phpMyAdmin 5.2.3

What's Changed

• NC538/phpMyAdmin 5.2.3 by @mhzawadi in #32
• Bump actions/checkout from 5 to 6 by @dependabot[bot] in #33

Full Changelog: v5.2.2.1...v5.2.3.0

v5.2.2.1

What's Changed

• Bump Alpine from 3.21 to 3.22
• Bump actions/checkout from 4 to 5 by @dependabot[bot] in #31
• fix version workflow

Full Changelog: v5.2.2.0...v5.2.2.1

Alpine 3.21 & phpMyAdmin 5.2.2

phpMyAdmin

• fix possible security issue in sql-parser which could cause long execution times that could create a DOS attack (thanks to Maximilian Krög https://github.com/MoonE)
• fix an XSS vulnerability in the check tables feature (PMASA-2025-1, thanks to bluebird https://github.com/blue-bird1)
• fix an XSS vulnerability in the Insert tab (PMASA-2025-2, thanks to frequent contributor Kamil Tekiela https://github.com/kamil-tekiela)
• fix possible security issue with library code slim/psr7 (CVE-2023-30536)
• fix possible security issue relating to iconv (CVE-2024-2961, PMASA-2025-3)
• fix a full path disclosure in the Monitoring tab
• issue #18268 Fix UI issue the theme manager is disabled
• issue Allow opening server breadcrumb links in new tab with Ctrl/Meta key
• issue #19141 Add cookie prefix '-__Secure-' to cookies to help prevent cookie smuggling
• issue #18106 Fix renaming database with a view
• issue #18120 Fix bug with numerical tables during renaming database
• issue #16851 Fix ($cfg['Order']) default column order doesn't have have any effect since phpMyAdmin 4.2.0
• issue #18258 Speed improvements when exporting a database
• issue #18769 Improved collations support for MariaDB 10.10

Move to Nginx Unit

This is a small update to switch out nginx/PHP-fpm for Nginx unit/php

You should not see any difference in function, but has a smaller footprint

Alpine 3.20

Update to Alpine v3.20

Alpine 3.19 & PHP 8.2

• update Apline to 3.19.1
• update to PHP 8.2

Alpine 3.19

Update to Alpine 3.19

Alpine 3.18

This is a bug fix for Alpine to v3.18

phpMyAdmin 5.2.1

Welcome to the release of phpMyAdmin version 5.2.1. This is a bugfix release that also contains a security fix for an XSS vulnerability in the drag-and-drop upload functionality (PMASA-2023-01).

This release contains many bug fixes.

Some highlights include:

• issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick
• issue #17519 Fix Export pages not working in certain conditions
• issue #17121 Fix password_hash function incorrectly adding single quotes to password before hashing
• issue #17736 Add utf8mb3 as an alias of utf8 on the charset description page
• issue #17248 Support the UUID data type for MariaDB >= 10.7
• issue #16042 Fixes malformed downloads when using gzip compression type and FireFox browser
• Add spellcheck="false" to all password fields and some text fields to avoid spell-jacking data leaks
• Fixes for JavaScript errors when using Designer
• Fixes for PHP 8.2 compatibility

There are, of course, many more fixes and new features that you can see in the ChangeLog file included with this release or online at https://demo.phpmyadmin.net/master-config/index.php?route=/changelog

Released 2023-01-26

• Update Alpine to 3.17
• Update github actions