Group: Member Post Group: Elite Member
Posts: 268
Status:  |
Hi,
The Webuzo Team has launched phpMyAdmin 4.8.2 the latest version in the release branch.
Please check the change log below:
The urgent vulnerability allows an authenticated attacker to exploit a phpMyAdmin feature to show and potentially execute files on the server. PHP open_basedir restrictions mitigate the effect of this flaw. For further details, see the PMASA announcement.
A second flaw was also fixed allowing an attacker to use a specially crafted database name to trick a user in to executing a cross-site scripting (XSS) attack in the Designer feature.
In addition to the security fixes, this release also includes these bug fixes as part of our regular release cycle:
- WHERE 0 clause causes a fatal error
Known issues:- A few users have reported being unable to log in with a persistent error message "Failed to set session cookie. Maybe you are using HTTP instead of HTTPS". In some cases, clearing the phpMyAdmin cookies ('pma*') resolves the issue.
If you have any questions regarding the upgrade or any issues after upgrade let me know in the comments.
Regards,
The Webuzo Team
|
Powered By AEF 1.0.8 © 2007-2008 Electron Inc.
