From c51817d3b8cb05ff54dca9373c0667e29b8498d4 Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Wed, 28 Mar 2012 12:39:39 -0400
Subject: [PATCH 1/2] [security] Fixed local path disclosure vulnerability, see
 PMASA-2012-2

---
 ChangeLog              | 3 +++
 show_config_errors.php | 4 +++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 40614885d..d7b378920 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,9 @@
 phpMyAdmin - ChangeLog
 ======================
 
+3.4.10.2 (2012-03-28)
+- [security] Fixed local path disclosure vulnerability, see PMASA-2012-2
+
 3.4.10.1 (2012-02-18)
 - [security] XSS in replication setup, see PMASA-2012-1
 
diff --git a/show_config_errors.php b/show_config_errors.php
index 9024fec22..7299a4424 100644
--- a/show_config_errors.php
+++ b/show_config_errors.php
@@ -14,6 +14,8 @@ error_reporting(E_ALL);
 /**
  * Read config file.
  */
-require CONFIG_FILE;
+if (is_readable(CONFIG_FILE)) {
+    require CONFIG_FILE;
+}
 
 ?>

From a183e6310e5fad296df6397570a0d89cb1140bee Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Wed, 28 Mar 2012 12:42:02 -0400
Subject: [PATCH 2/2] Fix merge conflicts

---
 ChangeLog | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 110f36338..94d6d833f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - ChangeLog
 - bug #3486970 [import] Exception on XML import
 - bug #3488777 [navi] $cfg['ShowTooltipAliasTB'] and blank names in navigation
 
+3.4.10.2 (2012-03-28)
+- [security] Fixed local path disclosure vulnerability, see PMASA-2012-2
+
 3.4.10.1 (2012-02-18)
 - [security] XSS in replication setup, see PMASA-2012-1