Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix insecure SQL queries in MySQL module #51462

Merged
merged 3 commits into from Feb 1, 2019
Merged

Fix insecure SQL queries in MySQL module #51462

merged 3 commits into from Feb 1, 2019

Conversation

ghost
Copy link

@ghost ghost commented Feb 1, 2019

All the details have been sent to security@saltstack.com.

@ghost ghost self-requested a review as a code owner February 1, 2019 10:09
@ghost ghost changed the title Fix insecure sql queries in mysql module Fix insecure SQL queries in MySQL module Feb 1, 2019
@ghost ghost changed the base branch from develop to 2018.3.4 February 1, 2019 10:12
@garethgreenaway
Copy link
Member

@shantonru looks like there are some lint issues.

@ghost
Copy link
Author

ghost commented Feb 1, 2019

@garethgreenaway, as it was requested here i sent all details of security issue to security@saltstack.com.

@garethgreenaway
Copy link
Member

@shantonru yup! I saw that and we definitely appreciate the PR, but it looks like the lint test failed which means there are likely some coding standard violation. If you check the results of the test you should see what's wrong along with suggestions on fixing it.

@garethgreenaway
Copy link
Member

@shantonru looking closer it seems like it might not be a failure in your part. I'll attempt to rerun the tests.

@ghost
Copy link
Author

ghost commented Feb 1, 2019

@garethgreenaway, sorry, I read 'init issues' instead of 'lint issues' =)
Tests failed because i firstly made pull request to 'develop' branch instead of '2018.3.4' . Can you rerun tests please?

@dwoz
Copy link
Contributor

dwoz commented Feb 1, 2019

@ShantonRU Thank you for the contribution.

@dwoz dwoz merged commit a05305d into saltstack:2018.3.4 Feb 1, 2019
@ghost
Copy link
Author

ghost commented Feb 19, 2019

This issue has been assigned CVE-2019-1010259.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants