Control: found -1 1.6.2+dfsg-2The fix is insufficient. To reproduce, try converting the file created by this command:
touch '`cowsay pwned >&2; sleep inf`.mp3'
Single-quoted strings are better suited for shell-escaping, because the
only character to care of is the single quote itself. That is, the whole
escaping procedure could look like this:
1) Replace every ' character with: '\'' 2) Add single quotes around the whole thing. -- Jakub Wilk
