[Commotion-admin] [commotion-feed] SQL Injection in rhizome http service (#18)
areynold
notifications at github.com
Thu Oct 10 20:01:30 UTC 2013
The Serval DNA SQL injection vulnerability is now fixed. See [Serval DNA issue #69](https://github.com/servalproject/serval-dna/issues/69). This fix will go into the next release of Batphone.
There should never be another SQL injection vulnerability in Serval DNA as long as developers follow the pattern of using SQLite parameter binding and do not use sprintf(3) et al for SQL query construction.
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/commotion-feed/issues/18#issuecomment-26086236
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20131010/dd0bc063/attachment.html>
More information about the Commotion-admin
mailing list