TYPO3-20051114-3: TYPO3 Security Bulletin

Various security issues have been reported for PhpMyAdmin (see www.securityfocus.com/bid/15196 for details.)

Component Type: Third Party Product, included with the TYPO3 core

Affected Components: PhpMyAdmin

Versions: TYPO3 3.8.0 and earlier

Vulnerability Type: Various (see below)

Severity: Medium

Problem Description:
Various security issues have been reported for PhpMyAdmin (see http://www.securityfocus.com/bid/15196/ for details.)


The solution is part of the general maintenance upgrade to TYPO3 version 3.8.1, which all users of TYPO3 are advised to implement. It contains PhpMyAdmin 2.6.4-pl3.

Update: Please be aware that the updated phpMyAdmin extension comes with the 3.8.1 full download but is not contained in the upgrade patch! For the latter, you will need to upgrade it manually from TER.

Also, some language shortcomings have been reported with the version included in TYOP3 3.8.1.
So the current recommendation is
- apply TYPO3 3.8.1
- go to TER and upgrade to the latest version.

Thanks to Michael Stucki for adapting the new version of PhpMyAdmin to TYPO3.