Message 126254 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	zhigang
Recipients	zhigang
Date	2011-01-14.12:03:44
SpamBayes Score	6.0163406e-06
Marked as misclassified	No
Message-id	<1295006628.53.0.290414123413.issue10905@psf.upfronthosting.co.za>
In-reply-to

Content
We only support arcname with one leading '/', but not more. This patch fixes it. We don't support arcname with '..' well. The default behavior of unzip and 7z is to ignore all '..'. This patch does the same. Also updated the doc. If there are other security related issues exist, we should revise the doc. Please review.

We only support arcname with one leading '/', but not more. This patch fixes it.

We don't support arcname with '..' well. The default behavior of unzip and 7z is to ignore all '..'. This patch does the same.

Also updated the doc. If there are other security related issues exist, we should revise the doc.

Please review.

History
Date	User	Action	Args
2011-01-14 12:03:48	zhigang	set	recipients: + zhigang
2011-01-14 12:03:48	zhigang	set	messageid: <1295006628.53.0.290414123413.issue10905@psf.upfronthosting.co.za>
2011-01-14 12:03:45	zhigang	link	issue10905 messages
2011-01-14 12:03:45	zhigang	create