Apache OpenOffice (AOO) Bugzilla – Issue 115573
Unquoted password in connection string of sdbc-postgresql
Last modified: 2013-07-30 02:45:17 UTC
Password is appended to connection string unquoted. This prevents users from logging in if their password contains spaces or colons. This can also be used to breach security, redirecting connection to a different host/port/database by adding connection parameters after a space character in password field. Workaround for passwords with colons and spaces is to single-quote password by hand. Workaround for security breach is unknown.
Set priority bac to P3, according to: http://qa.openoffice.org/scdocs/ddIssues_EnterModify.html#priority @ jbu Please review it.
Indeed. This is fixed in a new version of postgresql-sdbc which I'll release "really soon now"; see http://wiki.documentfoundation.org/PostgreSQL-SDBC .
Reset assignee on issues not touched by assignee in more than 1000 days.