On Fri, Apr 04, 2003 at 12:28:23PM -0500, Barry Jaspan wrote:
> Mail::SpamAssassin::Util::untaint_file_path contains the following bugs:
please goto bugzilla.spamassassin.org and open a new ticket about this.
we'll fix it for 2.54.
--
Randomly Generated Tagline:
"dy/dx = dy/du * du/dv * dv/dx ..
Mail::SpamAssassin::Util::untaint_file_path contains the following bugs:
- If the regexp doesn't match, $1 (from some previous match) is returned
anyway with no warning.
- The empty string ("") is a safe path but does not match the regexp.
- The tilde character ("~") is rejected although it is
