diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9526c7df..dd9263bb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,7 @@
 # PrivateBin version history
 
+  * **1.4.1 (not yet released)**
+    * CHANGED: Avoid `SUPER` privilege for setting the `sql_mode` for MariaDB/MySQL (#919)
   * **1.4 (2022-04-09)**
     * ADDED: Translations for Corsican, Estonian, Finnish and Lojban
     * ADDED: new HTTP headers improving security (#765)
diff --git a/lib/Data/Database.php b/lib/Data/Database.php
index 4b29fe2f..2aa3ecd6 100644
--- a/lib/Data/Database.php
+++ b/lib/Data/Database.php
@@ -100,7 +100,7 @@ class Database extends AbstractData
             // MySQL uses backticks to quote identifiers by default,
             // tell it to expect ANSI SQL double quotes
             if (self::$_type === 'mysql' && defined('PDO::MYSQL_ATTR_INIT_COMMAND')) {
-                $options['opt'][PDO::MYSQL_ATTR_INIT_COMMAND] = "SET sql_mode='ANSI_QUOTES'";
+                $options['opt'][PDO::MYSQL_ATTR_INIT_COMMAND] = "SET SESSION sql_mode='ANSI_QUOTES'";
             }
             $tableQuery = self::_getTableQuery(self::$_type);
             self::$_db  = new PDO(