|
From: | Sasa Ostrouska |
Subject: | Re: [Dolibarr-dev] Vulnerabilities |
Date: | Fri, 18 Oct 2013 17:47:56 +0200 |
I think we all knew about this vulnerabilities... And if not, we have been warned about them months ago...But it is great that you fixed them.
Regards,
2013/10/18 Doursenaud, Raphaël <address@hidden>_______________________________________________It also says "However, their sanitization methods were not fixed, and no mention was made on a future patch. Other SQLi vectors are likely." in the introduction.We should think about converting the source code to use parametrized queries. Maybe in a 4.0 branch ?What's your opinion ?--Raphaël Doursenaud05 35 53 97 13 - 06 68 48 20 10
Dolibarr-dev mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/dolibarr-dev
_______________________________________________
Dolibarr-dev mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/dolibarr-dev
[Prev in Thread] | Current Thread | [Next in Thread] |