phpMyAdmin 4.9.5
Milestone information
- Project:
- phpMyAdmin
- Series:
- 4.9
- Version:
- 4.9.5
- Released:
- Registrant:
- William Desportes
- Release registered:
- Active:
- No. Drivers cannot target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- No users assigned to blueprints and bugs.
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- No bugs are targeted to this milestone.
Download files for this release
Release notes
Hello,
The phpMyAdmin team announces the release of both 4.9.5 and 5.0.2.
Both versions contain several security fixes:
PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password
PMASA-2020-3 SQL injection vulnerability relating to the search feature
PMASA-2020-4 SQL injection and XSS having to do with displaying results
Removing of the "options" field for the external transformation.
We are removing the ability for users to set "options" field for the external transformation. This must now be hard coded in the plugin file directly (where the program is configured). This feature allows users to pipe output directly to an executable file, however the options field presented a security risk and we have decided to move the options to be hard coded in the transformation plugin file. For further assistance, please reach out to our support team through email or Github pull request.
Version 5.0.3 also contains many bug fixes:
Fix for copying a user account
Removed SET AUTOCOMMIT=0 from SQL export
Fix for the display of table borders
Fix for ENUM radio button user interface problems
Improved the prompt for abandoning changes when no changes were made in the SQL window
Fix for inserting a primary key with "insert as new row"
Fix incorrect suggested latest available version to version 5
There are many other bugs fixes, please see the ChangeLog file included with this release for full details.
Known shortcomings:
Due to changes in the MySQL authentication method, PHP versions prior to 7.4 are unable to authenticate to a MySQL 8.0 or newer server (our tests show the problem actually began with MySQL 8.0.11). This relates to a PHP bug https:/
As a reminder, phpMyAdmin 4.9 is in the long-term support phase where it will only get important security fixes and critical bug fixes. Users are suggested to migrate to version 5.0.
Downloads are available now at https:/
For the phpMyAdmin team, Isaac
Changelog
0 blueprints and 0 bugs targeted
There are no feature specifications or bug tasks targeted to this milestone. The project's maintainer, driver, or bug supervisor can target specifications and bug tasks to this milestone to track the things that are expected to be completed for the release.