[phpMyAdmin Developers] Security fix: phpMyAdmin 4.7.8 is released

Isaac Bennetch bennetch at gmail.com
Tue Feb 20 17:45:58 CET 2018


Welcome to phpMyAdmin 4.7.8, a security release also containing regular
maintenance bug fixes.

The security fix relates to a self-XSS vulnerability in the central
columns feature
that is reported as PMASA-2018-1
<https://www.phpmyadmin.net/security/PMASA-2018-1/draft/>. Thanks to
Mayur Udiniya <https://www.linkedin.com/in/mayur-udiniya-09247b129/> for
finding and responsibly disclosing this flaw.

We recommend all users upgrade to resolve this security problem.

A complete list of new features and bugs that have been fixed is
available in the ChangeLog file or
changelog.php included with this release.

Notable changes since 4.7.7:

* Fixed error handling with PHP 7.2
* Fixed resetting default setting values
* Fixed fallback value for collation connection

Additionally, there have been continuous improvements to many of the
translations.
If you don't see your language or find a problem, you can contribute
too; see
<https://www.phpmyadmin.net/translate/> for details.

As always, downloads will soon be available at https://www.phpmyadmin.net

Thanks to our sponsors for helping to make this work possible!

The phpMyAdmin Team

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 874 bytes
Desc: OpenPGP digital signature
URL: <https://lists.phpmyadmin.net/pipermail/developers/attachments/20180220/14da3432/attachment.sig>


More information about the Developers mailing list