From secunia security advisory at $URL: Description Input passed via the "limit" and "offset" keywords to the "select()" function is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions prior to 0.7.0. Solution Update to version 0.7.0.
@python Please remove from the tre the vulnerable version(s)
Vulnerable versions removed (and removed everything before latest stable while I was at it).
(In reply to comment #2) > Vulnerable versions removed (and removed everything before latest stable > while I was at it). Thanks. @security, please vote.
Thanks, everyone. GLSA vote: no.
Thanks, folks. GLSA Vote: yes.
CVE-2012-0805 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0805): Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function.
YES too, request filed.
This issue was resolved and addressed in GLSA 201209-16 at http://security.gentoo.org/glsa/glsa-201209-16.xml by GLSA coordinator Sean Amoss (ackle).
