Le 04/27/17 à 06:08, Paul Wise a écrit : > On Fri, 9 Dec 2016 21:24:48 +0100 Julien Muchembled wrote: > >> python-zodbpickle - Fork of pickle module, for ZODB > > If this enters Debian, please make sure that you notify the security > team to update their embedded-code-copies file, which tracks both > embedded copies and forks of projects. > > https://wiki.debian.org/EmbeddedCodeCopies >
python-zodbpickle has just entered Debian and as planned, I suggest to update
embedded-code-copies because this package forks the 'pickle' modules of Python
2.7.6 and 3.3.2
For Python 2:
python2.7
- zodbpickle <unknown> (embed)
NOTE: embeds stdlib modules: pickle, cpickle
I am surprised to see no entry for any version of Python 3. Maybe start one
with python3.6
However, given the warning at the top of
https://docs.python.org/3/library/pickle.html
I am not sure it's useful to bother about the security of this code.
And unfortunately, the many changes in Python are not merged into zodbpickle.
Julien
signature.asc
Description: OpenPGP digital signature
