There are (as of today) 9 unfixed 'medium' criticality CVEs affecting bionic (many more on xenial, but none of higher severity) according to https://people.canonical.com/~ubuntu-security/cve/pkg/phpmyadmin.html
Would it be better to remove this package from existing releases altogether, if such can be done policy-wise and technically, to prevent users growing a false sense of security? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837775 Title: remove phpmyadmin from archive To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/1837775/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
