Menu

Git Merge Request #39: Use pyyaml safe_load instead of load (rejected)

Merging...

Merged

Something went wrong. Please, merge manually

Checking if merge is possible...

Something went wrong. Please, merge manually

Craig wants to merge 1 commit from /u/craigandrews/lirc/ to master, 2023-03-21

Using load on untrusted user input could lead to arbitrary code execution.
Therefore, upstream has disabled load, requiring the use of either
safe_load or full_load
See https://github.com/yaml/pyyaml/issues/265
Originally reported at https://bugs.gentoo.org/682922

Commit Date  
[8fab50] (unsafe-load) by Craig Andrews Craig Andrews

Use pyyaml safe_load instead of load

Using load on untrusted user input could lead to arbitrary code execution.
Therefore, upstream has disabled load, requiring the use of either
safe_load or full_load
See https://github.com/yaml/pyyaml/issues/265

 2019-05-11 15:39:44 Tree

Discussion

  • Sean Young

    Sean Young - 2023-03-21

    Alternative fix has been merged. Let us know if there is still is a problem

     

  • Sean Young

    Sean Young - 2023-03-21
    • Status: open --> rejected
     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.