Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 407437 (CVE-2012-0805) - <dev-python/sqlalchemy-0.7.4 : "limit" and "offset" Keywords SQL Injection Vulnerabilities (CVE-2012-0805)
Summary: <dev-python/sqlalchemy-0.7.4 : "limit" and "offset" Keywords SQL Injection Vu...
Alias: CVE-2012-0805
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa]
Depends on:
Reported: 2012-03-08 16:04 UTC by Agostino Sarubbo
Modified: 2012-09-26 22:19 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2012-03-08 16:04:38 UTC
From secunia security advisory at $URL:

Input passed via the "limit" and "offset" keywords to the "select()" function is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in versions prior to 0.7.0.

Update to version 0.7.0.
Comment 1 Agostino Sarubbo gentoo-dev 2012-03-08 16:05:16 UTC

Please remove from the tre the vulnerable version(s)
Comment 2 Marien Zwart (RETIRED) gentoo-dev 2012-03-08 18:13:56 UTC
Vulnerable versions removed (and removed everything before latest stable while I was at it).
Comment 3 Agostino Sarubbo gentoo-dev 2012-03-08 19:22:58 UTC
(In reply to comment #2)
> Vulnerable versions removed (and removed everything before latest stable
> while I was at it).


@security, please vote.
Comment 4 Sean Amoss (RETIRED) gentoo-dev Security 2012-03-08 21:08:01 UTC
Thanks, everyone. GLSA vote: no.
Comment 5 Tim Sammut (RETIRED) gentoo-dev 2012-03-11 06:34:25 UTC
Thanks, folks. GLSA Vote: yes.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2012-06-15 19:01:14 UTC
CVE-2012-0805 (
  Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used
  in Keystone, allow remote attackers to execute arbitrary SQL commands via
  the (1) limit or (2) offset keyword to the select function, or unspecified
  vectors to the (3) select.limit or (4) select.offset function.
Comment 7 Tobias Heinlein (RETIRED) gentoo-dev 2012-08-14 16:03:49 UTC
YES too, request filed.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2012-09-26 22:19:35 UTC
This issue was resolved and addressed in
 GLSA 201209-16 at
by GLSA coordinator Sean Amoss (ackle).