[phpMyAdmin Developers] phpMyAdmin 4.9.1 is released

Isaac Bennetch bennetch at gmail.com
Sat Sep 21 06:07:52 CEST 2019


Welcome to phpMyAdmin 4.9.1, a bugfix release.

This is a regularly-schedule bugfix release that also includes some
security hardening measures.

We wish to point out that this also includes a routine fix for an issue
that has been reported as CVE-2019-12922. The fix for this has been in
our release queue to be part of this release, however it is the opinion
of the team that the reported attack vector did not justify a separate
release.

This release includes fixes for many bugs, including:

- Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 and newer
- Compatibility issues with PHP 8
- Export of GIS visualization
- Enhanced descriptions for several collation types
- Creating a user with a single quote in the password string
- Unexpected quotes during import and export on text fields
- Improvements to adding new tables to Designer
- Fix an issue where an authenticated user could trigger heavy traffic
between the database server and web server
- Fix a weakness where an attacker, under certain conditions, working at
the same time as an administrator is using the setup script, could
delete a server from the setup script

There are many, many more bug fixes thanks to the efforts of our
developers, Google Summer of Code applicants, and other contributors.

The phpMyAdmin team

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.phpmyadmin.net/pipermail/developers/attachments/20190921/6a115cca/attachment.sig>


More information about the Developers mailing list