SOLVED [CPANEL-24366] phpMyAdmin version 4.8.4

rpvw

Well-Known Member
Jul 18, 2013
1,088
446
113
UK
cPanel Access Level
Root Administrator
phpMyAdmin version 4.8.4 was released today Tue Dec 11 2018, and apparently contains some serious security and bug fixs.

Security fix: phpMyAdmin 4.8.4 is released

I am not sure how, or if, the cPanel included phpMyAdmin is impacted by these security vulnerabilities, but would be grateful if some indication were to be given regarding when we might expect to see an upgrade to this version.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @rpvw,

When accessed through cPanel or Web Host Manager, phpMyAdmin is protected against CSRF/XSRF vulnerabilities like the ones referenced in the security report you provided. You can read about Security Tokens in our documentation for more information about this protection.

That said, we aim to publish updates of this nature for software included with cPanel & WHM as soon as possible. Internal case CPANEL-24366 is open to include phpMyAdmin version 4.8.4 with cPanel & WHM. I'll monitor the case and update this thread with more information on the status of it's implementation as it becomes available.

Thank you.
 
Last edited:

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello,

To update, this update was included with cPanel & WHM version 78:

Fixed case CPANEL-24366: Update phpMyAdmin to release 4.8.3-4.cp1176.

Thank you.