Your message dated Mon, 16 Mar 2015 15:55:40 +0100
with message-id <[email protected]>
and subject line lintian4python was removed from Debian
has caused the Debian Bug report #734443,
regarding lintian4python: check for unsafe functions (os.system, os.popen,
yaml.load)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
734443: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734443
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: lintian4python
Version: 0.27
Severity: wishlist
09:49 < pabs> jwilk: if you get lintian4python development going again, would
be cool to flag unsafe things like os.system, os.popen, yaml.load
09:49 < jwilk> What's wrong with yaml.load?
[…]
09:53 < pabs> jwilk: yaml.load can cause arbitrary functions/modules to be
loaded, which is why yaml.safe_load exists
[…]
09:54 < pabs> jwilk: search for !!python/object in
http://pyyaml.org/wiki/PyYAMLDocumentation
--
Jakub Wilk
--- End Message ---
--- Begin Message ---
Version: 0.28.4+rm
See https://bugs.debian.org/778796 for the removal request.
Andreas
--- End Message ---
