Changelog: The phpMyAdmin team announces the release of versions 4.9.10 and 5.1.3.
These versions primarily address a regression that caused the navigation pane to not function correctly when multiple pages of tables were shown.
Version 5.1.3 includes a security hardening improvement. The issue, reported by Rafael Pedrero, could allow users to cause an error that would reveal the path on disk where phpMyAdmin is running from. We believe this requires the server to be running with display_errors on, which is not the recommended setting for a production environment.
Version 5.1.3 includes a few other minor bug fixes and is recommended for all users.
Note that version 4.9 is in extended security support only. Version 5.2.0 is in final testing and is expected to replace the 5.1 branch in the coming week or weeks, with no changes to required versions of PHP or database server.
For the phpMyAdmin team, Isaac
Sponsored by: Netzkommune GmbH
Welcome to phpMyAdmin 4.9.3, a routine bugfix release. This release is occurring simultaneously with the release of phpMyAdmin 5.0.0, which is our recommended version except for users with older PHP installations.
This is planned as the final bugfix release of phpMyAdmin version 4. Version 4 works with PHP versions 5.5 through (at least) 7.4, and MySQL versions 5.5 and newer (and the corresponding MariaDB versions). Version 5 will require PHP 7.1 or newer, but we plan to maintain security fixes for version 4 as part of our LTS program. For end of life details and supported versions, please see the "Supported versions" grid at https://www.phpmyadmin.net/downloads/.
This release includes fixes for many bugs, including:
- Several PHP notices and warnings including "Undefined index table_create_time," a notice about error_reporting() being disabled for security reasons, and several Undefined Index errors.
- Support CloudFront-Forwarded-Proto header for Amazon CloudFront proxy
- Early compatibility with development versions of PHP 8
- Fix replication actions (start, stop, etc)
There are many, many more bug fixes thanks to the efforts of our developers and other contributors. For full details, you can see the ChangeLog file included with this release.
The phpMyAdmin team
Sponsored by: Netzkommune GmbH
This includes a fix for a critical XSRF/CSRF security bug.
ChangeLog: https://www.phpmyadmin.net/files/4.7.7/
MFH: 2017Q4
Security: 63eb2b11-e802-11e7-a58c-6805ca0b3d42
As well as being the first stable release from the 4.7 branch, this
includes fixes for PMASA-2017-8 where it can be possible to bypass a
configuration restriction forbidding password-less accounts. This
depends on the upstream PHP version -- sites using php-7 are not
vulnerable, sites using php-5.6 are.
ChangeLog: https://www.phpmyadmin.net/files/4.7.0/
MFH: 2017Q1
Security: 68611303-149e-11e7-b9bb-6805ca0b3d42
This includes 26 security advisories of various severities up to
'critical', as well as bug-fix updates.
ChangeLog: https://www.phpmyadmin.net/files/4.6.4/
MFH: 2016Q3
Security: ef70b201-645d-11e6-9cdc-6805ca0b3d42
This is actually pretty much a no-op on FreeBSD: we're using the
bundled verion of phpseclib, and the regrssion fix does not apply to
the 4.5.x branch.
ChangeLog: https://www.phpmyadmin.net/files/4.5.4.1/
This is the first release from the 4.5 branch, and a major update.
With this release, the minimum required version of PHP is php-5.5
ChangeLog: https://www.phpmyadmin.net/files/4.5.0/
This is the last routine (ie. other than security patches) release
from the 4.4.x series. The next update will be a major jump to the
4.5.x series.
ChangeLog: https://www.phpmyadmin.net/files/4.4.15/
