On Fri, Jul 07, 2006 at 03:48:00PM +0200, Marc Haber wrote: > I am the maintainer of Debian's packages for exim4, a powerful and > versatile Mail Transfer Agent developed in Cambridge and in wide use > throughout the Free Software Community (http://www.exim.org/). > > One of our daemon flavours has PostgreSQL support. Our security guys > have found a flaw in exim regarding quote escaping for PostgreSQL. The > bug is filed in Debian's BTS as http://bugs.debian.org/369351 and was > transferred to exim's Bugzilla installation as > http://www.exim.org/bugzilla/show_bug.cgi?id=107. I would like to thank anybody who commented in this thread. Special thanks go to Florian Weimer, who has done the task of communicating with Philip Hazel, the exim author, and working out a fix which has since been released as part of exim 4.63. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
