Menu
▾
▴
[Pypgsql-checkins] CVS: pypgsql/pyPgSQL __init__.py,1.6,1.7
|
From: <gha...@us...> - 2006-06-07 18:06:14
|
Update of /cvsroot/pypgsql/pypgsql/pyPgSQL In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4455/pyPgSQL Modified Files: __init__.py Log Message: Patch for a security hole in PostgreSQL (CVE-2006-2314): escaping quotes with backslashes is insecure. The change is to escape single quotes with another single quote: \' => ''. Thanks to Martin Pitt for the patch. Index: __init__.py =================================================================== RCS file: /cvsroot/pypgsql/pypgsql/pyPgSQL/__init__.py,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** __init__.py 1 Jun 2006 14:42:51 -0000 1.6 --- __init__.py 7 Jun 2006 17:21:28 -0000 1.7 *************** *** 32,34 **** """ ! __version__ = "2.5" --- 32,34 ---- """ ! __version__ = "2.5.1" |
