➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2018-08-29 05:10 by benjamin.peterson, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 8985 | merged | benjamin.peterson, 2018-08-29 05:14 | |
| Messages (2) | |||
|---|---|---|---|
| msg324301 - (view) | Author: Benjamin Peterson (benjamin.peterson) *  |
Date: 2018-08-29 05:10 | |
disutils.spawn isn't very good at quoting command lines (#8987). We need to use subprocess to avoid shell injection. |
|||
| msg324367 - (view) | Author: Benjamin Peterson (benjamin.peterson) * |
Date: 2018-08-30 04:59 | |
New changeset d8b103b8b3ef9644805341216963a64098642435 by Benjamin Peterson in branch '2.7': closes bpo-34540: Convert shutil._call_external_zip to use subprocess rather than distutils.spawn. (GH-8985) https://github.com/python/cpython/commit/d8b103b8b3ef9644805341216963a64098642435 |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:05 | admin | set | github: 78721 |
| 2018-08-30 04:59:25 | benjamin.peterson | set | status: open -> closed resolution: fixed messages: + msg324367 stage: patch review -> resolved |
| 2018-08-29 05:14:07 | benjamin.peterson | set | keywords:
+ patch stage: patch review pull_requests: + pull_request8458 |
| 2018-08-29 05:10:18 | benjamin.peterson | create | |