It was discovered that mysql-ocaml, OCaml bindings for MySql, was missing a function to call mysql_real_escape_string. This is needed, because mysql_real_escape_string honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are used. The added function is called real_escape and takes the established database connection as a first argument. The old escape_string was kept for backwards compatibility. Developers using these bindings are encouraged to adjust their code to use the new function. For the stable distribution , this problem has been fixed in version 1.0.4-4+lenny1. For the oldstable distribution , this problem has been fixed in version 1.0.4-2+etch1. For the testing distribution and the unstable distribution , this problem will be fixed soon. We recommend that you upgrade your mysql-ocaml packages.