On 2006-06-02 Martin Pitt <[EMAIL PROTECTED]> wrote: > http://patches.ubuntu.com/patches/exim4.sql_quote_escaping.diff is a > quick band aid patch (minimally intrusive) suitable for a sarge > security update. It also fixes the same issue for the mysql backend.
Thanks a lot. > However, in Sid exim4 should still be changed to use > PQescapeStringConn() and mysql_real_escape(). PQescapeStringConn() is newly introduced in postgresql-8.1 8.1.4, afaict from http://packages.qa.debian.org/p/postgresql-8.1/news/20060602T042331Z.html so I gather that switching to it would either be need to be done conditionally (at build-time) or building against older versions would be impossible. Is this correct? thanks, cu andreas -- The 'Galactic Cleaning' policy undertaken by Emperor Zhark is a personal vision of the emperor's, and its inclusion in this work does not constitute tacit approval by the author or the publisher for any such projects, howsoever undertaken. (c) Jasper Ffforde -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]