pike7.6 (7.6.61-1ubuntu2.1) dapper-security; urgency=low * SECURITY UPDATE: SQL injections were possible via the postgres module. * Add 'debian/patches/10_postgres_string_quoting.diff' to add string quoting. * References http://pike.ida.liu.se/development/cvs/pike.xml?between=2006-05-24&and=2006-06-07 CVE-2006-4041
-- Kees Cook <[EMAIL PROTECTED]> Tue, 17 Oct 2006 13:12:03 -0700 ** Changed in: pike7.6 (Ubuntu Dapper) Status: Confirmed => Fix Released -- CVE-2006-4041: Pike Unspecified SQL Injection Vulnerability https://launchpad.net/bugs/58169 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs