[Bugs] #3663 Wikipedia UNSP: Insecure

Sugar Labs Bugs bugtracker-noreply at sugarlabs.org
Thu May 31 12:37:31 EDT 2012

Previous message: [Bugs] #3403 Read UNSP: Read: theme the bookmark dialog and the bookmark itself
Next message: [Bugs] #3461 Maze UNSP: Maze doesn't resume the game state if we close it with "Escape" key
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#3663: Insecure
------------------------------------------+---------------------------------
    Reporter:  dsd                        |          Owner:  godiard                    
        Type:  defect                     |         Status:  new                        
    Priority:  Unspecified by Maintainer  |      Milestone:  Unspecified by Release Team
   Component:  Wikipedia                  |        Version:  Unspecified                
    Severity:  Minor                      |       Keywords:                             
Distribution:  Unspecified                |   Status_field:  Unconfirmed                
------------------------------------------+---------------------------------
 wikiserver commit 6ea1a1c78131 adds some custom string handling. This
 probably works in the " case but isn't great.

 You should properly escape the string passed to the query. See the "#
 Never do this -- insecure!" example at
 http://docs.python.org/library/sqlite3.html

-- 
Ticket URL: <http://bugs.sugarlabs.org/ticket/3663>
Sugar Labs <http://sugarlabs.org/>
Sugar Labs bug tracking system

Previous message: [Bugs] #3403 Read UNSP: Read: theme the bookmark dialog and the bookmark itself
Next message: [Bugs] #3461 Maze UNSP: Maze doesn't resume the game state if we close it with "Escape" key
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Bugs mailing list