Re: Recommending get-orig-source for packages ?
On Wed, Dec 04, 2013 at 11:30:01AM +0100, Jakub Wilk wrote:
>
> AFAICS they way get_main_source_dir() is currently implemented lets
> malicious upstream to plant files in their tarball that would cause
> arbitrary code execution...
Would you mind proposing a proper fix and forward it to the according
bug report to let other people tha readers of debian-python know.
Kind regards and thanks for any helpful hint
Andreas.
--
http://fam-tille.de
Reply to: