On May 26, 2016 phpMyAdmin introduced the phpMyAdmin 4.6.2 release. phpMyAdmin is a free, open source tool developed in PHP and intended to handle the administration of MySQL database management system (DBMS). phpMyAdmin is designed to perform a wide range of operations on MySQL over the web. It offers the user friendly web interface, support for most MySQL features, management of MySQL users and privileges, management of stored procedures and triggers, import and export of data from various sources, administration of multiple servers and much more.
What’s New in phpMyAdmin 4.6.2 Release
Since our last publication, covering the 4.6.1 release, phpMyAdmin introduced changes as part of a regular maintenance release consisting mostly of bug fixes, and also including a few non-critical security fixes.
For more detail about the included security fixes take a look at the phpMyAdmin security notifications:
- PMASA-2016-14: Because user SQL queries are part of the URL, sensitive information made as part of a user query can be exposed by clicking on external links to attackers monitoring user GET query parameters or included in the webserver logs.
- PMASA-2016-16: A specially crafted attack could allow for special HTML characters to be passed as URL encoded values and displayed back as special characters in the page.
The phpMyAdmin 4.6.2 version attends the following issues:
- – issue [security] User SQL queries can be revealed through URL GET parameters, see PMASA-2016-14
- – issue [security] Self XSS vulneratbility, see PMASA-2016-16
- – issue #12225 Use https for documentation links
- – issue #12234 Fix schema export with too many tables
- – issue #12240 Avoid parsing non JSON responses as JSON
- – issue #12118 Fixed setting mixed case languages
- – issue #12229 Avoid storing objects in session when debugging SQL
- – issue #12249 Fix cookie path on IIS
- – issue #11705 Fix occassional 200 errors on Windows
- – issue #12219 Fix locking issues when importing SQL
- – issue #12231 Avoid confusing warning when mysql extension is missing
- – issue Improve handling of logout
- – issue Safer handling of sessions during authentication
- – issue #12209 Fix server selection on main page
- – issue #12192 Avoid storing full error data in session
- – issue #12082 Fixed export of ARCHIVE tables with keys
- – issue #11565 Add session reload for config authentication
- – issue #12229 Do not fail on errors stored in session
- – issue #12248 Fix loading of APC based upload progress bar
The complete changelog for the phpMyAdmin 4.6.2 and other releases can be found here.
Installation and Configuration Instructions
If you followed our installation guide for Ubuntu, then you can upgrade to phpMyAdmin 4.6.2 using the following commands:
sudo apt-get update sudo apt-get upgrade
Complete instructions can be found in the phpMyAdmin Documentation.
Please contact phpMyAdmin Support to address any installation or upgrade issues to the phpMyAdmin 4.6.2 version.