diff options
author | Satoshi Fujii <fujii-satoshi@jp.fujitsu.com> | 2021-06-16 13:41:24 +0000 |
---|---|---|
committer | Satoshi Fujii <fujii-satoshi@jp.fujitsu.com> | 2021-06-19 04:46:13 +0000 |
commit | 050acf2b98a82ecb707b69fc6ff4bef6f84b4bd8 (patch) | |
tree | dfb94c725765fc627bcbcba7dac22f68cb91608d /Changelog.md | |
parent | 313750bef0318c2204ce869fb2bdc4d4043a20e6 (diff) |
Fix SQL security issue
Constructing SQL statement by python % formatting operator is
dangerous. Use psycopg2 placeholder to escape special characters.
Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com>
Issue-ID: DCAEGEN2-2836
Change-Id: I5ac804bc3e280c3eae14a5e224ca5fc7c7faccb7
Diffstat (limited to 'Changelog.md')
-rw-r--r-- | Changelog.md | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/Changelog.md b/Changelog.md index 40984a9..3a3bbf8 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). +## [2.3.1.] - 19/06/2021 +### Security +- Fixed SQL injection vulnerability + + ## [2.3.0.] - 18/06/2021 ### Changed - Cleanup code |