Reviewed: https://reviews.mahara.org/c/mahara/+/12569 Committed: https://git.mahara.org/mahara/mahara/commit/5d52db2d29c928ce116bfe84d5071275fbc46db0 Submitter: "Robert Lyon <[email protected]>" Branch: 22.04_DEV
commit 5d52db2d29c928ce116bfe84d5071275fbc46db0 Author: Dianne Tennent <[email protected]> Date: Tue Apr 12 17:19:46 2022 +1200 Bug #1962792: Update version info in adodb/readme.mahara Change-Id: Id9df1a52b7055e8b1d0d8bc69bc6d59dd8d7eddb (cherry picked from commit 5fd4a38c286ba5824700cfa1a9eb653b4365f351) -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: mahara-contributors https://bugs.launchpad.net/bugs/1962792 Title: Upgrade ADOdb from v5.21.1 to v5.22.0 Status in Mahara: Fix Committed Bug description: https://github.com/ADOdb/ADOdb/blob/v5.22.0/docs/changelog.md Includes a security patch for drivers/adodb-postgres64.inc.php: https://github.com/ADOdb/ADOdb/security/advisories/GHSA-65mj-7c86-79jf An attacker can inject values into a PostgreSQL connection string by providing a parameter surrounded by single quotes. Depending on how the library is used in the client software, this may allow an attacker to bypass the login process, gain access to the server's IP address, etc. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1962792/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
