25 Jan
2019
25 Jan
'19
3:22 p.m.
The phpMyAdmin project is announcing an upcoming security release. Two security flaws will be included in the 4.8.5 release and we recommend that all users update their installations. One attack requires setting a configuration directive, which is off by default. The other requires an attacker to have access to the MySQL server. We will post more details at the time of the release.
Due to the scheduled release cycle where 4.8.5 was due for release this week, this security release will occur later today. We regret that we haven't provided more advanced notice in this case.
This email is part of an experimental policy where we publish advance notifications of upcoming security releases.
Thank you, Isaac for the phpMyAdmin team