No cve yet, see here: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-3
CVE-2008-1924: Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows attackers with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
in cvs
Arches, please test and mark stable: =dev-db/phpmyadmin-2.11.5.2 Target keywords : "alpha amd64 hppa ppc ppc64 release sparc x86"
amd64/x86 stable
Stable for HPPA.
ppc64 stable
alpha/sparc stable
ppc stable
Fixed in release snapshot.
Ready for vote. I vote YES.
agreed, filed request
GLSA 200805-02