--- /usr/local/share/perl/5.8.4/Authen/Captcha.pm       2003-12-18 04:44:34.000000000 +0000
+++ Captcha.pm  2006-11-06 18:53:26.000000000 +0000
@@ -234,7 +234,14 @@
                $line =~ s/\n//;
                my ($data_time,$data_code) = split(/::/,$line);
 
+               # untaint $data_code if it consists of 32 hexadecimal digits
+               # if regexp match fails, script will die under -T and continue as before otherwise
+               if ( $data_code =~ /^([a-f0-9]{32})$/ ) {
+                       $data_code = $1;
+               }
+
                my $png_file = File::Spec->catfile($self->output_folder(),$data_code . ".png");
+
                if ($data_code eq $crypt)
                {
                        # the crypt was found in the database
@@ -355,7 +362,7 @@
                if ( (($current_time - $data_time) > ($self->expire())) ||
                     ($data_code  eq $md5) )
                {       # remove expired captcha, or a dup
-                       my $png_file = File::Spec->catfile($self->output_folder(),$data_code . ".png");
+                       my $png_file = File::Spec->catfile($self->output_folder(),$md5 . ".png");
                        unlink($png_file) or carp("Can't remove png file [$png_file]\n");
                } else {
                        $new_data .= $line."\n";