Your message dated Sun, 12 Apr 2009 14:11:14 +1100
with message-id <[email protected]>
and subject line bug was fixed
has caused the Debian Bug report #521823,
regarding SQL injection
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
521823: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521823
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: auth2db
Version: 0.2.5-2+dfsg-1
Severity: grave
Tags: security
Hi
auth2db uses addslashes, which doesn't protect against SQL injections,
when used with multibyte character encodings.
As discussed via private mails, the NMU patch is attached.
Cheers
Steffen
diff -u auth2db-0.2.5-2+dfsg/debian/changelog auth2db-0.2.5-2+dfsg/debian/changelog
--- auth2db-0.2.5-2+dfsg/debian/changelog
+++ auth2db-0.2.5-2+dfsg/debian/changelog
@@ -1,3 +1,11 @@
+auth2db (0.2.5-2+dfsg-1.1) unstable; urgency=high
+
+ * Non-maintainer upload by the security team
+ * Fix possible SQL injection vulnerability when used with multibyte
+ encodings by using mysql_real_escape_string()
+
+ -- Steffen Joeris <[email protected]> Mon, 30 Mar 2009 11:21:06 +0200
+
auth2db (0.2.5-2+dfsg-1) unstable; urgency=medium
* New debian-specific+upstream release (Closes: #493132):
diff -u auth2db-0.2.5-2+dfsg/debian/patches/series auth2db-0.2.5-2+dfsg/debian/patches/series
--- auth2db-0.2.5-2+dfsg/debian/patches/series
+++ auth2db-0.2.5-2+dfsg/debian/patches/series
@@ -6,0 +7 @@
+auth2db-sql-injection.patch
only in patch2:
unchanged:
--- auth2db-0.2.5-2+dfsg.orig/debian/patches/auth2db-sql-injection.patch
+++ auth2db-0.2.5-2+dfsg/debian/patches/auth2db-sql-injection.patch
@@ -0,0 +1,19 @@
+--- ../old/auth2db-0.2.5-2+dfsg/www/security.php 2008-07-30 22:39:36.000000000 +0000
++++ auth2db-0.2.5-2+dfsg/www/security.php 2009-03-30 09:18:57.000000000 +0000
+@@ -15,12 +15,10 @@
+ # [Agrega escape de caracteres especiales SQL -> \' ]
+ function sec_addESC($var) {
+
+- if (!get_magic_quotes_gpc()){
+- $var = addslashes($var);
+- }
+-
++ $var = mysql_real_escape_string($var);
++
+ return $var;
+
+ }
+
+-?>
+\ No newline at end of file
++?>
--- End Message ---
--- Begin Message ---
Version: 0.2.5-2+dfsg-1.1
--- End Message ---
