From 4a1bf7bb516284e6386856bab4410767994f9ad7 Mon Sep 17 00:00:00 2001
From: PenTesting <admin@secureforest.com>
Date: Mon, 18 Jun 2018 08:07:41 +0300
Subject: [PATCH] Regex hardening to fix CVE-2018-12356.

---
 contrib/verify-commits/gpg.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contrib/verify-commits/gpg.sh b/contrib/verify-commits/gpg.sh
index 0218b82e1..9b1003a75 100755
--- a/contrib/verify-commits/gpg.sh
+++ b/contrib/verify-commits/gpg.sh
@@ -26,7 +26,7 @@ if ! $VALID; then
 	exit 1
 fi
 if $VALID && $REVSIG; then
-	echo "$INPUT" | gpg --trust-model always "$@" | grep "\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" 2>/dev/null
+	echo "$INPUT" | gpg --trust-model always "$@" | grep "^\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" 2>/dev/null
 	echo "$GOODREVSIG"
 else
 	echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null