A security incident in phpMyAdmin archive distribution has been reported: [1] http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php [2] http://secunia.com/advisories/50703/ More from [1]: "One of the SourceForge.net mirrors, namely cdnetworks-kr-1, was being used to distribute a modified archive of phpMyAdmin, which includes a backdoor. This backdoor is located in file server_sync.php and allows an attacker to remotely execute PHP code. Another file, js/cross_framing_protection.js, has also been modified."
CVE request: [3] http://www.openwall.com/lists/oss-security/2012/09/25/11
This issue did NOT affect the versions of the phpMyAdmin package, as shipped with Fedora release of 16 and 17. -- This issue did NOT affect the versions of the phpMyAdmin package, as shipped with Fedora EPEL 5 and Fedora EPEL 6. -- This issue did NOT affect the version of the phpMyAdmin package, as shipped with Fedora EPEL 5.