phpMyAdmin 4.9.4 and 5.0.1 are released
The phpMyAdmin team announces the release of versions 4.9.4 and 5.0.1.
As a reminder, version 4.x is in the LTS phase, where only security fixes and
critical bug fixes are made. Users are suggested to migrate to version 5.
These releases address two issues, a problem with two-factor authentication
that was introduced with the last releases, and a fix for an SQL injection
vulnerability that was reported by CSW Research Labs
https://twitter.com/cswcyberworks. This vulnerability is assigned
PMASA-2020-1 and requires that the attacker have logged in through a valid
MySQL account.
Known issue: the reported current release version may display incorrectly on
the main page (for instance, "Version information: 5.0.1, latest stable
version: 4.9.4"). This is expected to be fixed in the next routine bug fix
release.
Downloads are available at phpmyadmin.net.
Happy new year, the phpMyAdmin team
2020-01-08
