phpMyAdmin 3.4.3.1 has been released a few days ago, containing fixes for four separate vulnerabilities, including one classified as "critical" and two as "serious". Latest available version in portage (3.4.1) is vulnerable, according to the descriptions. Here are the fixed vulns: http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php Reproducible: Always
Thanks for the bug, Paul. We have an open bug for these issues. *** This bug has been marked as a duplicate of bug 373951 ***