[security] Fixed local path disclosure vulnerability, see PMASA-2012-2

ChangeLog

@@ -1,6 +1,9 @@
 phpMyAdmin - ChangeLog
 ======================
 
+3.4.10.2 (2012-03-28)
+- [security] Fixed local path disclosure vulnerability, see PMASA-2012-2
+
 3.4.10.1 (2012-02-18)
 - [security] XSS in replication setup, see PMASA-2012-1
 

show_config_errors.php

@@ -14,6 +14,8 @@ error_reporting(E_ALL);
 /**
  * Read config file.
  */
-require CONFIG_FILE;
+if (is_readable(CONFIG_FILE)) {
+    require CONFIG_FILE;
+}
 
 ?>