search

phpmyadmin / sql-parser

A validating SQL lexer and parser with a focus on MySQL dialect.
https://packagist.org/packages/phpmyadmin/sql-parser
GNU General Public License v2.0
437 stars 102 forks source link

Security issue #559

Open MoonE opened 3 months ago

MoonE commented 3 months ago

I sent an email to security@phpmyadmin.net, but have not yet gotten a response. Did it get lost?

liviuconcioiu commented 3 months ago

I sent an email to security@phpmyadmin.net, but have not yet gotten a response. Did it get lost?

You are not the only one who hasn't received a response. I've sent an email too, almost 3 weeks ago and no response.

ibennetch commented 3 months ago

I quite apologize for this but I have not seen messages from either of you to the security address. I must look in to that immediately.

In the meantime, you may send your report to me directly, I use gmail and my username is bennetch.

MoonE commented 3 months ago

Yesterday, I sent the mail to your personal gmail address, can you confirm receiving it?

williamdes commented 2 days ago

I am not sure how we should deal with the patch, what versions should have it ? Is releasing phpMyAdmin 5.2.2 right after a good idea ?