Your message dated Sun, 10 Nov 2019 15:38:18 +0000
with message-id <>
and subject line Bug#890595: fixed in phpmyadmin 4:4.9.1+dfsg1-2
has caused the Debian Bug report #890595,
regarding phpmyadmin: warnings when running under php 7.2, apparently fixed by 
new upstream series 4.7.x
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact

Debian Bug Tracking System
Contact with problems
--- Begin Message ---
Package: phpmyadmin
Version: 4:4.6.6-5
Severity: important


Now that php 7.2 is default, phpmyadmin is printing some warnings like

Warning in ./libraries/sql.lib.php#613
 count(): Parameter must be an array or an object that implements Countable

According to upstream these are fixed in the 4.7 series[1][2]


It would be great to have phpmyadmin updated to the latest upsteam so we
have php 7.2 compat.


-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages phpmyadmin depends on:
ii  dbconfig-common                 2.0.9
ii  dbconfig-mysql                  2.0.9
ii  debconf [debconf-2.0]           1.5.65
ii  libjs-sphinxdoc                 1.6.7-1
ii  perl                            5.26.1-4+b1
ii  php                             1:7.2+60
ii  php-mbstring                    1:7.2+60
ii  php-mysql                       1:7.2+60
ii  php-php-gettext                 1.0.12-0.1
ii  php-phpseclib                   2.0.9-1
ii  php-xml                         1:7.2+60
ii  php7.0-cli [php-cli]            7.0.27-1
ii  php7.0-json [php-json]          7.0.27-1
ii  php7.0-mbstring [php-mbstring]  7.0.27-1
ii  php7.0-mysql [php-mysqli]       7.0.27-1
ii  php7.0-xml [php-xml]            7.0.27-1
ii  php7.2 [php]                    7.2.2-1
ii  php7.2-cli [php-cli]            7.2.2-1
ii  php7.2-json [php-json]          7.2.2-1
ii  php7.2-mbstring [php-mbstring]  7.2.2-1
ii  php7.2-mysql [php-mysqli]       7.2.2-1
ii  php7.2-xml [php-xml]            7.2.2-1
ii  ucf                             3.0036

Versions of packages phpmyadmin recommends:
ii  apache2 [httpd]         2.4.29-2
ii  php-bz2                 1:7.2+60
ii  php-curl                1:7.2+60
ii  php-gd                  1:7.2+60
ii  php-tcpdf               6.2.13+dfsg-1
ii  php-zip                 1:7.2+60
ii  php7.0-bz2 [php-bz2]    7.0.27-1
ii  php7.0-curl [php-curl]  7.0.27-1
ii  php7.0-gd [php-gd]      7.0.27-1
ii  php7.0-zip [php-zip]    7.0.27-1
ii  php7.2-bz2 [php-bz2]    7.2.2-1
ii  php7.2-curl [php-curl]  7.2.2-1
ii  php7.2-gd [php-gd]      7.2.2-1
ii  php7.2-zip [php-zip]    7.2.2-1

Versions of packages phpmyadmin suggests:
ii  firefox-esr [www-browser]                52.6.0esr-2
ii  google-chrome-stable [www-browser]       64.0.3282.167-1
ii  mysql-server-5.7 [virtual-mysql-server]  5.7.21-1

-- debconf information:
  phpmyadmin/dbconfig-remove: true
  phpmyadmin/db/app-user: phpmyadmin@localhost
  phpmyadmin/remove-error: abort
  phpmyadmin/dbconfig-reinstall: false
* phpmyadmin/mysql/admin-user: debian-sys-maint
  phpmyadmin/missing-db-package-error: abort
  phpmyadmin/db/dbname: phpmyadmin
  phpmyadmin/setup-username: admin
  phpmyadmin/dbconfig-upgrade: true
  phpmyadmin/purge: false
* phpmyadmin/dbconfig-install: true
  phpmyadmin/upgrade-backup: true
  phpmyadmin/mysql/method: Unix socket
  phpmyadmin/internal/skip-preseed: false
  phpmyadmin/database-type: mysql
  phpmyadmin/install-error: abort
  phpmyadmin/remote/host: localhost
  phpmyadmin/upgrade-error: abort
  phpmyadmin/internal/reconfiguring: false
* phpmyadmin/reconfigure-webserver: apache2

--- End Message ---
--- Begin Message ---
Source: phpmyadmin
Source-Version: 4:4.9.1+dfsg1-2

We believe that the bug you reported is fixed in the latest version of
phpmyadmin, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Matthias Blümel <> (supplier of updated phpmyadmin package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing

Hash: SHA256

Format: 1.8
Date: Fri, 01 Nov 2019 19:33:40 +0100
Source: phpmyadmin
Architecture: source
Version: 4:4.9.1+dfsg1-2
Distribution: unstable
Urgency: medium
Maintainer: phpMyAdmin Packaging Team <>
Changed-By: Matthias Blümel <>
Closes: 772741 883417 884827 890595 893539 896490 914673 917755 920822 920823 
930017 930048 943209
 phpmyadmin (4:4.9.1+dfsg1-2) unstable; urgency=medium
   * Adjust open_basedir setting for ubuntu eoan
 phpmyadmin (4:4.9.1+dfsg1-1) unstable; urgency=medium
   * New upstream version 4.9.1.
   * Remove webbased setup (Closes: #772741)
   * Check for weak blowfish key and regenerate if necessary during update
   * fix avahi service-installation (Closes: #914673, LP: #1293558)
   * fix bug in sql-script for non-default tablename (Closes: #884827)
 phpmyadmin (4: unstable; urgency=medium
   [ Matthias Blümel ]
   * New upstream version
   * Update Package for new composer-oriented structure in upstream
   * Update Traslations
     - Catalan
     - Ukrainian
     - Chinese (Traditional)
   * New Translations
     - Romanian
     - Indonesian
   * New upstream release, fixing several security issues:
     - Warings when running under php 7.2
       (Closes: #890595)
     - FTBFS with phpunit 6.4.4-2
       (Closes: #883417, Closes: #917755)
     - Bypass $cfg['Servers'][$i]['AllowNoPassword']
       (PMASA-2017-8, CVE-2017-18264)
     - XSRF/CSRF vulnerability in phpMyAdmin
       (PMASA-2017-9, CVE-2017-1000499)
     - Self XSS in central columns feature
       (PMASA-2018-1, CVE-2018-7260, Closes: #893539)
     - CSRF vulnerability allowing arbitrary SQL execution
       (PMASA-2018-2, CVE-2018-10188, Closes: #896490)
     - XSS in Designer feature
       (PMASA-2018-3, CVE-2018-12581)
     - Bug that can be used for XSS when importing files
     - Local file inclusion
       (PMASA-2018-6, CVE-2018-19968)
     - XSRF/CSRF vulnerabilities allowing a to perform harmful operations
       (PMASA-2018-7, CVE-2018-19969)
     - an XSS vulnerability in the navigation tree
       (PMASA-2018-8, CVE-2018-19970)
     - Arbitrary file read vulnerability
       (PMASA-2019-1, CVE-2019-6799, Closes: #920823)
     - SQL injection in the Designer interface
       (PMASA-2019-2, CVE-2019-6798, Closes: #920822)
     - SQL injection in Designer feature
       (PMASA-2019-3, CVE-2019-11768, Closes: #930048))
     - CSRF vulnerability in login form
       (PMASA-2019-4, CVE-2019-12616, Closes: #930017)
   * patch to allow twig in version 2
   * adjust autoload path with libapache2-mod-php, load Twig-Extensions and 
   * adjust apache-config with open_basedir for dependencies
   * Set TempDir to /var/lib/phpmyadmin/tmp for twig-cache
   * add config-table upgrade for version 4.7.0+
   * enable unittests and patch to use phpunit 7, fix build-deps
   * update to standards-version 4.3.0
   * add Debian CI testfile
   * depend on python3-sphinx instead of python-sphinx which is python2 
(Closes: #943209)
   * don't chown tmp-dir recursive and remove useless entries in 'dirs'
   * add sensible-utils to dependencies for .desktop-file
   * simplify apache-config
     * mbstring.func_overload = 0 is default and not set 
     * SetHandler is now in the configuration of libapache2-mod-php 
     * AddType seems not to be necessary anymore, it's in the mime-database 
   * use autoload.php instead of vendor/autoload.php
   * use libjs-openlayers instead of bundled ones.
   * include copyright information from included vendor-source
   * cleanup lintian overrides
   [ Felipe Sateler ]
   * Exclude vendor dir from upstream tarball imports
   * Add new build-dependencies
   * Add autoload generation
   * Fix Config file location
   * Add phpcomposer substvars to control file
   * Fix js paths in debian/rules
   * Set phpMyAdmin team as Maintainer
   [ Juri Grabowski ]
   * define composer as Build-Depends, Fix Vcs- URLs
   * apache2.2-common -> apache2-data
 db30c657beb422cfcab4ae2f0504a46a33fc07c1 2700 phpmyadmin_4.9.1+dfsg1-2.dsc
 faaeaa981f613b23d4f9afc2c5b343fcad84b3f2 94188 
 07d1363135b7f0255407f6af5355126276b02186 11322440 
 a205fa69ec52834e772ebd619203fad6a46ff1bdc9865c28142935d24186dc7a 2700 
 d6877f4ca7a9ea49bdb8608f16342207c4703a0db68fd607a4fa41dfa9294a42 94188 
 5774cd30ffd4d3369a3083d7e04ef60a651647fd4da749cb53285fa0fb16459a 11322440 
 bc93c0fec95473d080304848d649c6d1 2700 web optional phpmyadmin_4.9.1+dfsg1-2.dsc
 f440b671f55d71f64b648761af63ff51 94188 web optional 
 76668ca2166ce668cf4915338be16d4d 11322440 web optional 



--- End Message ---

Reply via email to