matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

[BFN] Fix vulnerability in eeprom.py (#5333)

Browse Source 
Due to https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation, yaml.load(input) is deprecated. Added a specifying parameter to fix this issue.

Signed-off-by: Petro Bratash <petrox.bratash@intel.com>
This commit is contained in:
Petro Bratash 2020-09-09 22:33:13 +03:00 committed by Abhishek Dosi
parent d46dc0ff25
commit c0b47ad94f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
device/barefoot/x86_64-accton_wedge100bf_32x-r0/plugins/eeprom.py
View File

@ -82,7 +82,7 @@ class board(eeprom_tlvinfo.TlvInfoDecoder):
def __init__(self, name, path, cpld_root, ro):
with open(os.path.dirname(__file__) + "/logging.conf", 'r') as f:
config_dict = yaml.load(f)
config_dict = yaml.load(f, yaml.SafeLoader)
logging.config.dictConfig(config_dict)
if not os.path.exists(os.path.dirname(EEPROM_SYMLINK)):