[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE id request: auth2db
From: Steffen Joeris <steffen.joeris () skolelinux ! de>
Date: 2009-03-30 10:11:33
Message-ID: 200903302111.33942.steffen.joeris () skolelinux ! de
[Download RAW message or body]
Hi
auth2db uses addslashes() to protect against SQL injections. This should be
mysql_real_escape_string(), so it also works, if multibyte character
encodings are used.
Debian Bug report:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521823
Could I please get a CVE id for this?
Cheers
Steffen
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic