Problem no longer applies in the current Unity stack because of the
smart scopes.
** Changed in: unity
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to unity-lens-music in Ubuntu.
Matching subscriptions: dp-unity-lens-music
https://bugs.launchpad.net/bugs/867651
Title:
sql queries not properly escaped
Status in Unity:
Invalid
Status in unity-lens-music:
Confirmed
Status in “unity-lens-music” package in Ubuntu:
Confirmed
Bug description:
queries containing a ' cause errors and cause banshee to not report
results. Theoretically this could also allow for a sql injection
vulnerability. This threat is minimal however, as anyone who can
search in the dash can also open a terminal and run any arbitrary
command on the db.
To manage notifications about this bug go to:
https://bugs.launchpad.net/unity/+bug/867651/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
