You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Henri Yandell (JIRA)" <ji...@apache.org> on 2008/01/20 05:40:35 UTC

[jira] Resolved: (CONFIGURATION-304) Add documentation about SQL Injection vulnerability for DatabaseConfiguration

     [ https://issues.apache.org/jira/browse/CONFIGURATION-304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Henri Yandell resolved CONFIGURATION-304.
-----------------------------------------

       Resolution: Fixed
    Fix Version/s:     (was: 2.0)
                   1.6

svn ci -m "Applying Hasan Diwan's patch to add a note that DatabaseConfiguration does not protect from SQL Injection - CONFIGURATION-304" src

Sending        src/java/org/apache/commons/configuration/DatabaseConfiguration.java
Transmitting file data .

Committed revision 613503.

> Add documentation about SQL Injection vulnerability for DatabaseConfiguration
> -----------------------------------------------------------------------------
>
>                 Key: CONFIGURATION-304
>                 URL: https://issues.apache.org/jira/browse/CONFIGURATION-304
>             Project: Commons Configuration
>          Issue Type: Improvement
>    Affects Versions: 1.5
>            Reporter: Oliver Heger
>            Assignee: Oliver Heger
>            Priority: Minor
>             Fix For: 1.6
>
>         Attachments: commons-config-sqlinjectionwarning.pat
>
>
> Add some notes about possibility of SQL Injection and that it is not in the scope of this library to take a major effort to avoid this.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.