We are sorry to report that the release of 2.6.1-pl1 introduced an
instability, producing various problems. This has been fixed, and here
Marc Delisle, for the team
Patch level 1 of phpMyAdmin 2.6.1 fixes some security problems,
along with a few other bugs.
A more formal security alert will be posted when ready.
Meanwhile, the phpMyAdmin development team strongly advises an
upgrade to phpMyAdmin 2.6.1-pl1, and to also apply the following
security measures on your PHP installation (if feasible) by modifying
your php.ini configuration file (or virtual host settings):
- set register_globals to Off
- set display_errors to Off
- set log_errors to On
- define the path to your error log with the error_log directive
Both settings are recommended in the PHP documentation on a server
running in production. For example:
However, we suggest you review the impact of those changes before
Meanwhile, work continues on the development version 2.6.2.
Marc Delisle, for the team.