I've already created a patch Have a look at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930017#12 and https://salsa.debian.org/phpmyadmin-team/phpmyadmin/merge_requests/6
- Bug#930048: phpmyadmin: PMASA-2019-03: CVE-2019-11768 Salvatore Bonaccorso
- Bug#930048: phpmyadmin: PMASA-2019-03: CVE-2019-... Matthias Blümel
