[packages/phpMyAdmin] Up to 5.2.3 (fixes tons of CVEs)
arekm
arekm at pld-linux.org
Sat Mar 14 13:00:09 CET 2026
commit a9c14226c273eaa21dd3dac6f78df8ac3cd0c882
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Sat Mar 14 13:00:01 2026 +0100
Up to 5.2.3 (fixes tons of CVEs)
phpMyAdmin-ServerSelectDisplayName-config.patch | 36 +++++++++++------------
phpMyAdmin-ServerSelectDisplayName.patch | 12 ++++----
phpMyAdmin-config.patch | 11 +++----
phpMyAdmin.spec | 38 +++++++++++++------------
4 files changed, 51 insertions(+), 46 deletions(-)
---
diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec
index e77241e..65e6cc2 100644
--- a/phpMyAdmin.spec
+++ b/phpMyAdmin.spec
@@ -1,41 +1,44 @@
-# TODO
-# - add codepress (http://codepress.org/index.php) patch
-# - use system jquery (js/jquery), tcpdf (libraries/tcpdf) and php-gettext (libraries/gettext)
Summary: phpMyAdmin - web-based MySQL administration
Summary(pl.UTF-8): phpMyAdmin - administracja bazami MySQL przez WWW
Name: phpMyAdmin
-Version: 4.8.5
+Version: 5.2.3
Release: 1
-License: GPL v2
+License: GPL v2+
Group: Applications/Databases/Interfaces
Source0: https://files.phpmyadmin.net/phpMyAdmin/%{version}/%{name}-%{version}-all-languages.tar.xz
-# Source0-md5: e3737a28fff076003e56a83fe1920d04
+# Source0-md5: 2e8251b59b87636701afbb9381f2bcba
Source1: apache.conf
Source2: %{name}-lighttpd.conf
Patch0: %{name}-config.patch
Patch1: %{name}-ServerSelectDisplayName.patch
Patch2: %{name}-ServerSelectDisplayName-config.patch
-URL: http://www.phpmyadmin.net/
+URL: https://www.phpmyadmin.net/
BuildRequires: rpmbuild(macros) >= 1.268
BuildRequires: tar >= 1:1.22
BuildRequires: xz
-# phpMyAdmin doesn't support mysql < 5.5 and won't work with php < 5.3
+# phpMyAdmin 5.x requires MySQL/MariaDB >= 5.5 and PHP >= 7.2
Requires: mysql-libs >= 5.5
-Requires: php(core) >= 5.3
+Requires: php(core) >= 7.2
Requires: php(ctype)
Requires: php(filter)
+Requires: php(iconv)
Requires: php(json)
Requires: php(mbstring)
-Requires: php(mcrypt)
-Requires: php(mysql)
+Requires: php(mysqli)
+Requires: php(openssl)
Requires: php(pcre)
Requires: php(session)
Requires: php(simplexml)
+Requires: php(xml)
Requires: webapps
Requires: webserver(access)
Requires: webserver(alias)
-Requires(triggerpostun): sed >= 4.0
-Suggests: php(mysqli)
+Suggests: php(bz2)
+Suggests: php(curl)
+Suggests: php(gd)
+Suggests: php(intl)
+Suggests: php(zip)
+Suggests: php(zlib)
Suggests: webserver(indexfile)
Suggests: webserver(php)
BuildArch: noarch
@@ -87,12 +90,12 @@ podręcznika MySQL). Aktualnie phpMyAdmin potrafi:
%setup -q -n %{name}-%{version}-all-languages
%patch -P0 -p1
%patch -P1 -p1
-%patch -P2 -p0
+%patch -P2 -p1
# cleanup backups after patching
find '(' -name '*~' -o -name '*.orig' ')' -print0 | xargs -0 -r -l512 rm -f
-%{__rm} .editorconfig .eslintignore .eslintrc.json composer.json composer.lock package.json phpcs.xml.dist yarn.lock
+%{__rm} babel.config.json .rtlcssrc.json composer.json composer.lock package.json yarn.lock
%install
rm -rf $RPM_BUILD_ROOT
@@ -108,7 +111,7 @@ cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/apache.conf
cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/lighttpd.conf
# packaged as doc
-%{__rm} $RPM_BUILD_ROOT%{_appdir}/{CONTRIBUTING.md,ChangeLog,DCO,LICENSE,README,RELEASE-DATE-*,CODE_OF_CONDUCT.md}
+%{__rm} $RPM_BUILD_ROOT%{_appdir}/{CONTRIBUTING.md,ChangeLog,LICENSE,README,RELEASE-DATE-*}
# cleanup not packaged stuff
%{__rm} -r $RPM_BUILD_ROOT%{_appdir}/{doc,examples,setup,sql}
@@ -135,14 +138,13 @@ rm -rf $RPM_BUILD_ROOT
%files
%defattr(644,root,root,755)
-%doc CONTRIBUTING.md ChangeLog DCO LICENSE README examples/
+%doc CONTRIBUTING.md ChangeLog LICENSE README examples/
%dir %attr(750,root,http) %{_sysconfdir}
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/apache.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lighttpd.conf
%attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/*.php
%dir %{_appdir}
-%{_appdir}/*.css
%{_appdir}/*.php
%{_appdir}/favicon.ico
%{_appdir}/js
diff --git a/phpMyAdmin-ServerSelectDisplayName-config.patch b/phpMyAdmin-ServerSelectDisplayName-config.patch
index 983954a..32a22ca 100644
--- a/phpMyAdmin-ServerSelectDisplayName-config.patch
+++ b/phpMyAdmin-ServerSelectDisplayName-config.patch
@@ -1,18 +1,18 @@
-*** libraries/config.default.php.orig Tue Aug 19 00:56:44 2008
---- libraries/config.default.php Tue Aug 19 00:56:08 2008
-***************
-*** 80,85 ****
---- 80,92 ----
- $i = 1;
-
- /**
-+ * Display name
-+ *
-+ * @global string $cfg['Servers'][$i]['display']
-+ */
-+ $cfg['Servers'][$i]['display'] = 'localhost';
-+
-+ /**
- * MySQL hostname or IP address
- *
- * @global string $cfg['Servers'][$i]['host']
+Add 'display' configuration option for server selection label.
+
+--- phpMyAdmin-5.2.3-all-languages/libraries/config.default.php.orig 2025-10-07 22:40:00.000000000 +0200
++++ phpMyAdmin-5.2.3-all-languages/libraries/config.default.php 2025-10-07 22:40:00.000000000 +0200
+@@ -125,6 +125,13 @@
+ $i = 1;
+
+ /**
++ * Display name
++ *
++ * @global string $cfg['Servers'][$i]['display']
++ */
++$cfg['Servers'][$i]['display'] = 'localhost';
++
++/**
+ * MySQL hostname or IP address
+ *
+ * @global string $cfg['Servers'][$i]['host']
diff --git a/phpMyAdmin-ServerSelectDisplayName.patch b/phpMyAdmin-ServerSelectDisplayName.patch
index 0710317..e43a4d7 100644
--- a/phpMyAdmin-ServerSelectDisplayName.patch
+++ b/phpMyAdmin-ServerSelectDisplayName.patch
@@ -1,11 +1,13 @@
---- phpMyAdmin-4.8.2-all-languages/libraries/classes/Server/Select.php~ 2018-06-21 20:08:17.000000000 +0300
-+++ phpMyAdmin-4.8.2-all-languages/libraries/classes/Server/Select.php 2018-08-13 12:00:56.105426801 +0300
-@@ -72,7 +72,7 @@
- if (!empty($server['verbose'])) {
+Support 'display' config option as fallback server label in server selection.
+
+--- phpMyAdmin-5.2.3-all-languages/libraries/classes/Server/Select.php.orig 2025-10-07 22:40:00.000000000 +0200
++++ phpMyAdmin-5.2.3-all-languages/libraries/classes/Server/Select.php 2025-10-07 22:40:00.000000000 +0200
+@@ -59,7 +59,7 @@
+ if (! empty($server['verbose'])) {
$label = $server['verbose'];
} else {
- $label = $server['host'];
+ $label = isset($server['display']) ? $server['display'] : $server['host'];
- if (!empty($server['port'])) {
+ if (! empty($server['port'])) {
$label .= ':' . $server['port'];
}
diff --git a/phpMyAdmin-config.patch b/phpMyAdmin-config.patch
index 110be5a..8c75f47 100644
--- a/phpMyAdmin-config.patch
+++ b/phpMyAdmin-config.patch
@@ -1,12 +1,13 @@
-diff -burNp phpMyAdmin-3.1.0-all-languages/libraries/config.default.php phpMyAdmin-3.1.0-all-languages-new/libraries/config.default.php
---- phpMyAdmin-3.1.0-all-languages/libraries/config.default.php 2008-11-28 14:21:00.000000000 +0100
-+++ phpMyAdmin-3.1.0-all-languages-new/libraries/config.default.php 2008-12-02 10:31:40.200149063 +0100
-@@ -180,7 +180,7 @@ $cfg['Servers'][$i]['auth_swekey_config'
+Change default MySQL user from root to mysql for PLD Linux.
+
+--- phpMyAdmin-5.2.3-all-languages/libraries/config.default.php.orig 2025-10-07 22:40:00.000000000 +0200
++++ phpMyAdmin-5.2.3-all-languages/libraries/config.default.php 2025-10-07 22:40:00.000000000 +0200
+@@ -261,7 +261,7 @@
*
* @global string $cfg['Servers'][$i]['user']
*/
-$cfg['Servers'][$i]['user'] = 'root';
+$cfg['Servers'][$i]['user'] = 'mysql';
-
+
/**
* MySQL password (only needed with 'config' auth_type)
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/phpMyAdmin.git/commitdiff/a9c14226c273eaa21dd3dac6f78df8ac3cd0c882
More information about the pld-cvs-commit
mailing list