New submission from stealthcopter :
Filenames passed to the UU encoding methods (uu.py and uu_codec.py) that
contain a newline character will overflow data into the UU content section.
This can potentially be used to inject replace or corrupt data content in a
file during the decode process.
Initially discussed via the PSRT but deemed low risk so suggested I create a PR
with the changes and a BPO.
--
messages: 357660
nosy: stealthcopter
priority: normal
pull_requests: 16900
severity: normal
status: open
title: Remove newline characters from uu encoding methods
type: security
___
Python tracker
<https://bugs.python.org/issue38945>
___
___
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
