El jue, 14 abr 2022 a las 12:21, Damian Shaw (<[email protected]>) escribió:
> > I searched grep.app and found no significant usage. > > Maybe someone wants to inform mitmproxy? > > It's a very popular tool and it comes up using that tool when searching > for "import mailcap" using grep.app: > https://grep.app/search?q=import%20mailcap > > https://github.com/mitmproxy/mitmproxy/blob/main/mitmproxy/tools/console/master.py#L2 > Thanks for catching that! I missed it because I mistakenly searched for '"import mailcap"' in quotes. It looks like mitmproxy isn't vulnerable to the security issue because it only passes a filename from mkstemp() to mailcap, and hopefully mkstemp filenames don't have shell metacharacters in them. However, if we deprecate mailcap mitmproxy will have to change their code. El jue, 14 abr 2022 a las 13:33, Guido van Rossum (<[email protected]>) escribió: > Probably because it’s not a top level module — it’s inside the email > package. > It's in fact a top-level module.
_______________________________________________ Python-Dev mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/[email protected]/message/25FNDJBERE5PLBP3VX3JQ7ER2LNE2K2O/ Code of Conduct: http://python.org/psf/codeofconduct/
