diff options
| author | Loganaden Velvindron <logan@hackers.mu> | 2018-06-15 21:45:32 +0400 |
|---|---|---|
| committer | Loganaden Velvindron <logan@hackers.mu> | 2018-06-15 21:45:32 +0400 |
| commit | 9e2e5626dabb7208dafedcc9904940b666be1c3b (patch) | |
| tree | 70bb7f8f0ac460784c2f860b7af3d124f30214b1 /contrib | |
| parent | be27048a1842b76de5b230383c1466b72dfd8cc5 (diff) | |
| download | bitcoin-9e2e5626dabb7208dafedcc9904940b666be1c3b.tar.xz | |
Fix CVE-2018-12356 by hardening the regex.
Diffstat (limited to 'contrib')
| -rwxr-xr-x | contrib/verify-commits/gpg.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/contrib/verify-commits/gpg.sh b/contrib/verify-commits/gpg.sh index 8f3e4b8063..16d41d7269 100755 --- a/contrib/verify-commits/gpg.sh +++ b/contrib/verify-commits/gpg.sh @@ -57,7 +57,7 @@ if ! $VALID; then exit 1 fi if $VALID && $REVSIG; then - printf '%s\n' "$INPUT" | gpg --trust-model always "$@" 2>/dev/null | grep "\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" + printf '%s\n' "$INPUT" | gpg --trust-model always "$@" 2>/dev/null | grep "^\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" echo "$GOODREVSIG" else printf '%s\n' "$INPUT" | gpg --trust-model always "$@" 2>/dev/null |