Package: zoph
Severity: grave
Tags: security
Justification: user security hole
According to the the 0.5pre1 changelog a potential SQL injection vulnerability
was fixed:
- Fixed some possible SQL-injection issues. - Adding multiple people to a photo
at once, thanks to Neil McBride. (Patch#1406959)
Does this affect stable?
This has been assigned CVE-2006-0402, please mention it in the changelog when
fixing it.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-2-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
