From c0b47ad94f67a65250174a9390a556e6ae700c73 Mon Sep 17 00:00:00 2001
From: Petro Bratash <68950226+bratashX@users.noreply.github.com>
Date: Wed, 9 Sep 2020 22:33:13 +0300
Subject: [PATCH] [BFN] Fix vulnerability in eeprom.py (#5333)

Due to https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation, yaml.load(input) is deprecated. Added a specifying parameter to fix this issue.

Signed-off-by: Petro Bratash <petrox.bratash@intel.com>
---
 .../barefoot/x86_64-accton_wedge100bf_32x-r0/plugins/eeprom.py  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/device/barefoot/x86_64-accton_wedge100bf_32x-r0/plugins/eeprom.py b/device/barefoot/x86_64-accton_wedge100bf_32x-r0/plugins/eeprom.py
index d50380b97c..937cc003f6 100644
--- a/device/barefoot/x86_64-accton_wedge100bf_32x-r0/plugins/eeprom.py
+++ b/device/barefoot/x86_64-accton_wedge100bf_32x-r0/plugins/eeprom.py
@@ -82,7 +82,7 @@ class board(eeprom_tlvinfo.TlvInfoDecoder):
     def __init__(self, name, path, cpld_root, ro):
 
         with open(os.path.dirname(__file__) + "/logging.conf", 'r') as f:
-            config_dict = yaml.load(f)
+            config_dict = yaml.load(f, yaml.SafeLoader)
             logging.config.dictConfig(config_dict)
 
         if not os.path.exists(os.path.dirname(EEPROM_SYMLINK)):