phpMyAdmin 2.5.x has serious security holes as described in the Bugtraq article I am linking to. The corresponding bugs have been fixed in phpMyAdmin 2.5.7-pl1. That is why I would suggest to add phpMyAdmin 2.5.7-pl1 to the portage tree. Reproducible: Always Steps to Reproduce:
Tom: could you please bump to 2.5.7pl1 ?
fyi, default phpmyadmin on gentoo is not vulnerable. see bug 55606. but yes, a bump is needed. reassigning, not a security issue.
OK, version bump now in CVS. Sorry about the delay -- I've been away for the last three days. Regards, Tom