Menu
▾
▴
[Pypgsql-devel] [ pypgsql-Bugs-1501951 ] Insecure quote escaping [CVE-2006-2314]
|
From: SourceForge.net <no...@so...> - 2006-06-07 17:35:58
|
Bugs item #1501951, was opened at 2006-06-07 02:59 Message generated for change (Comment added) made by ghaering You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=116528&aid=1501951&group_id=16528 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: libpq Group: None >Status: Closed >Resolution: Fixed Priority: 9 Submitted By: Ben Burton (bab) Assigned to: Gerhard Häring (ghaering) Summary: Insecure quote escaping [CVE-2006-2314] Initial Comment: Hi, There was a recent security hole in PostgreSQL involving the escaping of quotes (\' vs ''). It is a little unfortunate that the relevant pypgsql patch came out around the same time as your 2.5 release (and therefore didn't make the release); anyway, the patch is included here. >From the original debian bug report (#369250): Recently, a security hole has been discovered in PostgreSQL client applications, see http://www.postgresql.org/docs/techdocs.50 for details. In short, using \' for quote escaping is insecure and now not allowed any more in some encodings which are prone to this SQL injection attack. Quotes in python-pgsql are escaped with \'. The attached patch fixes that to use '' instead. Thanks to Martin Pitt for the patch. The relevant CVE number is CVE-2006-2314. Ben. ---------------------------------------------------------------------- >Comment By: Gerhard Häring (ghaering) Date: 2006-06-07 19:35 Message: Logged In: YES user_id=163326 Fixed in 2.5.1 just released. Thanks! ---------------------------------------------------------------------- Comment By: Gerhard Häring (ghaering) Date: 2006-06-07 19:11 Message: Logged In: YES user_id=163326 Thanks a lot for the patch. Expect a pyPgSQL 2.5.1 release very soon. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=116528&aid=1501951&group_id=16528 |
