Package: auth2db Version: 0.2.5-2+dfsg-1 Severity: grave Tags: security Hi auth2db uses addslashes, which doesn''t protect against SQL injections, when used with multibyte character encodings. As discussed via private mails, the NMU patch is attached. Cheers Steffen -------------- next part -------------- A non-text attachment was scrubbed... Name: nmu.patch Type: text/x-diff Size: 1509 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20090330/3f4c9892/attachment.patch