[CKAN-Security] CKAN Security issue
Mohamed Hatab
hatab at master-works.net
Thu Mar 21 08:59:00 UTC 2019
Dears appreciate you fast response its urgent.
Best Regards,,,
Mohamed Hatab
Software Development Manager
<http://+966505232233/> +966559495262
<tel:+966%2011%20400%200014> +966114000014
<tel:+966%2011%20400%200041> +966114000041
hatab at master-works.net <mailto:your%20eMail at master-works.net>
<http://www.master-works.net/> www.master-works.net
<https://www.google.com.sa/maps/place/Master+Works/@24.7586655,46.7122324,17
z/data=!3m1!4b1!4m5!3m4!1s0x3e2efd8756f74c0d:0x2274ad319a955081!8m2!3d24.758
6606!4d46.7144211?hl=en> Riyadh, Saudi Arabia
<https://www.linkedin.com/in/hatab/>
From: Mohamed Hatab [mailto:hatab at master-works.net]
Sent: Tuesday, March 19, 2019 2:35 PM
To: 'security at ckan.org' <security at ckan.org>
Subject: CKAN Security issue
Dear Team
Hope you are doing well
We have received the security report for the ckan and we got one critical
issue as below.
Issue
Severity
Note
Python pickle serialization
Critical
The pickle module is not intended to be secure against erroneous or
maliciously constructed data. Never unpickle data received from an untrusted
or unauthenticated source
Could you explain or share any references that prove there is no any
security issues or risks or is there any other alternative solutions?
Best Regards,,,
Mohamed Hatab
Software Development Manager
<http://+966505232233/> +966559495262
<tel:+966%2011%20400%200014> +966114000014
<tel:+966%2011%20400%200041> +966114000041
hatab at master-works.net <mailto:your%20eMail at master-works.net>
<http://www.master-works.net/> www.master-works.net
<https://www.google.com.sa/maps/place/Master+Works/@24.7586655,46.7122324,17
z/data=!3m1!4b1!4m5!3m4!1s0x3e2efd8756f74c0d:0x2274ad319a955081!8m2!3d24.758
6606!4d46.7144211?hl=en> Riyadh, Saudi Arabia
<https://www.linkedin.com/in/hatab/>
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 243 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 360 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0009.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 299 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0010.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 312 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0011.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 467 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0012.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 350 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0013.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 600 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0014.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.png
Type: image/png
Size: 25092 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20190321/48d12e42/attachment-0015.png>
More information about the Security
mailing list