Previous versions of cquel allowed for primitive SQL injection attacks to occur when building query strings. Version 4.5 has been fully-tested to properly escape all input data.
Versions 4.2 and 4.3 had some connectivity bugs; do not use them. Version 4.5 fixes a bug in 4.4 where creating a dlist structure with a NULL primary key would cause a failure, contrary to the documentation.