Hi Apache Friends!
We just released a new version of XAMPP.
This version fixes a security issue in Windows Platforms CVE-2020-11107 reported by Maximilian Barz. XAMPP Windows versions lower than 7.2.29, 7.3.16 and 7.4.4 allow an unprivileged User to access and modify its editor and browser configuration. An attacker could modify the "xampp-contol.ini" to set a vaue to a malicious .exe or .bat file that is gets executed after another user tries to open it via the control panel. This issue does not affect Linux or OS X platforms.
You can download these new installers at http://www.apachefriends.org/download.html.
These installers include the next components:
7.2.29-0 / 7.3.16-0 / 7.4.4-0
- PHP 7.2.29 , 7.3.16 , 7.4.4
- Apache 2.4.41
- MariaDB 10.4.11
- Perl 5.16.3
- OpenSSL 1.1.1e (UNIX only)
- phpMyAdmin 5.0.2