Debian Linux Security Advisory 4908-1 - It was discovered that libhibernate3-java, a powerful, high performance object/relational persistence and query service, is prone to an SQL injection vulnerability allowing an attacker to access unauthorized information or possibly conduct further attacks.
916cc89b698ba282a81fd6c600086d11950667adc8ce56a8ab2de7689a7491ec