https://bugzilla.suse.com/show_bug.cgi?id=1227174 https://bugzilla.suse.com/show_bug.cgi?id=1227174#c3 Matej Cepl <mcepl@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mcepl@suse.com --- Comment #3 from Matej Cepl <mcepl@suse.com> --- Yes, downloading and using pickles from the Internet is certainly a security issue, and exactly the thing the pickle module documentation warns programmers not to do (https://docs.python.org/3/library/pickle.html). However, removing of the network downloading functionality probably requires refactoring a big chunk of code. Waiting on upstream for their solution. -- You are receiving this mail because: You are on the CC list for the bug.