phpMyAdmin was updated to fix:

* CVE-2022-23807: Fixed Two factor authentication bypass (boo#1195017, PMASA-2022-1, CWE-661)

* Add a new configuration directive $cfg['URLQueryEncryption'] to
allow encrypting sensitive information in the URL to prevent
disclosure. Thanks to Rich Grimes for suggesting this
improvement
* Add a new configuration directive
$cfg['Servers'][$i]['hide_connection_errors'] to allow hiding
the full error message when a log on attempt fails, which can
leak hostnames or IP addresses of the target database server.