Hi, upstream already has the pickle 'loader' (they have commented out
the pickle.load line) why hasn't debian already done this?
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
I'm not quite sure how to fix this issue. From what I can tell from a
few quick tests, your fix seems to work, but the pickle documentation
itself states:
> Never unpickle data received from an untrusted or unauthenticated source.
So maybe th
Package: python-django-piston
Version: 0.2.2-1
Severity: important
Hello,
/usr/share/pyshared/piston/emitters.py:398 contains:
Mimer.register(pickle.loads, ('application/python-pickle',))
If I cross-reference it with
https://bitbucket.org/jespern/django-piston/wiki/Documentation#!receiving-da
3 matches
Mail list logo
