Welcome to the release of phpMyAdmin version 4.9.9. This is a release to fix two issues with the 4.9.8 release.

Fixed since phpMyAdmin 4.9.8:

* Fix a syntax error preventing use with PHP 5
* An error was shown regarding the new "hide_configuration_errors" directive when a controluser is set

Fixed in phpMyAdmin 4.9.8:

* Fix for a user potentially being able to disable their two factor authentication (PMASA-2022-1)
* Add a new configuration directive $cfg['URLQueryEncryption'] to allow encrypting sensitive information in the URL to prevent disclosure. Thanks to Rich Grimes  for suggesting this improvement
* Add a new configuration directive $cfg['Servers'][$i]['hide_connection_errors'] to allow hiding the full error message when a log on attempt fails, which can leak hostnames or IP addresses of the target database server. Thanks to Dr. Shuzhe Yang, Manager Security Governance at GLS IT Services for suggesting this improvement

This is a reminder that phpMyAdmin 4.9 is in the long-term support phase where it will only get important security fixes and critical bug fixes. Users are suggested to migrate to version 5.1.

Downloads are available now at https://phpmyadmin.net/downloads/

For the phpMyAdmin team,
Isaac