On 15 May 2015 at 14:13, Daniel P. Berrange wrote:
> On Fri, May 15, 2015 at 12:41:20PM +0100, Matthew Booth wrote:
>> I was looking at the migrations api, and I noticed that the api passes
>> the request query unchecked to get_migrations, where it ultimately ends
>> up in a db query. I was curiou
On Fri, May 15, 2015 at 12:41:20PM +0100, Matthew Booth wrote:
> I was looking at the migrations api, and I noticed that the api passes
> the request query unchecked to get_migrations, where it ultimately ends
> up in a db query. I was curious and spent a couple of hours checking
> this morning. Th
On 05/15/2015 05:41 AM, Matthew Booth wrote:
> I was looking at the migrations api, and I noticed that the api passes
> the request query unchecked to get_migrations, where it ultimately ends
> up in a db query. I was curious and spent a couple of hours checking
> this morning. There are a few inst
I was looking at the migrations api, and I noticed that the api passes
the request query unchecked to get_migrations, where it ultimately ends
up in a db query. I was curious and spent a couple of hours checking
this morning. There are a few instances of this.
I didn't find any security bugs, howe