Ubuntu
mydms package

[Sync request] Sync mydms (1.4.4+1-5) from Debian unstable (main)

Bug #91094 reported by Michael Bienia on 2007-03-10

Affects		Status	Importance	Assigned to	Milestone
	mydms (Ubuntu)	Fix Released	Wishlist	Unassigned

Bug Description

Binary package hint: mydms

Please sync mydms (1.4.4+1-5) from Debian unstable (main).

The Ubuntu package has no changes.

Thanks.

Changelog:

mydms (1.4.4+1-5) unstable; urgency=high

  * Security: SQL Injection could be done changing cookies content if the
  userID is not checked to be numeric only (Thanks to Rolan Benavent from
  Dulasoft SL)
  * Security: SQL Injection could be done as result of an incorrect checking
  order in sanitize function.

-- Miguel Gea Milvaques <email address hidden> Fri, 16 Feb 2007 17:21:38 +0100

Revision history for this message

Sebastien Bacher (seb128) wrote on 2007-03-14:

[Updating] mydms (1.4.4+1-4 [Ubuntu] < 1.4.4+1-5 [Debian])
* Trying to add mydms...
  - <mydms_1.4.4+1.orig.tar.gz: already in distro - downloading from librarian>
  - <mydms_1.4.4+1-5.diff.gz: downloading from http://ftp.debian.org/debian/>
  - <mydms_1.4.4+1-5.dsc: downloading from http://ftp.debian.org/debian/>
I: mydms [universe] -> mydms_1.4.4+1-4 [universe].

Changed in mydms:
importance:	Undecided → Wishlist
status:	Unconfirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntumydms package

[Sync request] Sync mydms (1.4.4+1-5) from Debian unstable (main)

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
mydms package