tags 308031 patch
thanks
I'm not sure that this is a lot of help, as the fix really is as
straightforward as stated in the original report, but at least this is
another pair of eyes looking at it. This fix looks good to me, and I've
confirmed that the package still builds, although I'm not in a p
Package: mailutils
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In /auth/sql.c there is a function sql_escape_string (...) which does
escaping of "bad" characters before feding them to DB. The problem is that
function only escapes
2 matches
Mail list logo
