projects / dovecot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8fa7e68) | patch
[PATCH 09/24] auth: passdb sql - Fix escaping for set_credentials()
authorTimo Sirainen <timo.sirainen@open-xchange.com>
Tue, 24 Feb 2026 10:24:37 +0000 (12:24 +0200)
committerNoah Meyerhans <noahm@debian.org>
Tue, 31 Mar 2026 19:07:17 +0000 (15:07 -0400)
commit60716f8c11ec770f40db2dc3b47286419855187d
tree6a35e7f6b509eb8c3907e1bfbb3cb32840068edftree | snapshot
parent8fa7e68a7527535f56b630994832e50978b6dc5bcommit | diff
[PATCH 09/24] auth: passdb sql - Fix escaping for set_credentials()

This was only used by OTP SASL mechanism after successful authentication, so
it practically couldn't be used for SQL injections.

Broken by ef0c63b690e6ef9fbd53cb815dfab50d1667ba3a

Gbp-Pq: Name CVE-2026-24031-27860-6.patch
src/auth/passdb-sql.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.