Bug#544931: [uscan] Regressions due to security fix

Thu, 03 Sep 2009 12:05:36 -0700 

Package: devscripts
Severity: serious
Version: 2.10.54

The security fixes introduced in 2.10.54 has a regression which should
not migrate to testing.

The regular expression parser always evaluates the entire expression,
making it trivial to create infinite loops with expressions such as
"s/(\d)/$1./g".

Adam



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to