https://bugzilla.suse.com/show_bug.cgi?id=1227174
https://bugzilla.suse.com/show_bug.cgi?id=1227174#c3
Matej Cepl changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mcepl@suse.com
--- Comment #3 from Matej Cepl ---
Yes, downloading and using pickles from the Internet is certainly a security
issue, and exactly the thing the pickle module documentation warns programmers
not to do (https://docs.python.org/3/library/pickle.html).
However, removing of the network downloading functionality probably requires
refactoring a big chunk of code.
Waiting on upstream for their solution.
--
You are receiving this mail because:
You are on the CC list for the bug.