You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Henri Yandell (JIRA)" <ji...@apache.org> on 2008/01/20 05:40:35 UTC
[jira] Resolved: (CONFIGURATION-304) Add documentation about SQL
Injection vulnerability for DatabaseConfiguration
[ https://issues.apache.org/jira/browse/CONFIGURATION-304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Henri Yandell resolved CONFIGURATION-304.
-----------------------------------------
Resolution: Fixed
Fix Version/s: (was: 2.0)
1.6
svn ci -m "Applying Hasan Diwan's patch to add a note that DatabaseConfiguration does not protect from SQL Injection - CONFIGURATION-304" src
Sending src/java/org/apache/commons/configuration/DatabaseConfiguration.java
Transmitting file data .
Committed revision 613503.
> Add documentation about SQL Injection vulnerability for DatabaseConfiguration
> -----------------------------------------------------------------------------
>
> Key: CONFIGURATION-304
> URL: https://issues.apache.org/jira/browse/CONFIGURATION-304
> Project: Commons Configuration
> Issue Type: Improvement
> Affects Versions: 1.5
> Reporter: Oliver Heger
> Assignee: Oliver Heger
> Priority: Minor
> Fix For: 1.6
>
> Attachments: commons-config-sqlinjectionwarning.pat
>
>
> Add some notes about possibility of SQL Injection and that it is not in the scope of this library to take a major effort to avoid this.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.