[Phpmyadmin-devel] phpMyAdmin 2.6.1-pl1 is released

Marc Delisle DelislMa at CollegeSherbrooke.qc.ca
Wed Feb 23 18:20:30 CET 2005


Hi,
Patch level 1 of phpMyAdmin 2.6.1 fixes some security problems,
along with a few other bugs.
A more formal security alert will be posted when ready.

Meanwhile, the phpMyAdmin development team strongly advises an
upgrade to phpMyAdmin 2.6.1-pl1, and to also apply the following 
security measures on your PHP installation (if feasible) by modifying 
your php.ini configuration file (or virtual host settings):

- set register_globals to Off
- set display_errors to Off
- set log_errors to On
- define the path to your error log with the error_log directive

Both settings are recommended in the PHP documentation on a server
running in production. For example:
http://www.php.net/manual/en/security.errors.php
However, we suggest you review the impact of those changes before
applying them.

Meanwhile, work continues on the development version 2.6.2.

Marc Delisle, for the team.




More information about the Developers mailing list