subject:"Bug#290833\: dbmail\-pgsql\: Inconsistent escaping of user supplied data in dbauthpgsql.c"

Bug#290833: dbmail-pgsql: Inconsistent escaping of user supplied data in dbauthpgsql.c

2005-01-17 Thread Paul J Stevens

Bug acknowledged. This should be fixed by the pending 2.0.3 upload. Primoz Bratanic wrote: Package: dbmail-pgsql Version: 1.2.11 Severity: grave Tags: security Justification: user security hole In pgsql/dbauthpgsql.c escaping is not consistent. Sometimes username and other user supplied values are

Bug#290833: dbmail-pgsql: Inconsistent escaping of user supplied data in dbauthpgsql.c

2005-01-16 Thread Primoz Bratanic

Package: dbmail-pgsql Version: 1.2.11 Severity: grave Tags: security Justification: user security hole -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In pgsql/dbauthpgsql.c escaping is not consistent. Sometimes username and other user supplied values are escaped and sometimes like in: aut