2010-10-09 21:31:18 |
Lazy |
bug |
|
|
added bug |
2010-10-09 21:31:18 |
Lazy |
attachment added |
|
Here is a patched file which uses quote function to prevent injections. In addition serial calculation is fixed. https://bugs.launchpad.net/bugs/657473/+attachment/1680758/+files/recordwrite.php |
|
2010-10-09 21:38:43 |
Lazy |
attachment added |
|
Patched commit.php which fixes possible SQL injections and has some other minor improvements as well. https://bugs.launchpad.net/ubuntu/+source/smbind/+bug/657473/+attachment/1680763/+files/commit.php |
|
2011-02-04 23:29:59 |
Kees Cook |
smbind (Ubuntu): status |
New |
Confirmed |
|
2011-02-04 23:30:01 |
Kees Cook |
smbind (Ubuntu): importance |
Undecided |
Medium |
|
2011-02-04 23:30:06 |
Kees Cook |
visibility |
private |
public |
|
2011-02-05 17:34:31 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Review Team |
2011-02-05 17:34:34 |
Brian Murray |
tags |
injection smbind sql |
injection patch smbind sql |
|
2012-10-15 14:09:24 |
Jamie Strandboge |
smbind (Ubuntu): status |
Confirmed |
Incomplete |
|
2012-10-16 18:52:26 |
Lazy |
bug watch added |
|
http://sourceforge.net/support/tracker.php?aid=3083361 |
|
2012-10-18 17:09:02 |
Jamie Strandboge |
smbind (Ubuntu): status |
Incomplete |
Triaged |
|