[Checkins] [zopefoundation/RestrictedPython] 381edc: Security fix deny using `format` method of str/uni...
GitHub
noreply at github.com
Thu Sep 14 11:39:31 CEST 2017
Branch: refs/heads/fix-format
Home: https://github.com/zopefoundation/RestrictedPython
Commit: 381edc3bc7810f92c284c27c77c8d626b9cd0c27
https://github.com/zopefoundation/RestrictedPython/commit/381edc3bc7810f92c284c27c77c8d626b9cd0c27
Author: Michael Howitz <mh at gocept.com>
Date: 2017-09-14 (Thu, 14 Sep 2017)
Changed paths:
M docs/CHANGES.rst
M src/RestrictedPython/Eval.py
M src/RestrictedPython/Guards.py
M src/RestrictedPython/README.rst
M src/RestrictedPython/transformer.py
M tests/__init__.py
M tests/test_compile_restricted_function.py
M tests/test_print_function.py
M tests/test_print_stmt.py
M tests/transformer/test_attribute.py
M tests/transformer/test_base_types.py
M tests/transformer/test_call.py
M tests/transformer/test_comparators.py
M tests/transformer/test_subscript.py
M tests/transformer/test_try.py
M tests/transformer/test_with_stmt.py
Log Message:
-----------
Security fix deny using `format` method of str/unicode as it is not safe.
See http://lucumr.pocoo.org/2016/12/29/careful-with-str-format/
More information about the checkins
mailing list