New submission from stealthcopter <ad...@stealthcopter.com>:
Filenames passed to the UU encoding methods (uu.py and uu_codec.py) that contain a newline character will overflow data into the UU content section. This can potentially be used to inject replace or corrupt data content in a file during the decode process. Initially discussed via the PSRT but deemed low risk so suggested I create a PR with the changes and a BPO. ---------- messages: 357660 nosy: stealthcopter priority: normal pull_requests: 16900 severity: normal status: open title: Remove newline characters from uu encoding methods type: security _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue38945> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
