Hi, On 02/05/2011 12:30 AM, Kees Cook wrote: > Since the package referred to in this bug is in universe or > multiverse, it is community maintained. If you are able, I suggest > posting a debdiff for this issue. When a debdiff is available, members > of the security team will review it and publish the package. See the > following link for more information: > https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures > > ** Changed in: smbind (Ubuntu) > Status: New => Confirmed > > ** Changed in: smbind (Ubuntu) > Importance: Undecided => Medium > > ** Visibility changed to: Public >
Before making it public, an email to the Debian maintainer or better to the Debian Security team would be appreciated. Cheers, Giuseppe. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/657473 Title: It looks like you could make SQL injection with $_POST['host'] or some other variables. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs