tags 554684 + unreproducible
thanks
Ondřej Surý dijo [Tue, Jan 12, 2010 at 08:16:20AM +0100]:
> Gunnar,
>
> do you think you can retest this bug with php5-pgsql from unstable?
>
> Ie.
> (...)
> This should allow you to not upgrade whole php5 just the module. This
> could lead us if we need to lo
Gunnar,
do you think you can retest this bug with php5-pgsql from unstable?
Ie.
apt-get install php5-dev # from stable
dget http://ftp.debian.org/debian/pool/main/p/php5/php5_5.2.12.dfsg.1-2.dsc
cd php5-5.2.12/ext/pgsql
phpize
./configure
make
make install
(or something like that, I'm writing it
sean finney dijo [Fri, Nov 06, 2009 at 12:16:59AM +0100]:
> On Thu, Nov 05, 2009 at 04:34:03PM -0600, Gunnar Wolf wrote:
> > function db_escape_string($text) {
> > return pg_escape_string($text);
> > }
>
> > 2009-11-04 06:25:29 CST [30578]WARNING: nonstandard use of \\ in a string
> > literal
On Thu, Nov 05, 2009 at 04:34:03PM -0600, Gunnar Wolf wrote:
> function db_escape_string($text) {
> return pg_escape_string($text);
> }
> 2009-11-04 06:25:29 CST [30578]WARNING: nonstandard use of \\ in a string
> literal at character 25
hm... maybe this is a result of pg_escape_string and m
Package: php5-pgsql
Version: 5.2.6.dfsg.1-1+lenny3
Severity: serious
Tags: security
I am not sure on the impact of this bug, but if the main PHP escaping
function for PostgreSQL is mis-escaping strings, it can
_quite_probably_ be a serious security bug. Feel free to adjust
severity.
I have been
5 matches
Mail list logo
