phpMyAdmin 220.127.116.11 has been released, fixing four security vulnerabilities. Current latest version in portage (18.104.22.168) is apparently affected.
XSS in table Print view.
Local file inclusion.
Local file inclusion vulnerability and code execution.
Possible session manipulation in swekey authentication.
Arches, please test and mark stable:
Target keywords : "alpha amd64 hppa ppc ppc64 sparc x86"
amd64 ok as usual.
x86 stable. Thanks
Stable for HPPA.
I don't know if this is of any interest here, but I just upgraded with the unmasked version on amd64 and everything is good.
amd64 done. Thank you all
Thank, everyone. Added to existing GLSA request.
This issue was resolved and addressed in
GLSA 201201-01 at http://security.gentoo.org/glsa/glsa-201201-01.xml
by GLSA coordinator Tim Sammut (underling).