[issue37977] Big red pickle security warning should stress the point even more

Change by Raymond Hettinger : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___ ___

[issue37977] Big red pickle security warning should stress the point even more

Raymond Hettinger added the comment: New changeset 6922b9e4fce635339cb94c2fdef6bba4e2a99621 by Raymond Hettinger (Miss Islington (bot)) in branch '3.8': bpo-37977: Warn more strongly and clearly about pickle security (GH-15595) (GH-15629) https://github.com/python/cpython/commit/6922b9e4fce6

[issue37977] Big red pickle security warning should stress the point even more

Change by miss-islington : -- pull_requests: +15297 pull_request: https://github.com/python/cpython/pull/15629 ___ Python tracker ___ __

[issue37977] Big red pickle security warning should stress the point even more

Raymond Hettinger added the comment: New changeset daa82d019c52e95c3c57275307918078c1c0ac81 by Raymond Hettinger (Daniel Pope) in branch 'master': bpo-37977: Warn more strongly and clearly about pickle security (GH-15595) https://github.com/python/cpython/commit/daa82d019c52e95c3c572753079180

[issue37977] Big red pickle security warning should stress the point even more

Change by Daniel Pope : -- keywords: +patch pull_requests: +15271 stage: -> patch review pull_request: https://github.com/python/cpython/pull/15595 ___ Python tracker ___

[issue37977] Big red pickle security warning should stress the point even more

New submission from Daniel Pope : CVEs related to unpickling untrusted data continue to come up a few times a year: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pickle This is certainly the tip of the iceberg. In a previous role I noted several internal services that could be compromised