On Sat, 2013-04-13 at 23:03 +0100, Stefanos Harhalakis wrote: > And in case it helps more, here's the full patch.
The upstream bug to which this bug is marked as forwarded indicates that simply updating the expression to include "/" (as per your suggested patch) would reintroduce CVE-2012-3867, which doesn't seem like an ideal solution. See http://projects.puppetlabs.com/issues/15561#note-13 for reference. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
