This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author stealthcopter
Recipients stealthcopter
Date 2019-11-30.17:06:01
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1575133561.73.0.538278905149.issue38945@roundup.psfhosted.org>
In-reply-to
Content
Filenames passed to the UU encoding methods (uu.py and uu_codec.py) that contain a newline character will overflow data into the UU content section. This can potentially be used to inject replace or corrupt data content in a file during the decode process.

Initially discussed via the PSRT but deemed low risk so suggested I create a PR with the changes and a BPO.
History
Date User Action Args
2019-11-30 17:06:01stealthcoptersetrecipients: + stealthcopter
2019-11-30 17:06:01stealthcoptersetmessageid: <1575133561.73.0.538278905149.issue38945@roundup.psfhosted.org>
2019-11-30 17:06:01stealthcopterlinkissue38945 messages
2019-11-30 17:06:01stealthcoptercreate