DSA-1910-1 mysql-ocaml -- missing escape functionID: oval:org.secpod.oval:def:600312 | Date: (C)2011-05-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
It was discovered that mysql-ocaml, OCaml bindings for MySql, was missing a function to call mysql_real_escape_string. This is needed, because mysql_real_escape_string honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are used. The added function is called real_escape and takes the established database connection as a first argument. The old escape_string was kept for backwards compatibility. Developers using these bindings are encouraged to adjust their code to use the new function. For the stable distribution , this problem has been fixed in version 1.0.4-4+lenny1. For the oldstable distribution , this problem has been fixed in version 1.0.4-2+etch1. For the testing distribution and the unstable distribution , this problem will be fixed soon. We recommend that you upgrade your mysql-ocaml packages.
Platform: |
Debian 5.0 |
Debian 4.0 |