October 13, 2009

Debian Security Advisory 1909 postgresql-ocaml - missing escape function

Article Source Debian Security Advisories
October 13, 2009, 5:00 pm

It was discovered that postgresql-ocaml, OCaml bindings to PostgreSQL's libpq, was missing a function to call PQescapeStringConn(). This is needed, because PQescapeStringConn() honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are used. The added function is called escape_string_conn() and takes the established database connection as a first argument. The old escape_string() was kept for backwards compatibility...

Read More

Click Here!