Package: sqlparse / 0.4.2-1+deb12u1

Metadata

Package Version Patches format
sqlparse 0.4.2-1+deb12u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
CVE 2023 30608.patch | (download)

sqlparse/keywords.py | 4 2 + 2 - 0 !
tests/test_split.py | 4 2 + 2 - 0 !
2 files changed, 4 insertions(+), 4 deletions(-)

 remove unnecessary parts in regex for bad escaping.

The regex tried to deal with situations where escaping in the
SQL to be parsed was suspicious.

CVE 2024 4340.patch | (download)

sqlparse/sql.py | 14 9 + 5 - 0 !
tests/test_regressions.py | 16 16 + 0 - 0 !
2 files changed, 25 insertions(+), 5 deletions(-)

 raise sqlparseerror instead of recursionerror.