according to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734747 this pkg is no longer vulnerable. I wasn't sure if there was a procedure for updating pkg-vulnerabilities (or validating my regex). Can someone help me out?