[Sync request] Sync mydms (1.4.4+1-5) from Debian unstable (main)
Bug #91094 reported by
Michael Bienia
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mydms (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: mydms
Please sync mydms (1.4.4+1-5) from Debian unstable (main).
The Ubuntu package has no changes.
Thanks.
Changelog:
mydms (1.4.4+1-5) unstable; urgency=high
* Security: SQL Injection could be done changing cookies content if the
userID is not checked to be numeric only (Thanks to Rolan Benavent from
Dulasoft SL)
* Security: SQL Injection could be done as result of an incorrect checking
order in sanitize function.
-- Miguel Gea Milvaques <email address hidden> Fri, 16 Feb 2007 17:21:38 +0100
To post a comment you must log in.
[Updating] mydms (1.4.4+1-4 [Ubuntu] < 1.4.4+1-5 [Debian]) 1.4.4+1. orig.tar. gz: already in distro - downloading from librarian> 1.4.4+1- 5.diff. gz: downloading from http:// ftp.debian. org/debian/> 1.4.4+1- 5.dsc: downloading from http:// ftp.debian. org/debian/>
* Trying to add mydms...
- <mydms_
- <mydms_
- <mydms_
I: mydms [universe] -> mydms_1.4.4+1-4 [universe].