* Martijn van Oosterhout:
> * If application always sends untrusted strings as out-of-line
> parameters, instead of embedding them into SQL commands, it is not
> vulnerable.
This paragraph should explictly mention PQexecParams (which everybody
should use anyway).
It seems that Exim's architecture prevents the use of PQexecParams,
though.
---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
