Security update for phpMyAdmin
This update for phpMyAdmin to version 4.9.4 fixes the following issues:
- CVE-2020-5504: SQL injection in user accounts page (boo#1160456).
-
Submitted by
Christian Wittmer (computersalat)
Fixed bugs
bnc#1150914
VUL-0: CVE-2019-12922: phpMyAdmin: CSRF allows deletion of any server in the Setup page
bnc#1160456
VUL-0: CVE-2020-5504: phpMyAdmin: SQL injection in user accounts page
bnc#1157614
VUL-0: CVE-2019-18622: phpMyAdmin: SQL injection in Designer feature (PMASA-2019-5)
