[ https://issues.apache.org/jira/browse/AIRFLOW-1170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16009324#comment-16009324 ]
ASF subversion and git services commented on AIRFLOW-1170: ---------------------------------------------------------- Commit 3b589a9f73bed018bf7e2c7b7265bfce5da91ca0 in incubator-airflow's branch refs/heads/master from [~nzeilemaker] [ https://git-wip-us.apache.org/repos/asf?p=incubator-airflow.git;h=3b589a9 ] [AIRFLOW-1170] DbApiHook insert_rows inserts parameters separately Instead of creating a sql statement with all values, we send the values separately to prevent sql injection Closes #2270 from NielsZeilemaker/AIRFLOW-1170 > DbApiHook insert rows does not use prepared statement > ----------------------------------------------------- > > Key: AIRFLOW-1170 > URL: https://issues.apache.org/jira/browse/AIRFLOW-1170 > Project: Apache Airflow > Issue Type: Bug > Reporter: Niels Zeilemaker > Assignee: Niels Zeilemaker > Fix For: 1.8.2 > > > Let's not allow sql injections -- This message was sent by Atlassian JIRA (v6.3.15#6346)