4009 Statistic Monitor shows only last 3 digits in graph
    * sf#3998 Non-permanent SQL history not working
    * sf#3578 Transformations for text/plain on a BLOB column
    * [security] Improved protection against cross framing, see PMASA-2013-10
      (CVE-2013-5029 CWE-661 CWE-693)
    * Reinstated configuration directive: AllowThirdPartyFraming
  - fix for bug sf#4038: PMASA-2013-8 not mentioned in changes
  - add CVEs to changes
* Mon Jul 29 2013
  - fix for bnc#831896
    * multiple XSS issues (+ a SQL injection and full path disclosure flaw)
    * fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79)
    * fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80)
    * fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79)
    * fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200)
    * fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80)
    * fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79)
    * fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269)
  - update to (2013-07-28)
    * [security] fix unescaped parameter, see PMASA-2013-8
    * [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
    * [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
    * [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
    * [security] Fix full path disclosure, see PMASA-2013-12
    * [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15
    * [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15
    * [security] Fix self-XSS in schema export, see PMASA-2013-14
    * [security] Fix unencoded json object, see PMASA-2013-11
    * [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13
* Wed Jul 03 2013
  - update to (2013-06-30)
    * [security] Global variables scope injection vulnerability
      (PMASA-2013-7, CVE-2013-4729)
* Tue Jun 18 2013
  - update to 4.0.4 (2013-06-17)
    * sf#3959 Using DefaultTabDatabase in NavigationTree for Database Click
    * sf#3961 Avoid Suhosin warning when in simulation mode
    * sf#3897 Row Statistics and Space usage bugs
    * sf#3966 Only display "table has no unique column" message when applicable
    * sf#3960 NavigationBarIconic config not honored
    * sf#3965 Default language wrong with zh-TW
    * sf#3921 Call to undefined function PMA_isSuperuser() if default server is not set
    * sf#3971 Ctrl/shift + click opens links in same window
    * sf#3964 Import using https does not work
    * fix bug Missing removeCRLF option in ExportCsv and ExportExcel plugins
    * sf#3631 Drop not working Visio schema export.
    * sf#3645 Better handling of invalid ODS documents
    * sf#3976 Number of pages
    * sf#3922 User privileges, database name unescaped
* Wed Jun 12 2013
  - fix changelog
    * add missing 'fix for bnc#xxxxxx
* Thu Jun 06 2013
  - update to 4.0.3 (2013-06-05)
    * sf#3941 Recent tables list always empty
    * sf#3933 Do not translate "Open Document" in export settings
    * sf#3927 List of tables is missing after expanding in the navigation frame
    * sf#3942 Warnings about reserved word for many non reserved words
    * sf#3912 Exporting row selection, resulted by ORDER BY query
    * sf#3957 Cookies must be enabled past this point
    * sf#3956 "Browse foreign values" search filter / page selector not working
    * sf#3579 NOW() function incorrectly selected (partial regression)
    * [security] Javascript execution vulnerability in Create view,
      reported by Maxim Rupp (see PMASA-2013-6)
  - fix for bnc#824306
    * PMASA-2013-6 (CVE-2013-3242)
* Sat May 25 2013
  - update to 4.0.2 (2013-05-24)
    * sf#3902 Cannot browse when table name contains keyword "call"
    * center loading indicator for navigation refresh, related to bug #3920
    * sf#3925 Table sorting in navigation panel is case-sensitive
    * sf#3915 Import of CSV file (Replace table data with file) with duplicate values
    * sf#3907 undefined variables, function parameter problems
    * sf#3898 Structure not refreshed after column drop
    * sf#3926 View is not updatable
    * sf#3919 PropertiesIconic not honored
    * sf#3930 Databases to choose for specific privileges show up escaped
    * sf#3910 Export database with empty table as a php array, does not produce valid PHP
    * sf#3936 Query profiler chart not loading from SQL Query page
    * sf#3946 Missing CSV import option "Do not abort on INSERT error"
    * sf#3943 Missing Operations>Table options>AUTO_INCREMENT
    * bug Missing CREATE DATABASE statement when exporting at database level
    * sf#3924 Show warning when CSV file does not contain data for all columns
    * sf#3947 Missing Sql Query after modify structure
    * sf#3948 Server export problems
    * sf#3917 CountTables directive is deprecated
* Wed May 15 2013
  - update to (2013-05-14)
    * sf#3879 Import broken for CSV using LOAD DATA
    * sf#3889 When login fails and error display is active, login data is displayed
    * sf#3890 [import] Web server upload directory import fails
    * sf#3891 [import] Server upload folder import file name missing in success message
    * rfe #1421 [auth] Add retry button on connection failure with config auth
    * sf#3894 [interface] Provide feedback if no columns selected for multi-submit
    * sf#3799 [interface] Incorrect select field change on ctrl key navigation in Firefox
    * sf#3885 [browse] display_binary_as_hex option causes unexpected behavior
    * sf#3899 Git commit links to Github missing
    * sf#3900 CSP WARN in Firefox console
    * sf#3901 Setup script warning for config auth (stored login data) shows link BBcode
    * sf#3895 [browse] Fixed getting BLOB data
    * sf#3905 [export] Custom Exporting exports all databases
    * sf#3909 [import] Import of CSV FIle to selected table doesn't work
    * sf#3904 Browsing an empty table should not display its Structure
    * sf#3908 Calendar widget improperly redirects to home
    * sf#3918 Greyed out tabs when there are no rows fixed
    * sf#3916 [interface] Missing scrollbar (original theme)
    * [vendor] add tcpdf path to vendor_config.php
    * bug fix compat with tcpdf >= 6.0 (tested with 6.0.012)
* Fri May 03 2013
  - update to 4.0.0 (2013-05-03)
    * Patch #3481047 for rfe #3480477 Insert as new row enhancement
    * Patch #3480999 Activate codemirror in the query window
    * Patch #3495284 XML Import - fix message and redirect
    * rfe #3484063 Null checkbox behavior
    * Patch #3497179 Contest-5: Add user: Allow create DB w/same name + grant u_%
    * Patch #3498201 Contest-6: Export all privileges
    * Patch #3502814 for rfe #3187077 Change password buttons should match
    * rfe #3488640 Expand table-group in non-light navigation frame if only one
    * Patch #3509360 Contest-3: Option "Truncate table" before "insert"
    * Patch #3506552 Contest-2: Show index information in the data dictionary
    * Patch #3510656 Contest-1: Ignoring foreign keys while dropping tables
    * sf#3509686 Reverting sort on joined column does not work
    * New transformation: append string
    * rfe #3507804 Session upload progress (PHP 5.4)
    * rfe #3488185 draggable columns vs copy column name
    * Patch #3507001 Contest-4: Textarea for large character columns
    * Removed the PHP version of the ENUM editor
    * Patch #3507111 Display distinct results, linked to corresponding data rows
    * sf#3507917 [export] JSON has unescaped values for allegedly numeric columns
    * rfe #3516187 show tables creation, last update, last check timestamps in db_structure
    * sf#3059806 Supporting running from CIFS/Samba shares
    * sf#3516341 [export] Open Document Text, Word and Texy! Text show table structure twice
    * sf [export] Texy! Text: Columns containing Pipe Character don't export properly
    * [export] Show triggers in Open Document Text, Word and Texy! Text
    * Patch #3415061 [auth] Login screen appears under the page
    * rfe #3517354 [interface] Allow disabling CodeMirror with $cfg['CodemirrorEnable'] = false
    * rfe #3475567 [interface] New directive $cfg['HideStructureActions']
    * sf#3468272 [import] Fixed import of ODS with more paragraphs in a cell
    * sf#3510196 [core] Improved redirecting with ForceSSL option
    * rfe #3518852 [edit] edit blob but not other binary, new option $cfg['ProtectBinary'] = 'noblob'
    * Hide language select box if there are no locales installed
    * Removed some directives: verbose_check, SuggestDBName, LightTabs,
    VerboseMultiSubmit, ReplaceHelpImg
    * Patch #3500882 Fixing checkbox behaviour while editing identical rows
    * rfe #3441722 [interface] Display description of datatypes
    * rfe #3517835 [structure] Move columns easily
    * Ajaxified "Create View" functionality
    * [import] New plugin: import mediawiki
    * New navigation system
    * Discontinued the use of a frame-based layout
    * rfe #3528994 [interface] Allow wrapping possibly long values in replication-status table
    * [interface] Autoselect username input on cookie login page
    * sf#3563799 [interface] Grid editing destroying huge amount of data
    * [import] Remove support for the unactive docSQL import format
    * sf#3577443 [edit] "Browse foreign values" does not show on ajax edit
    * rfe #3522109 [browse] Grid editing: action to trigger it (or disable)
    * sf#3526598 [interface] SQL query not shown when creating table
    * Dropped configuration directive: AllowThirdPartyFraming
    * Dropped configuration directive: LeftFrameLight
    * Dropped configuration directive: DisplayDatabasesList
    * Dropped configuration directives: ShowTooltipAliasDB and ShowTooltipAliasTB
    * Dropped configuration directive: NaviDatabaseNameColor
    * Added configuration directive: MaxNavigationItems
    * Renamed configuration directive: LeftFrameDBTree => NavigationTreeEnableGrouping
    * Renamed configuration directive: LeftFrameDBSeparator => NavigationTreeDbSeparator
    * Renamed configuration directive: LeftFrameTableSeparator => NavigationTreeTableSeparator
    * Renamed configuration directive: LeftFrameTableLevel => NavigationTreeTableLevel
    * Renamed configuration directive: LeftPointerEnable => NavigationTreePointerEnable
    * Renamed configuration directive: LeftDefaultTabTable => NavigationTreeDefaultTabTable
    * Renamed configuration directive: LeftDisplayTableFilterMinimum => NavigationTreeDisplayTableFilterMinimum
    * Renamed configuration directive: LeftDisplayLogo => NavigationDisplayLogo
    * Renamed configuration directive: LeftLogoLink => NavigationLogoLink
    * Renamed configuration directive: LeftLogoLinkWindow => NavigationLogoLinkWindow
    * Renamed configuration directive: LeftDisplayServers => NavigationDisplayServers
    * Renamed configuration directive: LeftRecentTable => NumRecentTables
    * Renamed configuration directive: LeftDisplayDatabaseFilterMinimum => NavigationTreeDisplayDbFilterMinimum
    * Removed the "Mark row on click" feature; must now click the checkbox to mark
    * Removed the "Synchronize" feature
    * Improved layout of server variables page
    * rfe #1052091 [config] Double-underscores in PMA table names
    * Improved the "More" dropdown on the table structure page
    * [interface] Added "scroll to top" link in menubar
    * [designer] Fullscreen mode for the designer
    * Upgraded jquery to v1.8.3 and jquery-ui to v1.9.2
    * Patch #3597529 [status] Add raw value as title on server status page
    * Support MySQL 5.6 partitioning
    * Removed the AjaxEnable directive
    * rfe #3542567 Accept IPv6 ranges and IPv6 CIDR notations in $cfg['Servers'][$i]['AllowDeny']['rules']
    * sf#3576788 Grid editing shows the value before silent truncation
    * Upgraded jqPlot to 1.0.4 r1121
    * Upgraded to jquery-ui-timepicker-addon 1.1.1
    * rfe #3599046 [interface] Added comments for indexes
    * Replaced qtip with jQuery UI tooltip
    * Upgraded CodeMirror to 2.37
    * sf#2951 [export] Correctly export decimal fields.
    * sf#3762 [core] Make Advisor work on Windows withou COM extension.
    * sf#3519 [export] Prevent infinite recursion in PDF export.
    * sf#3827 Table specific privileges not displayed for db name containing underscore
    * rfe #1386 Add IF NOT EXISTS clause when copying database
    * No longer package .travis.yml configuration file when creating a release.
    * sf#3830 Can't export custom query because it lowercases table names
    * sf#3829 Enabling query profiling crashes javascript based navigation
    * rfe #879 Reserved word warning
    * Remove the database ordering sub-feature of the only_db directive
    * sf#3840 When exporting to gzip format, the data is compressed 2 times
    * rfe #1319 Permit to create index when creating foreign key
    * sf#3703 Incorrect updating of the list of users
    * sf#3853 Blowfish implementation might be broken (replace with phpseclib)
    * sf#3865 Using like operator on each backslash needs 4 backslash protection
    * sf#3860 Displayed git revision info is not set
    * sf#3871 Check referential integrity broken across databases
    * sf#3874 [export] No preselected option when exporting table
    * sf#3873 Can't copy table to target database if table exists there
    * sf#3683 Incorrect listing of records from to count
    * sf#3876 [import] PHP 5.2 - unexpected T_PAAMAYIM_NEKUDOTAYIM
    * [security] Local file inclusion vulnerability, reported by Janek Vind
      (see PMASA-2013-4)
    * [security] Global variables overwrite in export.php, reported by Janek Vind
      (see PMASA-2013-5)
    * sf#3892 [export] SQL Export files are empty
  - fix for bnc#824304
    * PMASA-2013-4 (CVE-2013-3240)
  - fix for bnc#824305
    * PMASA-2013-5 (CVE-2013-3241)
* Wed Apr 24 2013
  - update to (2013-04-24)
    * [security] Remote code execution (preg_replace), reported by Janek Vind
      (see PMASA-2013-2)
    * [security] Locally Saved SQL Dump File Multiple File Extension Remote Code
      Execution, reported by Janek Vind (see PMASA-2013-3)
  - fix for bnc#824301
    * PMASA-2013-2 (CVE-2013-3238)
  - fix for bnc#824302
    * PMASA-2013-3 (CVE-2013-3239)
* Mon Apr 08 2013
  - update to 3.5.8 (2013-04-08)
    * sf#3828 MariaDB reported as MySQL
    * sf#3854 Incorrect header for Safari 6.0
    * sf#3705 Attempt to open trigger for edit gives NULL
    * [security] Self-XSS on GIS visualisation page, reported by Janek Vind
      see PMASA-2013-1
    * sf#3800 Incorrect keyhandler behaviour #2
  - fix for bnc#814678
    * PMASA-2013-1 (CVE-2013-1937)
* Fri Mar 15 2013
  - update to (2013-02-15)
    * sf#3779 [core] Problem with backslash in enum fields
    * sf#3816 Missing server_processlist.php
    * sf#3821 Safari: white page
    * Correct detection of the Chrome browser
* Mon Feb 04 2013
  - update to (2013-01-28)
    * sf#3593604 [status] Erroneous advisor rule
    * sf#3596070 [status] localStorage broken in server status monitor
    * sf#3598736 [routines] Editing a procedure with special characters
    * sf#3600322 [core] Visualize GIS data throws Fatal Error
    * sf#3599362 [core] Double-escaped error message
    * sf#3776 [cookies] Login without auth on second server
* Wed Jan 16 2013
  - update to (2012-12-21)
    * sf#3563824 [export] Support Apache's mod_deflate
    * sf#3585523 [interface] Inline query editing broken after row update
    * sf#3586389 [setup] Cannot switch language in /setup
    * sf#3585695 [CSS] Font size in inline query editor is way too big
    * sf#3588354 [l10n] Portuguese Language not displaying correctly
    * sf#3591412 [status] Live charts don't work for non-default server
    * sf[core] Proxy ajax calls to to avoid browser notices
    * sf#3593534 [tracking] Structure Snapshot on tracked view renders
      invalid SQL
    * sf#3544366 [events] Event comments not saved
* Sat Dec 15 2012
  - update to (2012-11-16)
    * sf#3570212 [edit] uuid_short() is a no-arguments function
    * sf#3569577 [edit] Add routine parameter headers not valid for
    * sf#3575799 [search] Various search operators not working as
    * sf#3576322 [search] Invalid select query generated for tables with
      ENUM fields
    * sf#3577468 [display] Incorrect imagejpeg Syntax Breaks Image
    * sf#3578776 [search] Editing SQL not possible when no records found
    * sf#3571970 [interface] Display chart and number of rows to plot
    * sf#3582631 [core] Wrong redirect url caused cookies error with
* Mon Nov 05 2012
  - update to (2012-10-08)
    * sf#3539044 [interface] Browse mode "Show" button gives blank page
      if no results anymore
    * sf#3534979 [interface] Copy Database Ajax feedback vanishes long
      before copying is done
    * sf#3527531 [interface] GC-maxlifetime warning incorrectly
    * sf#3526916 [interface] Search fails with JS error when tooltips
    * sf#3544366 [interface] Event comments not saved
    * sf#3549084 [edit] Can't enter date directly when editing inline
    * sf#3548491 [interface] Inline query editor doesn't work from
      search results
    * sf#3547825 [edit] BLOB download no longer works
    * sf#3541966 [config] Error in generated configuration arrray
    * sf#3553551 [GUI] Invalid HTML code in multi submits confirmation
    * [interface] Designer sometimes places tables on the top menu
    * sf#3546277 [core] Call to undefined function __() when config file
      has wrong permissions
    * sf#3540922 [edit] Error searching table with many fields
    * sf#3555104 [edit] Cannot copy a DB with table and views
    * sf#3559925 [privileges] Incorrect updating of the list of users
    * sf#3561224 [edit] cell edit date field with empty date fills in
      current date
    * sf#3559955 [edit] current_date from function drop down fails on
    * sf#3562472 add support for Solaris and FreeBSD system load and
      memory display in server status
    * sf#3553068 [import] Table import from XML file fails
    * replace Highcharts with jqplot for Display chart
    * sf#3567684 [edit] Pasting value doesn't clear null checkbox
    * sf#3570786 [edit] Datepicker for date and datetime fields is
  - fix for bnc#788103
    * PMASA-2012-6 (CVE-2012-5339)
    * PMASA-2012-7 (CVE-2012-5368)
* Tue Aug 21 2012
  - update to (2012-08-12)
    - [security] Fixed XSS vulnerabilities,
      see PMASA-2012-4
  - update to (2012-08-03)
    - [security] Fixed local path disclosure vulnerability,
      see PMASA-2012-3
  - fix for bnc#776701
    * PMASA-2012-4 (CVE-2012-4345)
  - fix for bnc#776698
    * PMASA-2012-3 (CVE-2012-4219)
* Sun Jul 08 2012
  - udpate to 3.5.2 (2012-07-07)
    * bug sf#3521416 [interface] JS error when editing index
    * bug sf#3521313 [core] Call to undefined function __()
    * bug sf#3521016 [edit] NOW() function incorrectly selected
    * bug [GUI] Invalid HTML code on transformation_overview.php
    * bug sf#3522930 [browse] Missing validation in Ajax mode
    * bug Fix popup message on build SQL of import
    * bug sf#3523499 [core] Make X-WebKit-CSP work better
    * replace Highcharts with jqplot for query profiling, zoom search
    * bug sf#3531584 [interface] No form validation in change password
    * bug sf#3531585 [interface] Broken password validation in copy user
    * bug sf#3531586 [unterface] Add user form prints JSON when user
      presses enter
    * bug sf#3534121 [config] duplicate line in
    * bug sf#3534311 [interface] Grid editing incorrectly parses
      ENUM/SET values
    * bug sf#3510196 [core] More clever URL rewriting with ForceSSL
  - rebase config patch
* Sun Jun 03 2012
  - update to (2012-05-03)
    * bug sf#3510784 [edit] Limit clause ignored when sort order is
    * bug sf#3511471 [interface] View name not seen in navi panel
      (MySQL 5.1)
    * bug sf#3512916 [display] Right frame reloads after displaying SQL
      result(zero rows)
    * bug [interface] Fixed missing Codemirror for inline query edit
      when exporting a result set
    * bug sf#3514490 [auth] Multiple Navigation panels bug still present
    * bug sf#3515181 [users] Error in create user + underscore + create
    * bug sf#3515666 [display] Profiling chart shows wrong data
    * bug sf#3516037 [auth] JS includes missing in auth config error page
    * bug sf#3516183 [display] Missing image extension
    * bug [display] Added missing icons in original theme
    * bug sf#3516761 [edit] Query error after search
    * bug sf#3516405 [display] Chart title is getting wrong within chart
    * bug sf#3517021 [interface] Header links except 'More' hide after
      closing dialog
    * bug sf#3516817 [interface] "More" actions in table structure
    * bug sf#3518484 [privileges] PMA_sqlAddSlashes() does not quote the
      table names correctly
    * bug sf#3518983 [designer] Error messages do not appear in the
    * bug sf#3519747 [interface] Suhosin patch warning incorrectly
    * bug sf#3520107 [interface] Server status page: Incorrect dialog box
    * bug sf#3516089 [structure] DROP does not work on defective VIEWs
  - rebase config patch
    * remove version from patch name
    * add missing options
* Thu Apr 26 2012
  - update to
    * bug sf#3486970 [import] Exception on XML import
    * bug sf#3488777 [navi] $cfg['ShowTooltipAliasTB'] and blank names
      in navigation
    * bug sf#3512565 [navi] Fixed missing word "Rows" in table list
      tooltip after click
* Mon Apr 02 2012
  - update to (fix for bnc#755211)
    - [security] Fixed local path disclosure vulnerability,
      see PMASA-2012-2
* Thu Feb 23 2012
  - fix changelog
    * rename bugs , patches ("{bug,patch} #....") to fit into
      bug naming scheme -> "sf#...."
* Mon Feb 20 2012
  - update to (fix for bnc#747841)
    * [security] XSS in replication setup, see PMASA-2012-1
  - (2012-02-14)
    * sf#3460090 [interface] TextareaAutoSelect feature broken
    * sf#3375984 [export] PHP Array export might generate invalid php
    * sf#3049209 [import] Import from ODS ignores cell that is the same
      as cell be fore
    * sf#3463933 [display] SELECT DISTINCT displays wrong total records
    * sf#3458944 [operations] copy table data missing
    * sf#3469254 [edit] Setting data to NULL and drop-downs
    * sf#3477063 [edit] Missing set fields and values in generated
      INSERT query
    * sf#3460867 [libraries] license issue with TCPDF
      (updated to 5.9.145), (fix for bnc#736698)
* Wed Dec 28 2011
  - update to 3.4.9
    - sf#3442028 [edit] Inline editing enum fields with null shows no dropdown
    - sf#3442004 [interface] DB suggestion not correct for user with underscore
    - sf#3438420 [core] Magic quotes removed in PHP 5.4
    - sf#3398788 [session] No feedback when result is empty (signon auth_type)
    - sf#3384035 [display] Problems regarding ShowTooltipAliasTB
    - sf#3306875 [edit] Can't rename a database that contains views
    - sf#3452506 [edit] Unable to move tables with triggers
    - sf#3449659 [navi] Fast filter broken with table tree
    - sf#3448485 [GUI] Firefox favicon frameset regression
    - [core] Better compatibility with mysql extension
    - [security] Self-XSS on export options (export server/database/table),
      see PMASA-2011-20
    - [security] Self-XSS in setup (host parameter), see PMASA-2011-19
  - fix for bnc#738411
    * PMASA-2011-19 (CVE-2011-4780)
    * PMASA-2011-20 (CVE-2011-4782)
  - rework config patch
* Fri Dec 16 2011
  - fix changelog
    * add missing info for bnc#736772
  - fix fdupes
    * reduce fdupes to affected files only (./libraries,./themes)
* Tue Dec 13 2011
  - update to 3.4.8
    - sf#3425230 [interface] enum data split at space char (more space to edit)
    - sf#3426840 [interface] ENUM/SET editor can't handle commas in values
    - sf#3427256 [interface] no links to browse/empty views and tables
    - sf#3430377 [interface] Deleted search results remain visible
    - sf#3428627 [import] ODS import ignores memory limits
    - sf#3426836 [interface] Visual column separation
    - sf#3428065 [parser] TRUE not recognized by parser
    + sf#3433770 [config] Make location of php-gettext configurable
    - sf#3430291 [import] Handle conflicts in some open_basedir situations
    - sf#3431427 [display] Dropdown results - setting NULL does not work
    - sf#3428764 [edit] Inline edit on multi-server configuration
    - sf#3437354 [core] Notice: Array to string conversion in PHP 5.4
    - [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the
      view name in main panel db Structure page
    - sf#3439292 [core] Fail to synchronize column with name of keyword
    - sf#3425156 [interface] Add column after drop
    - [interface] Avoid showing the password in phpinfo()'s output
    - sf#3441572 [GUI] 'newer version of phpMyAdmin' message not shown in IE8
    - sf#3407235 [interface] Entering the key through a lookup window does not
      reset NULL
    - [security] Self-XSS on database names (Synchronize), see PMASA-2011-18
    - [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18
    - [security] Self-XSS on column type (Create index), see PMASA-2011-18
    - [security] Self-XSS on column type (table Search), see PMASA-2011-18
    - [security] Self-XSS on invalid query (table overview), see PMASA-2011-18
  - fix for bnc#736772 (CVE-2011-4634, PMASA-2011-18)
* Mon Nov 14 2011
  - update to (fix for bnc#728243)
    - [security] Fixed possible local file inclusion in XML import
      (CVE-2011-4107), see PMASA-2011-17
* Wed Oct 26 2011
  - update to 3.4.7
    - sf#3418610 [interface] Links in navigation when
      $cfg['MainPageIconic'] = false
    - sf#3418849 [interface] Inline edit shows dropdowns even after closing
    - bug [view] View renaming did not work
    - bug [navi] Wrong icon for view (MySQL 5.5)
    - sf#3420229 [doc] Missing documentation section
    - sf#3423725 [pdf] Broken PDF file when exporting database to PDF
    - [core] Allow to set language in URL
    - sf#3425184 [doc] Fix links to PHP documentation
    - sf#3426031 [export] Export to bzip2 is not working
  - (2011-10-16)
    - sf#3404173 InnoDB comment display with tooltips/aliases
    - sf#3404886 [navi] Edit SQL statement after error
    - sf#3403165 [interface] Collation not displayed for long enum fields
    - sf#3399951 [export] Config for export compression not used
    - sf#3400690 [privileges] DB-specific privileges won't submit
    - sf#3410604 [config] Configuration storage incorrect suggested table name
    - sf#3383572 [interface] Cannot execute saved query
    - sf#3411535 [display] Full text button unchecks results display options
    - sf#3411224 [display] Broken binary column when 'Show binary contents'
      is not set
    - sf#3411633 [core] Call to undefined function PMA_isSuperuser()
    - sf#3413743 [interface] Display options link missing after search
    - sf#3324161 [core] CSP policy causing designer JS buttons to fail
    - sf#3412862 [relation] Relations/constraints are dropped/created
      on every change
    - sf#3390832 [display] Delete records from last page breaks search
    - sf#3392150 [schema] PMA_User_Schema::processUserChoice() is broken
    - sf#3414744 [core] External link fails in 3.4.5
    - sf#3314626 [display] CharTextareaRows is not respected
    - sf#3417089 [synchronize] Extraneous db choices
    - [security] Fixed local path disclosure vulnerability, see PMASA-2011-15
    - [security] Fixed XSS in setup (host/verbose parameter), see PMASA-2011-16
* Tue Oct 04 2011
  - update to 3.4.5
    - sf#3375325 [interface] Page list in navigation frame looks odd
    - sf#3313235 [interface] Error div misplaced
    - sf#3374802 [interface] Comment on a column breaks inline editing
    - sf#3383711 [display] Order by a column in a view doesn't work
      in some cases
    - sf#3386434 [interface] Add missing space to server status
    - [core] Remove library PHPExcel, due to license issues
    - [export] Remove native Excel export modules (xls and xlsx formats)
    - [import] Remove native Excel import modules (xls and xlsx formats)
    - sf#3392920 [edit] BLOB emptied after editing another column
    - [security] Fixed XSS in Inline Edit on save action, see PMASA-2011-14
    - [security] Fixed XSS with db/table/column names, see PMASA-2011-14
* Sat Aug 27 2011
  - update to 3.4.4
    - sf#3323060 [parser] SQL parser breaks AJAX requests if query has unclosed
    - sf#3323101 [parser] Invalid escape sequence in SQL parser
    - sf#3348995 [config] $cfg['Export']['asfile'] set to false does not select
      as Text option
    - sf#3340151 [export] Working SQL query exports error page
    - sf#3353649 [interface] "Create an index on X columns" form not validated
    - sf#3350790 [interface] JS error in Table->Structure->Index->Edit
    - sf#3353811 [interface] Info message has "error" class
    - sf#3357837 [interface] TABbing through a NULL field in the inline mode
      resets NULL
    - remove version number in /setup
    - sf#3367993 [usability] Missing "Generate Password" button
    - sf#3363221 [display] Missing Server Parameter on inline sql query
    - sf#3367986 [navi] Drop field -> lost active table
    - remove misleading comment on the "Rename database" interface
    - sf#3374374 [interface] Fix footnote for inexact count while browsing
    - sf#3372807 [interface] Fix security warning link in setup
    - sf#3374347 [display] Backquotes in normal text on import page
    - sf#3358750 [core] With Suhosin, urls are too long in edit links
    - [security] Missing sanitization on the table, column and index names leads to
      XSS vulnerabilities, see PMASA-2011-13
* Fri Jul 29 2011
  - update to
    o PMASA-2011-9 to PMASA-2011-12
* Mon Jul 04 2011
  - update to
    - [security] Fixed possible session manipulation in swekey
      authentication, see PMASA-2011-5
    - [security] Fixed possible code injection incase session variables
      are compromised, see PMASA-2011-6
    - [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
    - [security] Fixed filtering of a file path, which allowed for
      directory traversal, see PMASA-2011-8
  - (2011-06-27)
    - sf#3311170 [sync] Missing helper icons in Synchronize
    - sf#3304473 [setup] Redefine a lable that was wrong
    - sf#3304544 [parser] master is not a reserved word
    - sf#3307616 [edit] Inline edit updates multiple duplicate rows
    - sf#3311539 [edit] Inline edit does not escape backslashes
    - sf#3313210 [interface] Columns class sometimes changed for nothing
    - sf#3313326 [interface] Some tooltips do not disappear
    - sf#3315720 [search] Fix search in non unicode tables
    - sf#3315741 [display] Inline query edit broken
    - sf#3317206 [privileges] Generate password option missing on new accounts
    - sf#3317293 [edit] Inline edit places HTML line breaks in edit area
    - sf#3319466 [interface] Inline query edit does not escape special characters
    - minor XSS (require a valid token)
  - add restart_on_update apache to post
* Wed Jun 22 2011
  - fix changelog
    o update to -> update to 3.4.2
  - fix bnc#697748 (suhosin customization)
    o moved from spec's %post to http_conf file
* Thu Jun 09 2011
  - update to 3.4.2
    - sf#3301249 [interface] Iconic table operations does not remove inline edit label
    - sf#3303869 [interface] Unnecessary scrolling on Databases page
    - sf#3303813 [setup] Define a label that was missing
    - sf#3305606 [interface] Show all button wraps on privileges page
    - sf#3305517 [config] Config for export compression not used
    - sf#3305883 [interface] Table is dropped regardless of confirmation
    - [auth] Fixed error handling for signon auth method.
    - sf#3276001 [core] Avoid caching of index.php.
    - sf#3306958 [interface] Unnecessary Details slider
    - sf#3308476 [interface] "Show all" not persistent after a sort
    - sf#3308072 [auth] Version disclosure to anonymous visitors
    - sf#3306981 [interface] pmahomme and table statistics
* Tue May 24 2011
  - update to 3.4.1
    - bug sf#3301108 [interface] Synchronize and already configured host
    - bug sf#3302457 Inline edit and $cfg['PropertiesIconic']
    - Patch #3302313 Show a translated label
    - bug sf#3300981 [navi] Table filter is case sensitive
    - bug sf#3285929 [privileges] Revert temporary fix
    - bug sf#3302872 [synchronize] Synchronize and user name
    - bug sf#3302733 [core] Some browsers report an insecure https connection
    - [security] Make redirector require valid token
  - rework config patch
    - removed 3.3.8, added 3.4.1 config patch
  - added conftrib to doc
  - mod post section
    o modify suhosin.ini
* Sat Mar 19 2011
  - update to 3.3.10
    - patch sf#3147400 [structure] Aria table size printed as unknown,
      thanks to erickoh75 - erickoh75
    - patch sf#3150164 [structure] Ordering by size gives incorrect results,
      thanks to Madhura Jayaratne - madhuracj
    - bug sf#3153409 [core] 0 row(s) affected
    - bug sf#3155842 [core] Edit relational page and page number
    - [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10
    - [lang] German update, thanks to
* Wed Feb 23 2011
  - update to
    - [security] SQL injection, see PMASA-2011-2
  - (2011-02-08)
    - [security] Path disclosure, see PMASA-2011-1
  - add macros for ap_usr, ap_grp
  - fix perm on sysconfdir
    o 0750,root,www
* Thu Jan 27 2011
  - update to 3.3.9
    - bug [doc] Fix references to MySQL doc
    - sf#3101490 Default function for TIMESTAMP, thanks to jirand - jirand
    - sf#3103853 [js] Double quotes were not escaped in generated js
    - sf#3077463 [core] Events were not copied when copying/renaming database
    - sf#1762306 [core] Copy database with view of a view
    - sf#3117535 [replication] Add quotes to database in initial statement,
      thanks to Craig Duncan - duncan3dc
    - sf#3112614 [pdf schema] Scratchboard for PDF pages not working
    - sf#3125606 [parser] Query for table "level" causes strange display
    - sf#3127904 [parser] Close all opened round brackets indents
  - removed Authors from spec
* Fri Dec 03 2010
  - update to
    - sf#3115519 (private) [security] XSS on db search, see PMASA-2010-8
  - rework config patch
    o add AllowNoPassword
* Wed Oct 27 2010
  - update to 3.3.8
    - sf#3059311 [import] BIGINT field type added to table analysis
    - [core] Update library PHPExcel to version 1.7.4
    - sf#3062455 [core] copy procedures and routines before tables
    - sf#3062455 [export] with SQL, export procedures and routines before tables
    - sf#3056023 [import] USE query not working
    - sf#3038193 [display] Error when editing row with GEOMETRY column
    - sf#3062454 [interface] Display routines/events also when no tables are defin
    - support ARIA storage engine as well as its previous name MARIA
* Wed Sep 22 2010
  - update to 3.3.7
* Wed Jul 07 2010
  - update to version 3.3.4
  - sf#2996161 [import] properly escape import value
  - sf#2998889 [import] Import button does not work in Catalan
  - [browse] Fix handling of sort order if only column is specified.
    + [lang] Greek update, thanks to Panagiotis Papazoglou - panos78
    + [lang] Updated lot of translation based on work done in master branch.
  - sf#3008411 [databases] Last dropped database remains active in navi
  - sf#2986383 [parser] Not all data being shown / counted
  - bug [synchronize] Rows were deleted in target table regardless of the
    "Would you like to delete..." option
  - bug [privileges] List of tables not shown when the db name has a wildcard
  - sf#3011126 [display] Edit link missing after long query
  - sf#3013264 [doc] FAQ 1.40 uses a comma instead of a period,
    thanks to Isaac Bennetch - ibennetch
  - [engines] Fix getting InnoDB status.
  - sf#2986422 [import] Results for query are not displayed
* Fri May 21 2010
  - update to version 3.3.3
    - sf#2982480 [navi] Do not group if there would be one table in group
    - sf#2983492 [sync] When asking to synchronize Structure and Data,
      only Structure is done
    - sf#2984893 [engines] InnoDB storage page emits a warning
    - sf#2974687, sf#2974692 [compatibility] PHPExcel : IBM AIX iconv() does not work
    - sf#2983066 [interface] Flush table on table operations shows the query twice
    - sf#2983060, sf#2987900 [interface] Fix initial state of tables in
    - sf#2983062, sf#2989408 [engines] Fix warnings when changing table
      engine to Maria
    - sf#2974067 [display] non-binary fields shown as hex
    - sf#2983065 [operations] Error when changing from Maria to MyISAM engine
    - sf#2975408 [tracking] Data too long for column data_sql
    - bug [tracking] Tracking report should obey MaxCharactersInDisplayedSQL
    - bug [edit] Avoid selecting UNHEX function by default for a BLOB column for
      which editing is protected
    - sf#2994168 [structure] Show auto_increment in uppercase
    - sf#2993970 [pdf schema] Page numbering in Table of Contents
  - (2010-04-13)
    - sf#2969449 [core] Name for MERGE engine varies depending on the
      MySQL version, thanks to Dieter Adriaenssens - ruleant
    - sf#2966078 [browse] Incorrect LIMIT is saved and sticks while browsing
    - sf#2967366 [Structure] Some results of Propose table structure are
      shown in hex
    - sf#2967565 [insert] UNHEX not selected by default when inserting BINARY
    - [navi] Changed link to git repository on main page
    - sf#2972232 [menu] Import menu tab not present on main page
    - sf#2976790 [menu] Go to the upper level after table DROP,
      thanks to Kaarel Nummert - kaarelnu
    - sf#2978815 [pdf] Fix generating PDF with table dimensions, thanks to BlinK_
    - sf#2977725 [export] XML wrongly encoded, thanks to Victor Volkov - hanut
    - sf#2979234 [import] Create tables with current charset and collation.
    - sf#2979234, sf#2960105 [import] Properly import unicode text from ODS.
    - sf#2973280 [export] Proper handling of temporary directory in XLS export.
    - sf#2980582 [interface] Properly format server status parameter.
    - sf#2973949 [session] SQL History broken (revert sf#2899969),
      thanks to Dieter Adriaenssens - ruleant
    - [doc] Be more specific about problems with Suhosin.
* Fri Mar 26 2010
  - update to version 3.3.1
    - sf#2941037 [core] Database structure not sorted by table correctly
    - sf#2948492 [interface] Slide effect masks some fields on search page
    - sf#2959746 [interface] Unknown table status: TABLE_TYPE
    - sf#2953050 [export] export VIEW as SQL includes INSERT statement
    - sf#2942032 [core] Cannot detect PmaAbsoluteUri correctly on Windows
    - sf#2961609 [auth] Potential information disclosure at login page
    - sf#2961540 [export] Do not export data of MERGE table,
      thanks to Dieter Adriaenssens - ruleant
    - sf#2961198 [parser] Querying a table named "data"
    - sf#2931429 [structure] Editing long triggers
    - sf#2970769 [structure] Incorrect reference to mootools-more.js
  - cleanup spec
    - fixed HEADER
    - sort TAGS
    - some macros (ap_...)
    - updated description
    - added postun
      o restart_on_update apache2
  - some rpmlint stuff
    - fdupes
  - reworked patches
    - removed blowfish_secret
    - removed mysqli.patch
    - added config patch
      o mods to vendor_config
  - replaced Source1
    phpmyadmin.conf > phpMyAdmin.http
  - to /etc/phpMyAdmin
* Wed Mar 10 2010
  - Updated to 3.3.0
    + rfe #2308632 [edit] Use hex for (var)binary fields
    + sf#2794819 [navi] Filter for displayed table names
    - sf#2794840 [core] Cannot redeclare pma_tableheader()
    - rfe #2726479 [core] configurable maximal length of URL
    + sf#2724755 [display] Full/partial text links (big T) are back
    - bug [display] handle NavigationBarIconic as documented for navi buttons
    + rfe #2726479 [export] Export tables preselect
    + sf#2805828 [export] PHP array export plugin
    + sf#2798592 [import] Progress bar
    - bug [gui] Generate Password not working for 'Change Login Information', only for 'Change password'
    + [lang] Arabic update
    + rfe #2822190 [structure] BOOLEAN is standard SQL
    + [lang] German update
    + rfe #2813867 [structure] Default sorting order in list of tables
    + [import] Added MySQL type-detection functionality to import library
    + [import] Added ODS, Excel XLS, Excel XLSX, and XML import modules
    + [export] Added Excel XLSX export module
    + [core] Added ability for tracking changes made through phpMyAdmin
    + rfe #2839504 [engines] Support InnoDB plugin's new row formats
    + [core] Added ability for synchronizing databases among servers.
    + [lang] #2843101 Dutch update
    + [lang] Galician update
    + [export] Added MediaWiki export module
    + [lang] Turkish update
    + [auth] Add custom port configuration in signon
    - [core] Removed context from the error handler
    - sf#2883633 [export] Export of InnoDB table is incomplete
    + rfe #2862575 [status] Order query statistics by % desc, skip rows with 0
    + rfe #2823686 [interface] Increase default height of query window
    + rfe #2129902 [structure] Don't hide indexes
    + sf#2812070 [interface] Allow selecting a range of rows by holding shift
    + [lang] Russian update, thanks to Victor Volkov
    + [lang] Greek update, thanks to Panagiotis Papazoglou
    + [lang] Norwegian update, thanks to Sven-Erik Andersen
    - sf#2929958 [import] Cannot import (French interface)
    - [security] Use X-Frame-Options header to protect against ClickJacking.
    + [lang] Finnish update, thanks to Jouni Kahkonen
    + [lang] Lithuanian update, thanks to Rytis Slatkevicius - rytis_s
    - sf#2931939 [status] Seeing "m" as unit is confusing
    - sf#2926613 [edit] Copy database shows errors when DB has foreign key
    + [lang] Catalan update, thanks to Xavier Navarro
* Wed Jan 20 2010
  - Updated to 3.2.5
    - sf#2903400 [bookmarks] Status of bookmark table,
      thanks to Virsacer - virsacer
    - bug [history] QueryHistoryDB is not respected
    - sf#2905629 [auth] Blowfish secret is not hashed
    - sf#2910000 [gui] ShowServerInfo should hide all server info from main page
    - sf#2910568 [structure] Table size for ARCHIVE tables is not displayed
    - sf#2899969 [core] Session lock blocks working from a second window,
      thanks to Greg Roach - fisharebest
    - sf#2915168 [import] Incorrect parsing of DELIMITER keyword,
      thanks to Greg Roach - fisharebest
    - sf#2918831 [export] Missing backquotes on reserved words,
      thanks to Virsacer - virsacer
    - [core] Fix broken cleanup of $_GET
    - sf#2924357 [operations] Cannot rename a database that has foreign key
    - sf#869006 [structure] Ignore number of records for MRG_MyISAM tables
    - bug [browse] "Show BLOB contents" should display HTML code that is present
      in a BLOB, thanks to Vincent van der Tuin
    - [privileges] Improve escaping of hostname
* Tue Nov 10 2009
  - sf#2856664 [export] Date, time, and datetime column types now export correctly to OpenOffice Spreadsheet
  - sf#2859788 [parser] Double-character delimiters (sf#2846239)
  - sf#2832600 [export] Slow export when having lots of databases
  - sf#2537766 [import] Comments are stripped when editing store procedures
  - sf#2852370 [operations] Renaming database deletes triggers
  - sf#2872247 [interface] Failed opening required 'mysql_charsets.lib.php'
  - bug [structure] "In use" table incorrectly reported as "view"
  - sf#2879909 [interface] Removed double htmlspecialchars when editing enum column
  - sf#2868328 [relations] Adding foreign key when table name contains a dot
  - sf#2883381 [doc] Side effects of MemoryLimit setting
  - sf#2826128 [display] Inverting sort order when expression contains a function name
* Fri Sep 18 2009
  - sf#2825293 [structure] Default value for a BIT column
  - bug [display] Red arrows were reversed in the list of tables
  - sf#2813879 [export] Duplicate empty lines when exporting without comments
  - sf#2825919 [export] Trigger export with database name
  - sf#2823996 [data] Cannot edit row with no PK and a BIT field
  - bug [export] Exporting results of a query which contains a LIMIT clause
    inside a subquery
  - sf#2837722 [export] Run complex SQL then export does not work
  - sf#2839548 [export] Triggers order on export
  - sf#2826986 [display] Order by BLOB and range display
  - bug [display] After clicking on Show Function or Function, the UPDATE query
    is not shown after execution
  - bug [structure] Missing validation for BINARY and VARBINARY
* Sun Aug 16 2009
  - sf#2799009 Login with ipv6 IP address breaks redirect
  - sf#2796066 [priv] Inconsistent display of databases list
  - sf#2802870 [display] Incorrect overhead value for InnoDB
  - bug [display] Incorrect display in replication status
  - sf#1601625 [display] The Ignore checkbox is not unchecked for ENUM
  - sf#2809930 [setup] Notice: Undefined variable: k in setup/index.php
  - bug [features] Incorrect report of missing relational features
  - [security] XSS: Insufficient output sanitizing (not exploitable without a vali
    d token)
    thanks to Sven Vetsch/Disenchant for informing us in a responsible manner
  - sf#2634827 [import] Using DELIMITER produces infinite cycle
    + new language files: uzbek_cyrillic and urbek_latin
  - sf#2814109 [search] Right frame is blank
  - sf#2816840 [priv] Cannot change a user's details
  - sf#2816165 [display] Executed query not always displayed
  - sf#2819944 [setup] Incorrect mention of designer_coords
  - sf#2821757 [insert] "Insert another new row" no longer worked
    + [lang] Norwegian update
  - bug [core] PMA_pow() can support negative exponents in the pow() case
    + [lang] Brazilian Portuguese update
  - sf#2822384 [docs] Missing auth_type in docs-example
  - sf#2819728 [display] Slider effect jumping to top of page
  - bug [display] Incorrect computation of overhead stats in server view
    for tables under the InnoDB engine
    + [lang] Swedish update
* Fri Jul 24 2009
  - First security release for phpMyAdmin 3.2.0
* Sun Jun 28 2009
  - update to 3.2.0
* Sun May 04 2008
  - phpMyAdmin package misses files (favicon.ico, scripts/*) [BNC #381747]
  - phpMyAdmin setup.php missing [BNC #335306]
  - update to version 2.11.6, bug fix only release
  - sf#1903724 [interface] Displaying of very large queries
    in error message
  - sf#1905711 [compatibility] Functions deprecated in PHP 5.3:
    is_a() and get_magic_quotes_gpc()
  - bug [lang] catalan wrong accented characters
  - sf#1893034 [Export] SET NAMES for importing with command-line
    + [lang] Russian update
  - sf#1910485 [core] Unsetting the whitelist during the loop
  - sf#1906980 [Export] Import of VIEWs fails if temp table exists
  - sf#1812763 [Copy] Table copy when server is in ANSI_QUOTES
  - sf#1918531 [compatibility] Navigation isn't valid
  - sf#1926357 [data] BIT defaults displayed incorrectly
  - sf#1930057 [auth] colon in password prevents HTTP login
    on CGI/IIS
  - sf#1929553 [lang] Don't output BOM character in Swedish
    language file
  - sf#1895796 [lang] Typo in Japanese lang files
  - sf#1935652 [auth] Access denied (show warning about mcrypt
    on login page)
  - sf#1906983 [export] Reimport of FUNCTION fails
  - sf#1919808 [operations] Renaming a database fails to handle
  - sf#1934401 [core] Cannot force a language
  - sf#1944077 [core] Config file containing a BOM
  - sf#1947189 [scripts] Missing head tag in scripts/signon.php
  - [lang] Romanian update
* Mon Apr 07 2008
  - pmd folder is missing in phpmyadmin [bnc #376616]
* Sat Mar 29 2008
  - update to version
    * sf#1909711 [security] Sensitive data in session files
* Mon Mar 10 2008
  - phpMyAdmin tries to access non-existing print.css [#307966]
* Sat Mar 01 2008
  - version 2.11.5
  - sf#1862661 [GUI] Warn about rename deleting database
  - sf#1866041 [interface] Incorrect sorting with AS
  - sf#1871038 [import] Notice: undefined variable first_sql_delimiter
  - sf#1873110 [export] Problem exporting with a LIMIT clause
  - sf#1871164 [GUI] Empty and navigation frame synch.
  - sf#1873188 [GUI] Making db pager work when js is disabled,
    thanks to Jürgen Wind - windkiel
  - sf#1875010 [auth] MySQL server and client version mismatch
    (mysql ext.)
  - sf#1879031 [transform] dateformat transformation
    and UNIX timestamps, thanks to Tim Steiner - spam38
  - bug [import] Do not verify a missing enclosing character for CSV,
    because files generated by Excel don't have any enclosing character
  - sf#1799691 [export] "Propose table structure" and Export
  - sf#1884911 [GUI] Space usage
  - sf#1863326 [GUI] Wrong error message / no edit (Suhosin)
  - sf#1887204 [GUI] Order columns in result list messing up query
  - sf#1893538 [GUI] Display issues on Opera 9.50,
    thanks to Jürgen Wind - windkiel
  - bug [GUI] Do not display the database name used by the
    previous user, thanks to Ronny Görner
  - bug [security] Remove cookies from Array for better coexistence with
    other applications, thanks to Richard Cunningham. See PMASA-2008-1.
* Sun Jan 13 2008
  - do not BuildRequire apache2-devel libapr-util1-devel pcre-devel
  - PreReq coreutils sed and grep
  - update to version 2.11.4
  - sf#1843428 [GUI] Space issue with DROP/DELETE/ALTER TABLE
  - sf#1807816 [search] regular expression search doesn't work with
  - sf#1843463 [GUI] DROP PROCEDURE does not show alert
  - sf#1835904 [GUI] Back link after a SQL error forgets the query
  - sf#1835654 [core] wrong escaping when using double quotes
  - sf#1817612 [cookies] Wrong cookie path on IIS with PHP-CGI,
    thanks to Carsten Wiedmann
  - sf#1848889 [export] export trigger should use
  - sf#1851833 [display] Sorting forgets an explicit LIMIT
    (fix for sorting on column headers)
  - sf#1764182 [cookies] Suhosin cookie encryption breaks phpMyAdmin
  - sf#1798786 [import] Wrong error when a string contains semicolon
  - sf#1813508 [login] Missing parameter: field after re-login
  - sf#1710144 [parser] Space after COUNT breaks Export but not Query
  - sf#1783620 [parser] Subquery results without "as" are ignored
  - sf#1821264 [display] MaxTableList and INFORMATION_SCHEMA
  - sf#1859460 [display] Operations and many databases
  - sf#1814679 [display] Database selection pagination when
    switching servers
  - sf#1861717 [export] CSV Escape character not exported right,
    thanks to nicolasdigraf
  - sf#1864468 [display] Theme does not switch to darkblue_orange
  - sf#1847409 [security] Path disclosure on
    thanks to Jürgen Wind - windkiel
* Wed Aug 22 2007
  - 2.11.0-rc1 -> 2.11.0 final
  - mod_php_any is enough to get a webserver do not explicitly require apache2
  - update phpmyadmin.conf adding the session save path to open_basedir as well
    ensuring some additional and possible conflicting php settings are set the way we want
* Mon Aug 06 2007
  - updated to version 2.11.0-rc1
* Mon Jul 30 2007
  - updated to version 2.11.0-beta1
    + [import] support handling of DELIMITER to mimic mysql CLI, thanks to fb1
    + improved PHP 6 compatibility
    - sf#1674914 [structure] changing definition of a TIMESTAMP field
    - sf#1615530 [upload] added more specific error message if field upload fails
    - sf#1627210, #1083301, #1482401 [data] warning on duplicate indexes
    - sf#1668724 JavaScript focus login Opera
    - sf#1666657 [auth] Cookie password delete on timeout / inactivity
    - sf#1648802 different mysql library and server version
    - sf#1662976 [auth] Authentication fails when controluser/pass is set
    - sf#1643758 [import] Error #1264 importing NULL values in MySQL 5.0
    - sf#1523747 [innodb] make warning about row count more visible
    - sf#1676012 [auth] strip non-US-ASCII characters (RFC2616)
    - sf#1679440 Added FAQ entry about header errors under IIS caused by
    an end-of-line character
    - [gui] avoid displaying a wide selector in server selection
    - sf#1614004 [relation] foreign key spanning multiple columns are
    incorrectly displayed
    - sf#1681598 [interface] Edit next row
    - sf#1688053 [export] Wrong export of binary character fields
    - sf#1498281 [parser] Wrong primary key used for displaying results
    with subquery
    - sf#1699772 Visual space bug in table name (in browser)
    - sf#1699532 Cause of data manipulation issues: implemented changes
    as suggested by crisp_; still have to work on updating an ENUM value
    + [doc] changed all documentation in to phpDocumentor style
    + [data] support for CREATE VIEW from query results
    + [gui] dropped css/ folder and moved into root of PMA
    + [l10n] new: Sinhala, Macedonian
    + [export] YAML export (see, thanks to Bryce Thornton
    + [server] improved display of binary logs
    + [data] better error handling in tbl_create.php
    + [routines] from Patch #1649881, thanks to Mike Beck
    + [querywindow] store sql history in session
    + [querywindow] sql history now without db too
    + [querywindow] tweaks in sql history view
    + [export] Native Excel (Spreadsheet_Excel_Writer) improvements,
    thanks to Christian Schmidt
    + [doc] requirement of mcrypt on 64-bit, thanks to Isaac Bennetch
    + RFE #1435922 [gui] navigation frame shows listing of databases when none selected
    + [data] support BIT datatype (under mysqli), thanks to Christian Schmidt
    + [display] automatic confirmation for sort by key, thanks to Juergen Wind
    + [data] can now choose the number of insert rows
    + RFE #1704779 [gui] link documentation from login page
    + [structure] TRIGGERS: display/edit/drop/SQL export
    + [browse] store browse state in session per query
    + [gui] Insert/Edit: no longer display the Go button each 15 lines
    but just at the end of a row
    + [gui] Query window: use verbose server name if any
    + [auth] sf#1712514 specify host for single signon, thanks to Thierry
    + [gui] Navigator for the db list in the navigation panel
    + [gui] Navigator for the table list in the content panel
    - sf#1727138 HTML not encoded (more than 1000 characters)
    + [display] Support for MySQL 5.0.37 profiling
    + RFE #1743983 [gui] Replace $max_characters by a configurable param:
    - sf#1746186 LeftLogoLink fails if set to some external site
    . [transformations]: remove "auto-detect" MIME-type that was never implemented
    + [display] sf#1749705, Allow multibyte characters in number formatting,
    thanks to garas
    - sf#1747215 Export emits blanks at line ends
    - sf#1751172 Do not export data when exporting a single VIEW
    + [privileges] Support password hashing on the Edit Privileges interface
    - sf#1755339 Warn about rename dataase actually being copy/delete
    - sf#1746921 Left frame shrinks on db change, thanks to Juergen Wind
    + [gui] Export: Select All/Unselect All over the choices,
    thanks to Florian Schmitz
* Wed Jul 25 2007
  - updated to version 2.10.3
    - sf#1734285 Copy database with VIEWs
    - sf#1722502 DROP TABLE in export VIEW
    - sf#1729027 Sorting results of VIEW browsing
    - sf#1733012 Unwanted table alias in delete button
    - sf#1736405 Pretty printer and HTML line breaks
    - sf#1745257 Invalid DB name is still displayed
    - sf#1730367 Calendar "Go" has no effect
    - sf#1748633 Incorrect parameter validation for VIEWs
    + [lang] Russian revision, thanks to Victor Volkov and the users
    - Do not try to delete an internal relation if we just deleted
    an InnoDB one
* Tue Jun 19 2007
  - updated to version 2.10.2
    + [data] display all warnings, not only last one
    - typo in fix for sf#1671813
    - sf#1714908 Inserted Row Count is wrong
    - sf#1712570 Deleting last record freezes
    - sf#1717339 Missing header when deleting a checked column,
    thanks to Michael Keck
    - sf#1717477 Warning on Query page when db is empty
    - sf#1721002 db rename -> undefined cfgRelation,
    thanks to Jürgen Wind
    - sf#1721571 CREATE database privilege not always detected,
    thanks to Gordon McNaughton
    - sf#1715709 export in SQL format always includes procedures
    and functions
    - sf#1722502 DROP TABLE in export view structure
    - sf#1718787 Multi-server setup breaks Designer
    - sf#1724401 Column truncation in repair table output
    - sf#1726500 Wrong position of , thanks to Jürgen Wind
    - sf#1728590 Detected failing session_start fails,
    thanks to Jürgen Wind
    - RFE #1714760 Obey ShowCreateDb on the Databases tab
    - sf#1733762 Typo in message "INSERT DELAY",
    thanks to Victor Volkov
    - sf#1730171 Dead message strLanguageFileNotFound,
    thanks to Victor Volkov
    - sf#1731280 Avoid negative exponent in gmp_pow(),
    thanks to anosek
* Tue Jun 12 2007
  - updated to version 2.10.2-rc1
    + [data] display all warnings, not only last one
    - typo in fix for sf#1671813
    - sf#1714908 Inserted Row Count is wrong
    - sf#1712570 Deleting last record freezes
    - sf#1717339 Missing header when deleting a checked column,
    thanks to Michael Keck
    - sf#1717477 Warning on Query page when db is empty
    - sf#1721002 db rename -> undefined cfgRelation, thanks to Jürgen Wind
    - sf#1721571 CREATE database privilege not always detected,
    thanks to Gordon McNaughton
    - sf#1715709 export in SQL format always includes procedures and functions
    - sf#1722502 DROP TABLE in export view structure
    - sf#1718787 Multi-server setup breaks Designer
    - sf#1724401 Column truncation in repair table output
    - sf#1726500 Wrong position of </tbody>, thanks to Jürgen Wind
    - sf#1728590 Detected failing session_start fails, thanks to Jürgen Wind
    - RFE #1714760 Obey ShowCreateDb on the Databases tab
* Tue Jun 05 2007
  - fixed warning: gmp_pow(): Negative exponent not supported in
    common.lib.php [#271746] (gmp_pow.patch)
* Tue Apr 24 2007
  - updated to version 2.10.1
    * bugfix release
* Tue Mar 06 2007
  - updated to version
    * default value for $cfg['Servers'][$i]['ssl'] changed to false
    * fixes PHP Executor Deep Recursion Stack Overflow [#251757]
* Wed Feb 28 2007
  - updated to version 2.10.0
    * Designer: new graphical relation manager
    * Improved speed on servers with thousands of databases/tables
    * Vertical field editor (optional)
    * Option to avoid counting rows for views
    * Calendar on search page
    * DOS-style end-of-lines in setup-generated files
* Wed Jan 17 2007
  - updated to version 2.9.2
    * improved support for web clusters
    * deleting a user under MySQL 4.1.x
    * DELIMITER in export no longer commented out
    * export of query results and procedure definitions
    * detection of a binary column
    * problem on 64-bit systems
    * granting all privileges on a wildcard name
    * verification on encrypted zip files
    * security fixes
* Sat Dec 02 2006
  - fix previous update which wrongly moved the
    file to the libraries subdirectory [#223721]
* Thu Nov 23 2006
  - security update to version [#222594] [#222622]
* Wed Nov 08 2006
  - added suggestions from [#216213]
    * phpMyAdmin now uses mysqli extension not mysql (mysqli.patch)
    * added Required: php5-mbstring
    * phpMyAdmin now uses open_basedir for increased security
* Tue Oct 17 2006
  - updated to
    * Improved readability of setup panels
    * PDF schema: automatic layout for InnoDB
    * Font size selector on main page
    * Export: support for procedures and functions
    * Can hide "Create Database" dialog
    * Customizable link under left logo
    * Export: "Open Document Text", "Open Document spreadsheet" formats
    * Export: new plugin architecture
    * User management: can create a db with the same name as created user
    * Use IEC binary units (KiB, MiB, ...)
    * Import: SQL compatibility selector
    * Possibility of using external authentication and use an empty MySQL password
    * Display MySQL warnings
    * Links to language-specific MySQL doc whenever possible
    * Security fixes
* Thu Sep 21 2006
  - updated to 2.9.0
    * Improved readability of setup panels
    * PDF schema: automatic layout for InnoDB
    * Font size selector on main page
    * Export: support for procedures and functions
    * Can hide "Create Database" dialog
    * Customizable link under left logo
    * Export: "Open Document Text", "Open Document spreadsheet"
    * Export: new plugin architecture
    * User management: can create a db with the same name as created
    * Use IEC binary units (KiB, MiB, ...)
    * Import: SQL compatibility selector
    * Possibility of using external authentication and use an empty
    MySQL password
    * Display MySQL warnings
    * Links to language-specific MySQL doc whenever possible
* Wed Aug 23 2006
  - updated to
    * fixed cookie login on IIS with IE6
    * fixed switching from scripts/setup.php to the main script
    in case of register_globals enabled
* Tue Aug 15 2006
  - update to
    * fixed config not loaded on install (MySQL error code 2002
    or 2003)
* Thu Aug 03 2006
  - update to
    * XSS vulnerability from requests not containing a token
    * reenabled XML option in Export
    * added a user with password containing a backslash
    * setup script: compatibility with security tokens
    * setup script: detection of writable config
    * reading the database list with MySQL wildcards
* Thu Jun 01 2006
  - updated to 2.8.1 (bugfix-only release) [#177091]
    * fixes some XSS vulnerabilities
  - removed obsoleted patches (2006-1804.patch, 2006-2031.patch)
* Tue May 02 2006
  - fixed XSS in error messages
    [#170529] (CVE-2006-2031.patch)
* Thu Apr 20 2006
  - fixed XSS in sql.php (and other scripts): add a secret token to
    each link and form to prevent linking to sql.php from outside
    [#165772] (CVE-2006-1804)
* Thu Apr 13 2006
  - updated to
    * fixes some XSS vulnerabilities
    * improves php-5.1.2 compatibility
  - moved $cfg['blowfish_secret'] to separate file, so that
    isn't edited during install
* Wed Jan 25 2006
  - converted neededforbuild to BuildRequires
* Tue Jan 17 2006
  - added php-session to Requires [#137368]
* Thu Jan 05 2006
  - update to version 2.7.0-pl2 (security fixes)
    [#136015, 137368, 137797]
  - removed all patches
* Tue Nov 22 2005
  - fixed XSS on HTTP_HOST (HTTP_HOST.patch) [#133818]
* Mon Nov 21 2005
  - update to version 2.6.4-pl4
    * fixes PMASA-2005-6 [#133818] (PMASA-2005-6.patch)
  - removed obsoleted patches: CVE-2005-2869.patch, PMASA-2005-4_and_5.patch,
* Mon Nov 14 2005
  - fixed CVE-2005-2869 (XSS on the cookie-based login panel)
    [#130226] (CVE-2005-2869.patch)
* Tue Nov 01 2005
  - fixed PMASA-2005-4 and PMASA-2005-5 [#130226] (PMASA-2005-4_and_5.patch)
* Tue Aug 23 2005
  - disabled auto-switch the lang to its UTF-8 version when Lang is set
* Thu Jul 28 2005
  - update to 2.6.3-pl1
* Mon Jun 06 2005
  - update to 2.6.2-pl1
* Tue Mar 08 2005
  - generate shorter key to make it work with mcrypt, see
* Fri Mar 04 2005
  - update to pl3, it includes previous fix and fixes editing fields with special names (sf#70864)
* Thu Mar 03 2005
  - fix bad setting of privileges (sf#67276)
* Tue Mar 01 2005
  - depend on mod_php_any
* Thu Feb 24 2005
  - update to 2.6.1-p2 to fix several vulnerabilities (sf#66264)
* Wed Feb 09 2005
  - depend on unversioned php modules, to allow both php4 and php5 installation
* Mon Jan 24 2005
  - update to 2.6.1
  - require php4-mcrypt for faster cookie encryption
* Wed Oct 13 2004
  - update to 2.6.0-pl2 (sf#47160)
  - require php4-iconv as it seems to be on all arches now (sf#36642)
* Tue Oct 05 2004
  - drop php4-recode dependency (sf#46817)
* Mon Sep 06 2004
  - update to 2.6.0-rc2
* Fri Sep 03 2004
  - update to 2.6.0-rc1
  - use pwgen for secret generating
  - don't ship scripts, as they're not needed for most users
* Tue Apr 27 2004
  - build using apache2
* Wed Mar 31 2004
  - require php4-recode for charset conversion (better solution for bugs
    [#36642] and #36560)
* Mon Mar 22 2004
  - dropped php-4iconv dependency at all (sf#36642)
* Fri Mar 19 2004
  - do not require php4-iconv on achitectures where it isn't built (sf#36560)
* Mon Mar 08 2004
  - require all needed php modules
* Mon Mar 01 2004
  - update to 2.5.6
* Mon Jan 05 2004
  - updated to 2.5.5-pl1
* Mon Oct 20 2003
  - updated to 2.5.4
* Thu Oct 16 2003
  - do not build as root
  - little spec file cleanup
* Tue Sep 09 2003
  - automatically generate blowfish_secret on rpm installation
  - mark config file as %%config(noreplace) (this in conjuction with
    previous means that it will be never replaced on upgrade, this is
    okay as phpMyAdmin supports loading of old config files)
* Mon Sep 08 2003
  - updated to 2.5.3:
    - many bugs fixed
    - messages about missing variables were displayed wrongly
    - more export bugs
    - confirmation of some dangerous SQL (TRUNCATE,DROP DATABASE)
    - new nice icons for actions
* Thu Sep 04 2003
  - include documentation stylesheet
* Fri Aug 29 2003
  - depend on mod_php rather that http_daemon as this needs php
* Thu Aug 28 2003
  - include stylesheets
* Thu Aug 07 2003
  - updated to 2.5.2-pl1
* Mon Mar 24 2003
  - removed mysql from Requires, becouse can access to MySQL remotely [#25797]
* Mon Feb 24 2003
  - updated to verison 2.4.0
    * new server/user management interface with sub-pages
    * export to LaTeX format
    * display UPDATE SQL statement after a row edit
    * (experimental) support for compressed connections to the MySQL server
    * upload of binary file into a field
    * show blob size
    * a lot of fixes
* Wed Jan 29 2003
  - updated to version 2.3.3pl1
    * upload of compressed dumps
    * inform the user who does not have privileges to create a db
    * new internal analyzer for db, table, column and alias
    * a lot of fixes
* Mon Aug 12 2002
  - update to release 2.3.0
* Fri Aug 02 2002
  - adapt server-root
* Thu Aug 01 2002
  - fixed required perl path
* Wed Jul 31 2002
  - update to version 2.3.0-rc4
    * can specify a different charset for MySQL and HTML
    * utf-8 charset support
    * full database search
    * XML export
    * faster table delete under MySQL 4
    * new language: slovenian
    * fixes
* Mon Jul 01 2002
  - fixed directory permissions
* Thu Jan 10 2002
  - update to version 2.2.3
* Tue Sep 04 2001
  - update to version 2.2.0 final
    - dynamic multiple language support, with automatic detection
    - database usage statistics
    - table maintenance features (repair, check, optimize)
  - made package noarch
* Thu Aug 02 2001
  - update to version 2.2.0rc3
* Mon Jun 18 2001
  - initial package release (version 2.1.0)



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Oct 9 14:53:45 2021