Issue #2388255 by dawehner, pwolanin, hussainweb, greggles: Limit PDO MySQL to executing single statements if PHP supports it

author: David Rothstein <drothstein@gmail.com> 2015-10-03 14:37:59 -0400
committer: David Rothstein <drothstein@gmail.com> 2015-10-03 14:37:59 -0400
commit: e575b47da2f00016ee62d169ecdfaf09e8cb4cd5 (patch)
tree: c4f5875c090cbed9df99fb18c14c636685d25f20 /CHANGELOG.txt
parent: 4cc037d4dd9b52ee59eecb3bbf1795c75c0ead5a (diff)
download: brdo-e575b47da2f00016ee62d169ecdfaf09e8cb4cd5.tar.gz
brdo-e575b47da2f00016ee62d169ecdfaf09e8cb4cd5.tar.bz2
1 files changed, 3 insertions, 0 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 2b8f30c5b..23b66697d 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,6 +1,9 @@
 
 Drupal 7.40, xxxx-xx-xx (development version)
 -----------------------
+- Prevented the database API from executing multiple queries at once on MySQL,
+  if the site's PHP version is new enough to do so. This is a secondary defense
+  against SQL injection attacks.
 - Fixed a bug in the Drupal 6 to Drupal 7 upgrade path which caused the upgrade
   to fail when there were multiple file records pointing to the same file.
author	David Rothstein <drothstein@gmail.com>	2015-10-03 14:37:59 -0400
committer	David Rothstein <drothstein@gmail.com>	2015-10-03 14:37:59 -0400
commit	e575b47da2f00016ee62d169ecdfaf09e8cb4cd5 (patch)
tree	c4f5875c090cbed9df99fb18c14c636685d25f20 /CHANGELOG.txt
parent	4cc037d4dd9b52ee59eecb3bbf1795c75c0ead5a (diff)
download	brdo-e575b47da2f00016ee62d169ecdfaf09e8cb4cd5.tar.gz brdo-e575b47da2f00016ee62d169ecdfaf09e8cb4cd5.tar.bz2