Bug#369351: Bandaid patch
Andreas Metzler
ametzler at downhill.at.eu.org
Fri Jun 2 16:27:05 UTC 2006
On 2006-06-02 Martin Pitt <martin.pitt at ubuntu.com> wrote:
> http://patches.ubuntu.com/patches/exim4.sql_quote_escaping.diff is a
> quick band aid patch (minimally intrusive) suitable for a sarge
> security update. It also fixes the same issue for the mysql backend.
Thanks a lot.
> However, in Sid exim4 should still be changed to use
> PQescapeStringConn() and mysql_real_escape().
PQescapeStringConn() is newly introduced in postgresql-8.1 8.1.4,
afaict from
http://packages.qa.debian.org/p/postgresql-8.1/news/20060602T042331Z.html
so I gather that switching to it would either be need to be done
conditionally (at build-time) or building against older versions would
be impossible.
Is this correct?
thanks, cu andreas
--
The 'Galactic Cleaning' policy undertaken by Emperor Zhark is a personal
vision of the emperor's, and its inclusion in this work does not constitute
tacit approval by the author or the publisher for any such projects,
howsoever undertaken. (c) Jasper Ffforde
More information about the Pkg-exim4-maintainers
mailing list