[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-mailutils] SQL injection vulnerability in mailutils

From: Jordi Mallach
Subject: [bug-mailutils] SQL injection vulnerability in mailutils
Date: Wed, 18 May 2005 13:38:14 +0200
User-agent: Mutt/1.5.9i

Hello team,

I'm very sorry I didn't report this before, as I should have.

A week ago, Primoz reported a vulnerability in the SQL authentication
module in mailutils.

The details are in

The patch that was applied for Debian sarge (woody, luckily, wasn't
affected as it wasn't compiling this code at that time) is attached.

Jordi Mallach P�rez  --  Debian developer     http://www.debian.org/
address@hidden     address@hidden     http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

Attachment: 02_sql_injection.patch
Description: Text document

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]