File: CVE-2017-2810-use_safe_load.patch

package info (click to toggle)
python-tablib 0.9.11-2%2Bdeb8u1
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 3,736 kB
  • sloc: python: 59,944; makefile: 111
file content (17 lines) | stat: -rw-r--r-- 602 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
 
Description: use safe load
Author: Kenneth Reitz <me@kennethreitz.org>
Origin: https://github.com/kennethreitz/tablib/commit/69abfc3ada5d754cb152119c0b4777043657cb6e
Bug-Debian: https://bugs.debian.org/864818
Last-Update: 2017-10-24

--- python-tablib-0.9.11.orig/tablib/formats/_yaml.py
+++ python-tablib-0.9.11/tablib/formats/_yaml.py
@@ -46,7 +46,7 @@ def import_book(dbook, in_stream):
 
     dbook.wipe()
 
-    for sheet in yaml.load(in_stream):
+    for sheet in yaml.safe_load(in_stream):
         data = tablib.Dataset()
         data.title = sheet['title']
         data.dict = sheet['data']