* Hilko Bengen:
db_query uses sprintf to replace placeholder expressions if passed
more than one argument and it seems to me that using %s does the same
thing as PHP's string expansion as in 4.5.3.
What about SQL injection? Doesn't db_query protect against it, while
PHP's string expansion
Florian Weimer [EMAIL PROTECTED] writes:
db_query uses sprintf to replace placeholder expressions if passed
more than one argument and it seems to me that using %s does the
same thing as PHP's string expansion as in 4.5.3.
What about SQL injection? Doesn't db_query protect against it, while
* Hilko Bengen:
Do you have any idea how the $key parameter to sess_destroy
(includes/session.inc) is generated?
It seems as if drupal uses the value generated by PHP, which would
mean that it's not exploitable for SQL injection, but I'm not sure.
--
To UNSUBSCRIBE, email to [EMAIL
Yeah. Looks like this bug is not in 4.5.3-4. I did not test it, but
looking at the source it does not look like this version would be
effected by this problem.
Hilko Bengen wrote:
notfound 336719 4.5.3-4
thank you
Matthew A. Nicholson [EMAIL PROTECTED] writes:
I don't use 4.5.3, I use
notfound 336719 4.5.3-4
thank you
Matthew A. Nicholson [EMAIL PROTECTED] writes:
I don't use 4.5.3, I use 4.5.5. I can download 4.5.3 and compare the
source changes, but I don't use it and it's not an option for me to test
with it. Give me a few hours and i'll get back to you. :)
I don't use 4.5.3, I use 4.5.5. I can download 4.5.3 and compare the
source changes, but I don't use it and it's not an option for me to test
with it. Give me a few hours and i'll get back to you. :)
Hilko Bengen wrote:
The current version in sarge (w/ security updates) is 4.5.3-4 and from
The current version in sarge (w/ security updates) is 4.5.3-4 and from
looking at upstream's CVS tree, it appears to me as if the bug leading
to the security vulnerability was introduced _after_ 4.5.3.
Can you confirm that this bug exists in 4.5.3-4?
Moreover, merging the PostgreSQL-related
7 matches
Mail list logo