phpMyAdmin was updated to fix:

* CVE-2022-23807: Fixed Two factor authentication bypass (boo#1195017, PMASA-2022-1, CWE-661) 
 
* Add a new configuration directive $cfg['URLQueryEncryption'] to
  allow encrypting sensitive information in the URL to prevent
  disclosure. Thanks to Rich Grimes  for suggesting this
  improvement
* Add a new configuration directive
  $cfg['Servers'][$i]['hide_connection_errors'] to allow hiding
  the full error message when a log on attempt fails, which can
  leak hostnames or IP addresses of the target database server.