diff --git a/ChangeLog b/ChangeLog
index db26453b7e8..61e28376bf7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -26,6 +26,8 @@ Fix: Delete linked element to supplier invoice when deleted
 Fix: [ bug #1061 ] Bad info shipped products
 Fix: [ bug #1062 ] Documents lost in propals and contracts validating
 Fix: Supplier price displayed on document lines and margin infos didnt take discount
+Fix: sorting on qty did not work in supplier product list
+Fix: there was no escaping on filter fields in supplier product list
 Qual: Add travis-ci integration
 
 
diff --git a/htdocs/fourn/product/liste.php b/htdocs/fourn/product/liste.php
index 4650324a032..7a3f25f6d2d 100644
--- a/htdocs/fourn/product/liste.php
+++ b/htdocs/fourn/product/liste.php
@@ -113,15 +113,15 @@ else
 	}
 	if ($sref)
 	{
-		$sql .= " AND p.ref LIKE '%".$sref."%'";
+		$sql .= " AND p.ref LIKE '%".$db->escape($sref)."%'";
 	}
 	if ($sRefSupplier)
 	{
-		$sql .= " AND ppf.ref_fourn LIKE '%".$sRefSupplier."%'";
+		$sql .= " AND ppf.ref_fourn LIKE '%".$db->escape($sRefSupplier)."%'";
 	}
 	if ($snom)
 	{
-		$sql .= " AND p.label LIKE '%".$snom."%'";
+		$sql .= " AND p.label LIKE '%".$db->escape($snom)."%'";
 	}
 	if($catid)
 	{
@@ -181,7 +181,7 @@ if ($resql)
 	print_liste_field_titre($langs->trans("Label"),"liste.php", "p.label",$param,"","",$sortfield,$sortorder);
 	print_liste_field_titre($langs->trans("Supplier"),"liste.php", "ppf.fk_soc",$param,"","",$sortfield,$sortorder);
 	print_liste_field_titre($langs->trans("BuyingPrice"),"liste.php", "ppf.price",$param,"",'align="right"',$sortfield,$sortorder);
-	print_liste_field_titre($langs->trans("QtyMin"),"liste.php", "ppf.qty",$param,"",'align="right"',$sortfield,$sortorder);
+	print_liste_field_titre($langs->trans("QtyMin"),"liste.php", "ppf.quantity",$param,"",'align="right"',$sortfield,$sortorder);
 	print_liste_field_titre($langs->trans("UnitPrice"),"liste.php", "ppf.unitprice",$param,"",'align="right"',$sortfield,$sortorder);
 	print "</tr>\n";