From secunia security advisory at $URL:
Input passed via the "limit" and "offset" keywords to the "select()" function is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerabilities are reported in versions prior to 0.7.0.
Update to version 0.7.0.
Please remove from the tre the vulnerable version(s)
Vulnerable versions removed (and removed everything before latest stable while I was at it).
(In reply to comment #2)
> Vulnerable versions removed (and removed everything before latest stable
> while I was at it).
@security, please vote.
Thanks, everyone. GLSA vote: no.
Thanks, folks. GLSA Vote: yes.
Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used
in Keystone, allow remote attackers to execute arbitrary SQL commands via
the (1) limit or (2) offset keyword to the select function, or unspecified
vectors to the (3) select.limit or (4) select.offset function.
YES too, request filed.
This issue was resolved and addressed in
GLSA 201209-16 at http://security.gentoo.org/glsa/glsa-201209-16.xml
by GLSA coordinator Sean Amoss (ackle).