Public bug reported:
Binary package hint: mydms
Please sync mydms (1.4.4+1-5) from Debian unstable (main).
The Ubuntu package has no changes.
Thanks.
Changelog:
mydms (1.4.4+1-5) unstable; urgency=high
* Security: SQL Injection could be done changing cookies content if the
userID is not checked to be numeric only (Thanks to Rolan Benavent from
Dulasoft SL)
* Security: SQL Injection could be done as result of an incorrect checking
order in sanitize function.
-- Miguel Gea Milvaques <[EMAIL PROTECTED]> Fri, 16 Feb 2007 17:21:38
+0100
** Affects: mydms (Ubuntu)
Importance: Undecided
Status: Unconfirmed
--
[Sync request] Sync mydms (1.4.4+1-5) from Debian unstable (main)
https://launchpad.net/bugs/91094
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
