[Phpmyadmin-news] phpMyAdmin 2.6.1-pl1 is released
Marc Delisle
DelislMa at CollegeSherbrooke.qc.ca
Thu Feb 24 08:09:47 CET 2005
Hi,
Patch level 1 of phpMyAdmin 2.6.1 fixes some security problems,
along with a few other bugs.
A more formal security alert will be posted when ready.
Meanwhile, the phpMyAdmin development team strongly advises an
upgrade to phpMyAdmin 2.6.1-pl1, and to also apply the following
security measures on your PHP installation (if feasible) by modifying
your php.ini configuration file (or virtual host settings):
- set register_globals to Off
- set display_errors to Off
- set log_errors to On
- define the path to your error log with the error_log directive
Both settings are recommended in the PHP documentation on a server
running in production. For example:
http://www.php.net/manual/en/security.errors.php
However, we suggest you review the impact of those changes before
applying them.
Meanwhile, work continues on the development version 2.6.2.
Marc Delisle, for the team.
More information about the News
mailing list