Hi! On 16/03/13 21:53, Salvatore Bonaccorso wrote: > On Sat, Mar 16, 2013 at 10:47:54PM +0100, Salvatore Bonaccorso wrote: >> [...] But how about the attached patch for >> unstable?
Thank you for that. It does seem like the right way to handle it for wheezy. Your patch seems correct to me. But defining $xssBadRx would be just one extra line of diff... so why not use it? Then it would be more consistent with upstream. I've added Tobias back into Cc: as I would like to ask: While here, I wonder if the user-supplied $start/$end could be filtered with this same regex, to address the things I noted earlier? I thought maybe it could go in parse_datetime which is before they are used in any file paths or output by anything. And I don't *think* any valid time specifier would contain the characters of $xssBadRx. Thanks everyone, Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
