[Pkg-puppet-devel] Bug#682590: patch
Adam D. Barratt
adam at adam-barratt.org.uk
Sat Apr 13 22:28:58 UTC 2013
On Sat, 2013-04-13 at 23:03 +0100, Stefanos Harhalakis wrote:
> And in case it helps more, here's the full patch.
The upstream bug to which this bug is marked as forwarded indicates that
simply updating the expression to include "/" (as per your suggested
patch) would reintroduce CVE-2012-3867, which doesn't seem like an ideal
solution.
See http://projects.puppetlabs.com/issues/15561#note-13 for reference.
Regards,
Adam
More information about the Pkg-puppet-devel
mailing list