19 Mar
2020
19 Mar
'20
2:52 p.m.
Hello,
The phpMyAdmin team is announcing that we are preparing a security fix which we plan to release Friday, tomorrow, approximately 30 hours from now.
The attack vector requires that the attacker be authenticated through a valid MySQL/MariaDB account. Both the 4.9 and 5.0 branches will be updated.
This announcement is part of our ongoing effort to announce security releases in advance, when available, and should not be interpreted as any commentary on the details of any specific vulnerability.
If you have questions or concerns, you can reach me directly or contact the security team at security@phpmyadmin.net.
Isaac for the phpMyAdmin team