See http://www.anope.org/news.php?id=10 for hint I bumped to 1.7.17 in CVS already
Thanks Markus, i've just seen the cvs commit. It seems to be a mysql injection exploit. (if used with MySQL) No GLSA needed since it's only ~x86; i close the bug since there is no stabilization need. Thanks you ! This bug will improve our statistics :)