From 5d4fc876ad92b3f2844debade49484b862799dcc Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Tue, 15 Jul 2014 12:27:13 -0400
Subject: Only allow [-a-z_] in etckeeper commands to avoid any possible
 directory traversal etc issues.

---
 debian/changelog | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index f78b248..f63626e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,8 @@ etckeeper (1.13) UNRELEASED; urgency=medium
 
   * Ignore check-mk-agent-logwatch's FHS violating
     /etc/check_mk/logwatch.state. Closes: #753903
+  * Only allow [-a-z_] in etckeeper commands to avoid any possible directory
+    traversal etc issues.
 
  -- Joey Hess <joeyh@debian.org>  Sat, 05 Jul 2014 19:03:00 -0400
 
-- 
cgit v1.2.3