El jue, 14 abr 2022 a las 12:21, Damian Shaw (<damian.peter.s...@gmail.com>) escribió:
> > I searched grep.app and found no significant usage. > > Maybe someone wants to inform mitmproxy? > > It's a very popular tool and it comes up using that tool when searching > for "import mailcap" using grep.app: > https://grep.app/search?q=import%20mailcap > > https://github.com/mitmproxy/mitmproxy/blob/main/mitmproxy/tools/console/master.py#L2 > Thanks for catching that! I missed it because I mistakenly searched for '"import mailcap"' in quotes. It looks like mitmproxy isn't vulnerable to the security issue because it only passes a filename from mkstemp() to mailcap, and hopefully mkstemp filenames don't have shell metacharacters in them. However, if we deprecate mailcap mitmproxy will have to change their code. El jue, 14 abr 2022 a las 13:33, Guido van Rossum (<gu...@python.org>) escribió: > Probably because it’s not a top level module — it’s inside the email > package. > It's in fact a top-level module.
_______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/25FNDJBERE5PLBP3VX3JQ7ER2LNE2K2O/ Code of Conduct: http://python.org/psf/codeofconduct/
