[phpMyAdmin Developers] phpMyAdmin 4.9.4 and 5.0.1 are released

Isaac Bennetch bennetch at gmail.com
Wed Jan 8 03:43:19 CET 2020


The phpMyAdmin team announces the release of versions 4.9.4 and 5.0.1.

As a reminder, version 4.x is in the LTS phase, where only security
fixes and critical bug fixes are made. Users are suggested to migrate to
version 5.

These releases address two issues, a problem with two-factor
authentication that was introduced with the last releases, and a fix for
an SQL injection vulnerability that was reported by CSW Research Labs
<https://twitter.com/cswcyberworks>. This vulnerability is assigned
PMASA-2020-1 and requires that the attacker have logged in through a
valid MySQL account.

Known issue: the reported current release version may display
incorrectly on the main page (for instance, "Version information: 5.0.1,
latest stable version: 4.9.4"). This is expected to be fixed in the next
routine bug fix release.

Downloads are available at phpmyadmin.net.

Happy new year,
the phpMyAdmin team

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.phpmyadmin.net/pipermail/developers/attachments/20200107/4ab20d8e/attachment.sig>


More information about the Developers mailing list