Marek Grzybowski discovered that changetrack, a program to monitor changes to files, is prone to shell command injection via metacharacters in filenames. The behaviour of the program has been adjusted to reject all filenames with metacharacters. For the stable distribution , this problem has been fixed in version 4.3-3+lenny1. For the oldstable distribution , this problem has been fixed in version 4.3-3+etch1. For the testing distribution , this problem will be fixed soon. For the unstable distribution , this problem has been fixed in version 4.5-2. We recommend that you upgrade your changetrack packages.