Using $cfg['LoginCookieValidity'] greater than session.gc-maxlifetime the warning is shown.
With PMA 3.5.1, the warning is not rendered correctly (as HTML with a clickable link to the documentation), but sanitized which results in escaped HTML entities instead of HTML (like "Your PHP parameter <a href="./url.php?url=http%3A%2F%2Fphp.net..."), similar to ID: 3519747
In dev (last from github, rev. 12af3d2) version it's ok. I'm expecting the next version will be correct.