Update pyyaml to latest beta version to fix security warning

minds-ai / zoom-drive-connector

Automatically uploads Zoom meeting recordings to Google Drive.

Other

33 stars 8 forks source link

Update pyyaml to latest beta version to fix security warning #23

Closed jbedorf closed 5 years ago

jbedorf commented 5 years ago

See: CVE-2017-18342 and https://github.com/yaml/pyyaml/issues/243

MrFlynn commented 5 years ago

We're only using the safe_load() method, so we're not vulnerable. Not sure if we should upgrade to a beta package to fix an issue we're not vulnerable to.

jbedorf commented 5 years ago

Sure. Let's hold this open as a reminder until they bring out the official release.

MrFlynn commented 5 years ago

@jbedorf I bumped the pyyaml version to the latest release. This fixes the CVE referenced in this issue.