æªæã®ããããŒã¿ãå«ãnumpyloadé¢æ°ã¯ãæ»æãã€ã³ã¿ãŒãããäžã§æªæã®ããããŒã¿ãå
±æããå Žåãã³ãã³ãã®å®è¡ãåŒãèµ·ãããŸãã
ãŠãŒã¶ãŒãããŒããããšãã³ãã³ããå®è¡ãããŸãã
import numpy
from numpy import __version__
print __version__
import os
import pickle
class Test(object):
def __init__(self):
self.a = 1
def __reduce__(self):
return (os.system,('ls',))
tmpdaa = Test()
with open("a-file.pickle",'wb') as f:
pickle.dump(tmpdaa,f)
numpy.load('a-file.pickle')
1.14.6
ããŒãžã§ã³<= 1.16.0ãåäœããŸãã
ã¯ãããããnp.load(allow_pickle=True)
ãè¿œå ãããçç±ã§ããä»ã§ã¯ãããã©ã«ãã®False
ã«åãæ¿ããŠãã allow_pickle="True"
ãŠãã ããããã®ãã¡ã€ã«ãä¿¡é ŒããŠãã ãããã
ãããããé©åãªããã©ã«ãã«ãªãããšã«åæããã®ã§ãæ®å¿µãªããå°ãããããå Žåã§ããããšãã°ã©ãã§ããŒã¿ãå ±æããïŒãŸãã¯èªåèªèº«ãä¿å/åããŒãããïŒã ãã®ç§åŠè ã«ãšã£ãŠã¯ããã®éæšå¥šãããã·ã¥ããããšãåãå ¥ããŸãã
ãããã£ãŠã allow_pickle
ã¯2015幎4æã«è¿œå ãããã®ã§ãnumpy1.10以éã«ååšããã¯ãã ã£ãããã§ãã ãããã£ãŠã1.17ã䜿çš/ãµããŒãããå€ãã®äººã1.10ããµããŒãããïŒã¯ã¯ãŒã°ããµããŒãããããŸãã¯ãµããŒãããªããšããèŠçãåãé€ãïŒãšã¯æããªãã®ã§ã移åã¯ããçŸå®çã«ãªã£ãŠãããšæããŸãã ä»ã®ãšãããscipyã¯å°ãªããšãããŒãžã§ã³1ã§1.8ããµããŒãããŠããããã§ããã
é·ãç¶ãããã§ã
ã¹ã ãŒãºãªç§»è¡ãå¿ èŠãªå Žåã¯ãéæšå¥šã®èŠåããã°ã«èšé²ããæ¥ä»ãæå®ããããšããå§ãããŸãã
@Plazmazãã¡ãããã«ãžã¥ã¢ã«ãŠãŒã¶ãŒã«ããããããå Žåã¯ãVisibleDeprecationWarningã䜿çšããŸãã ãã®åŸã1ã€ãŸãã¯2ã€ã®ãªãªãŒã¹åŸã«éæšå¥šã«ãªããŸãã åé¡ã¯ãå¿
èŠã«å¿ããŠåé¿ããã®ãé¢åã§ãããäžéšã®å€ãããŒãžã§ã³ã«ã¯kwargãååšããªãããšã§ãã èŠåãåé¿ããäž¡æ¹ããµããŒãããã«ã¯ã if np.__version__ > ...: use kwarg else do not use kwarg
ãå®è¡ããå¿
èŠãããããã§ãã
ãšã«ããã1.17ã«å ¥ãå¯èœæ§ã¯ååã«ãããšæããŸãã ãããã£ãŠãPRãéããŠãããšæããŠããã¡ãŒãªã³ã°ãªã¹ãã«pingãéä¿¡ããŠã誰ããäžæºãèšã£ãŠãããã©ããã確èªããããšããå§ãããŸãã
ããã«ã¡ã¯ãFedora numpyRPMã¡ã³ããã ãã£ã¹ããªãã¥ãŒã·ã§ã³ããã±ãŒãžã§ããã軜æžããããã®è¯ãæ¹æ³ã¯äœã§ããïŒ
ããæ¹æ³ãããããŸããã æžå¿µã¬ãã«ã«ããããŸãããããã«èŠåãè¿œå ããäºå®ãªã®ã§ã1.17ã§ééããªãããã«ãããŸãã 誰ããéåžžã«å¿é ããŠããå Žåã¯ãããã¯ããŒããããè¿ éãªç§»åã«ã€ããŠè©±ãåãããšãã§ããŸãããããã¯ããŠã³ã¹ããªãŒã ãããã«äŸåããŠãããã©ããã«å€§ããäŸåããŸãã
ç§ã¯ããã«åãçµãã§ããŸãã
cc @jeanqasaur reïŒã»ãã¥ãªãã£/è匱æ§ã®å°éç¥è
ããã«ã¡ã¯ãFedora numpyRPMã¡ã³ããã ãã£ã¹ããªãã¥ãŒã·ã§ã³ããã±ãŒãžã§ããã軜æžããããã®è¯ãæ¹æ³ã¯äœã§ããïŒ
@limburgher ïŒPythonã«çµã¿èŸŒãŸããŠãããŸã£ããåãæ©èœã«ã€ããŠ
ããã©ã«ããå€æŽããããšã«å察ããŠããããã§ã¯ãããŸãããããããè匱æ§ãšå®£èšããã®ã¯ééã£ãŠããããã§ãã ææžåããã³èšèšã©ããã«æ©èœããŠããŸãã
æ®å¿µãªãããCVEçªå·ãå²ãåœãŠããããšããã°ããããã©ããã¯åé¡ã«ãªããŸããããã£ã¹ããªãã¥ãŒã·ã§ã³ã¯ã顧客ã«äŸ¡å€ãæäŸããŠããããšã蚌æããããã«ã°ãªããŸããã ãããããã§äœã«ãªããã¯ããããŸããããäŒæ¥ãéçšæ åœè ã¯ãé²è¡äžã®è匱æ§ã®æŽªæ°Žã管çããã®ã«åžžã«èŠåŽããŠããŸãããããè¡ãããã«äœ¿çšããããŒã«ã«ã¯ããã¥ã¢ã³ã¹ãäŒããäœå°ãããŸããªããããããããã¬ãã·ã£ãŒã®æ¹æ³ã§ããè¡ããŸãã ããããç§ãã¡ã«ã¯é¡§å®¢ãããªãã®ã§ãå¿ ããããããèªåã§èæ ®ã«å ¥ããå¿ èŠã¯ãããŸããã
save
ãšload
ãç¹å®ã®ãã¡ã€ã«ããã¯ã«ã¹ã䜿çšããŠãããã©ãããç¥ãããšãã§ããŸãããïŒ ã©ã¡ãã®å Žåãallow_pickle=False
ã«ç§»è¡ããããšããå§ãããŸããäžéæéã§ã¯ã save
ãŸãã¯load
å®éã«å¿
èŠãªå Žåã«ãããçš®ã®éæšå¥šèŠåãçºè¡ããŸãããã¯ã«ã¹ã䜿çšãã allow_pickle
ãæå®ãããŠããŸããã§ããã
@ eric-wieser stdlib pickleãšã®éãã¯ã load
/ save
ã¯ãã»ãšãã©ã®å ŽåïŒããšãã°ãããªããã£ãåã®åçŽãªé
åïŒãå®éã«ã¯pickleã®äœ¿çšãåé¿ã§ããããšã§ãã pickleã¯ããªããžã§ã¯ãé
åãIIRCã®ç¹å®ã®è€éãªdtypeãªã©ã®ãããšããŸããã¯ãªã±ãŒã¹ã§ã®ã¿äœ¿çšãããŸãã ããã«ãããå®å
šãªã±ãŒã¹ãäž»ã«äœ¿çšããŠãã人ã
ã¯ãããã¥ã¡ã³ããååã«èªãã§ããªãå Žåãå®å
šã§ãªãã±ãŒã¹ãååšããããšãèŠéãå¯èœæ§ããããŸãã ãšã«ããããã»ãŒãã¢ãŒãããšãéã»ãŒãã¢ãŒããã®äž¡æ¹ãããããšãèãããšããã»ãŒãã¢ãŒãããããã©ã«ãã«ããæ¹ãããã§ãããã stdlib pickle OTOHã®å Žåãåžžã«100ïŒ
å®å
šã§ã¯ãªããããããã©ã«ãã«ã€ããŠå¿é
ããå¿
èŠã¯ãããŸããã
æ£çŽãªãšããããããææžåãããæå³çãªæ©èœã§ããå Žåãç¹ã«å®å šãããã©ã«ãã§ããå Žåã¯ãè¯å¿çã«BZãéããããšãã§ããŸãã Pythonã®æ©èœãã©ã®ããã«åŠçãããããããŸããã ç§ã¯èŠãŠã¿ãŸãããã
ç§ã®ã¹ããã¯ã®æ€èšããããã®ç¹ã§äžæµããäœãå€æŽããªããšæããŸãã
CVEã¯äºãããŠããŸããïŒ ããã«ãããã¡ã³ããã«ãšã£ãŠã·ããªãªãããæ確ã«ãªãå¯èœæ§ããããŸãã
CVEã¯äž»ã«åœç©ã®ããã§ãã numpy.load
ãä»»æã®ã³ãŒããå®è¡ã§ããããšã¯ããç¥ãããŠãããææžåãããŠãããã·ãªã¢ã«åãããPythonãªããžã§ã¯ãé
åãããŒãããããã«å¿
èŠã§ãã ãŠãŒã¶ãŒã¯ããã®ã©ã€ãã©ãªé¢æ°ã«allow_pickle=False
ãæž¡ãããšã«ããããªããžã§ã¯ãé
åã®èªã¿èŸŒã¿ãçŠæ¢ã§ããŸãã
ããã©ã«ãã§ã¯ãæ瀺çã«èŠæ±ãããå Žåã«ã®ã¿ãªããžã§ã¯ãé åãããŒãããæ¹ãããã§ãããããæŽå²çãªçç±ãããã®ãŸãŸã§ãã 移è¡ã¯ä»¥åã«ãææ¡ãããŠãããäžèšã®èª¬æã¯ãäžäœäºææ§ãå¶åŸ¡äžèœã«å£ããªãæ¹æ³ã§ç§»è¡ããæ¹æ³ã«ã€ããŠã§ãã
ãã ããPythonã®pickleåãšåæ§ã«ã numpy.load
äžæ³šæã«äœ¿çšãããšãããŠã³ã¹ããªãŒã ã¢ããªã±ãŒã·ã§ã³ã«è匱æ§ãçããå¯èœæ§ããããŸãã
numpy.load
ãä»»æã®ã³ãŒããå®è¡ã§ããããšã¯ããç¥ãããŠãããææžåãããŠãããã·ãªã¢ã«åãããPythonãªããžã§ã¯ãé åãããŒãããããã«å¿ èŠã§ãã
ç§ã¯ããããããææžåãããŠãããšã ãèšãããã§ãã ç§ã¯æ°å¹Žénumpyã䜿çšããŠããŠã numpy.save
/ numpy.load
é »ç¹ã«äœ¿çšããããšã¯ãããŸãããã numpy.load
ã¯ãŸã£ããããããŸããpickle
ãšåãè匱æ§ã«èŠããã§ããŸãã ãã¡ããã numpy.load
ãå
éšã§pickle
䜿çšããå¯èœæ§ãããããšãç¥ããŸããã§ããïŒç§ã¯numpyãã€ãã£ãã®é
åã®ã¿ã䜿çšããèããããšã¯ãããŸããããŸãã«@njsmithãè¿°ã¹ãã·ããªãªã§ãïŒã
pickle
ãè匱ã§ãããšããäºå®ã¯ããç¥ãããŠããããã®ããã¥ã¡ã³ãã«ã¯äžéšã«å€§ããªèµ€ãèŠåããããŸãã
èŠåïŒ
pickle
ã¢ãžã¥ãŒã«ã¯ã誀ã£ãããŒã¿ãæªæãæã£ãŠäœæãããããŒã¿ã«å¯ŸããŠå®å šã§ã¯ãããŸããã ä¿¡é Œã§ããªãããŸãã¯èªèšŒãããŠããªããœãŒã¹ããåä¿¡ããããŒã¿ãçã¿åããªãã§ãã ããã
æ¯èŒãããšã numpy.load
ã®ããã¥ã¡ã³ãã§ã¯ã allow_pickle
ããŒã¯ãŒãã®èª¬æã®èã«ãã»ãã¥ãªãã£ã®åŽé¢å
šäœãèšèŒ
allow_pickleïŒ_boolãoptional_
npyãã¡ã€ã«ã«ä¿åãããŠããpickleåããããªããžã§ã¯ãé åã®ããŒããèš±å¯ããŸãã ãã¯ã«ã¹åãããããŒã¿ãããŒããããšä»»æã®ã³ãŒããå®è¡ãããå¯èœæ§ãããããããã¯ã«ã¹åãçŠæ¢ããçç±ã«ã¯ã»ãã¥ãªãã£ãå«ãŸããŸãã ãã¯ã«ã¹ãèš±å¯ãããŠããªãå Žåããªããžã§ã¯ãé åã®ããŒãã¯å€±æããŸãã ããã©ã«ãïŒTrue
å°ãªããšãallow_pickle=False
ãããã©ã«ãã«ãªããŸã§ã numpy.load
ã®ããã¥ã¡ã³ãã«å€§ããªèµ€ãèŠåãå
¥ããããšãã§ããã°ãç§ã¯ãããå«ãã§ã¯ãããŸããã ãã®å€åãèŠè¡ããããŸã§ã numpy.load
èªåã®å¿ãšããç¹ã§ãåãèµ€ãæãäžããå¿
èŠããããŸãpickle.load
æ絊ã
numpy.load
ããã¥ã¡ã³ãPRãæè¿ããŸã
ããã¥ã¡ã³ãã«ãã¯ã«ã¹ã«é¢ããèŠåã衚瀺ãããããã«ãªããŸãã
æ®å¿µãªãããCVEçªå·ãå²ãåœãŠããããšããã°ããããã©ããã¯åé¡ã«ãªããŸããããã£ã¹ããªãã¥ãŒã·ã§ã³ã¯ã顧客ã«äŸ¡å€ãæäŸããŠããããšã蚌æããããã«_äœã_ãè©Šã¿ãå¿ èŠããããŸãã ãããããã§äœã«ãªããã¯ããããŸããããäŒæ¥ãéçšæ åœè ã¯ãé²è¡äžã®è匱æ§ã®æŽªæ°Žã管çããã®ã«åžžã«èŠåŽããŠããŸãããããè¡ãããã«äœ¿çšããããŒã«ã«ã¯ããã¥ã¢ã³ã¹ãäŒããäœå°ãããŸããªããããããããã¬ãã·ã£ãŒã®æ¹æ³ã§ããè¡ããŸãã
@njsmithããã»ã©æªãã¯ãããŸããïŒ numpy.load
ããã©ã«ãã§allow_pickle
ããFalse
ã«ããŸãããããã¯å®éã«ã¯å®å
šã«æããªèãã§ã¯ãããŸããã
ããã§ç§ãèŠãå¯äžã®ãªã¹ã¯ã¯ãallow_pickleãæ瀺çã«èšå®ããŠããªããããžã§ã¯ããå£ããããšã§ãã
ããã¯ã¡ããã©ãšã³ããŠãŒã¶ãŒã§ã¯ãªãã®ãããžã§ã¯ãç§ãã¡ã¯ãå¿é
ããå¿
èŠã¯-ç§ã¯æäŸäžæµã©ã€ãã©ãªå¿é
mylib.load
ã©ããããnp.load
ã ãããã¯ãªããžã§ã¯ãé
åã®ããŒãã«å€±æãå§ããŸãã 次ã®3ã€ã®ãã¡ã®1ã€ãçºçããŸãã
allow_pickle=True
ãåãªãªãŒã¹ããŠãå€ãåäœãåéããŸããããã¯ããããé¢å¿ã®ããæ»æãã¯ãã«ã§ã¯ãªããšèããŠããããšã瀺ãããŠã³ã¹ããªãŒã ã©ã€ãã©ãªã§ãã ããã¯ãŸã äºææ§ã®ãªããªãªãŒã¹ã®è²»çšãããããŸãallow_pickle=False
ãå
¬ââéããåé¡ãããŠã³ã¹ããªãŒã ã«ããã·ã¥ããŸããç§ã®å¥œã¿ã¯æ¬¡ã®ãšããã§ãã
np.save
ã¯äœãããŸããã ãªããžã§ã¯ãé
åãä¿åããŠãããšãã«ãå®è¡æéã®é·ãã¹ã¯ãªãããæåŸã«ã¯ã©ãã·ã¥ããã®ã¯ãã²ã©ãçµéšã§ããnp.load
ã®ããã©ã«ããNone
å€æŽããŸãã True
ãŸãã¯False
æ瀺çã«æž¡ããŠããªããŠãŒã¶ãŒãæ€åºããå±éºæ§ã説æããUserWarning
ãçºè¡ããŠãã»ãã¥ãªãã£ïŒ False
ïŒãšãªããžã§ã¯ãã®ã©ã¡ãããéžæããããã«æ±ããŸããé
åã®ãµããŒãïŒ True
ïŒã ãã®èŠåãçºããåŸã®ããã©ã«ãã¯çŸç¶ã®ãŸãŸã§ãã ããã§ã®åé¡ã¯æèã®æ¬ åŠã§ãããšç§ã¯ç解ããŠããŸãã ã©ã¡ãã®éžæããã¹ãŠã®å Žåã«æ£ããããã§ã¯ãªãã®ã§ãèŠåãªãã«ããã©ã«ãã«ã€ããŠçªç¶èããå€ããã¹ãã§ã¯ãªããšæããŸãã@ eric-ã¹ã¯ãªãããã¯ã©ãã·ã¥ããããšã®èŠçã«ã€ããŠã®wieserã®è¯ãç¹ã ç§ã¯ããã©ã«ãã§UserWarning
ãäžããã€ããã§ãã
åé¡ã¯ãé·æçã«ã¯load
äœããããã®ããšããããšã§ãã ã¢ã¬ã€ãå®å
šãªãšãã«ãïŒèŠåãæ¶ãããã«ïŒãã¹ãŠã®äººã«kwargã䜿çšããããã«åŒ·å¶ããã®ã奜ããã©ããã¯ããããŸããã 誰ããããŒã¿ããç· ãåºãå±éºæ§ããªããšããã¡ãªããã¯ãããŸãã... OTOHãèŠåããå®å
šã§ãªããããŒãã§ã®ã¿è¡šç€ºãããå Žåã¯ãæé
ãã«ãªãå¯èœæ§ããããŸãã ä»ã®ãšããã移è¡æéãããå°ãé·ãããããšãå°ã奜ã¿ãŸãã
OTOHãèŠåããå®å šã§ãªããããŒãã§ã®ã¿è¡šç€ºãããå Žåã¯ãæé ãã§ããå¯èœæ§ããããŸãã
ã©ã¡ããïŒ
-Werror
çžåœããPythonãèšå®ãããŠããå Žåã«åããŠãé
åãããŒãããåã«ïŒèŠåãçºããå¿
èŠããããŸããã¯ããç§ã¯ééããªãã©ã€ãã©ãªã«åæããŸãããèšå€§ãªæ°ã®çãã¹ã¯ãªããã«ãšã£ãŠã¯å°ãé¢åãããããªããšæããŸãã
ããã©ã«ãã®å€æŽ
np.load
ã«None
ãTrue
ãŸãã¯False
æ瀺çã«æž¡ããŠããªããŠãŒã¶ãŒãæ€åºããå±éºæ§ã説æããUserWarning
ãçºè¡ããŠãã»ãã¥ãªãã£ïŒFalse
ïŒãšãªããžã§ã¯ãã®ã©ã¡ãããéžæããããã«æ±ããŸããé åã®ãµããŒãïŒTrue
ïŒã ãã®èŠåãçºããåŸã®ããã©ã«ãã¯çŸç¶ã®ãŸãŸã§ãã ããã§ã®åé¡ã¯æèã®æ¬ åŠã§ãããšç§ã¯ç解ããŠããŸãã ã©ã¡ãã®éžæããã¹ãŠã®å Žåã«æ£ããããã§ã¯ãªãã®ã§ãèŠåãªãã«ããã©ã«ãã«ã€ããŠçªç¶èããå€ããã¹ãã§ã¯ãªããšæããŸãã
ããããããã¯éåžžã«è¿·æã«èãããŸãã ã»ãšãã©ã®äººïŒç§ã¯ä¿¡ããŠããŸãïŒã¯ãªããžã§ã¯ãé
åãä¿å/ããŒãããŸããã ãããŠã誰ããèŠåãèŠéããå Žåã®ææªã®ã±ãŒã¹ã¯ãïŒæçµçã«ã¯ïŒããŒãæã«ã¹ã¯ãªãããã¯ã©ãã·ã¥ããããŒã¿ã¯ãã£ã¹ã¯äžã§å®å
šã§ããã allow_pickle
ãã©ã°ã䜿çšããŠåè©Šè¡ããããšã§ãã
æåã«å®å šã«ããŒããè©Šã¿ããªããžã§ã¯ãé åãåå ã§å€±æããå Žåã«ã®ã¿å«ã¶ããšã¯ãnumpyã®è²¬ä»»ãè¶ ããŠããŸããïŒ ããã«ãããã»ãšãã©ã®ïŒãªããžã§ã¯ãã§ã¯ãªãïŒãŠãŒã¹ã±ãŒã¹ã®äœåãªäœæ¥ãåé€ãããŸãããã»ãã¥ãªãã£ã®åé¡å šäœã®å¯èŠæ§ãäœäžãããšæããŸãã ãããããŸããããŠãŒã¶ãŒã«éåžžã«æ°ã¥ãããã¹ãããšããŠãŒã¶ãŒã«äžäŸ¿ããããã¹ãã§ã¯ãªãããšããã®ã¯ãããã§ã¯å°ãççŸããåãçµã¿ã ãšæããŸãã
* Change the default in `np.load` to `None`. Detect the user not passing in `True` or `False` explicitly, and emit a `UserWarning` explaining the dangers, asking them to choose between security (`False`) and object array support (`True`). Default to the status quo after emitting this warning. It's my understanding that the problem here is lack of awareness. Neither choice is correct in all cases, so I don't think we should suddenly change our minds about the default without warning.
ãã®ãããã¯ã©ãã§ããïŒ
* Change the default in `np.load` to `None`. Detect the user not passing in `True` or `False` explicitly, and emit a `UserWarning` explaining the dangers, asking them to choose between security (`False`) and object array support (`True`). Default to the status quo after emitting this warning. It's my understanding that the problem here is lack of awareness. Neither choice is correct in all cases, so I don't think we should suddenly change our minds about the default without warning.
ãã®ãããã¯ã©ãã§ããïŒ
--- a/numpy/lib/npyio.py
+++ b/numpy/lib/npyio.py
@@ -265,7 +265,7 @@ class NpzFile(object):
return self.files.__contains__(key)
-def load(file, mmap_mode=None, allow_pickle=True, fix_imports=True,
+def load(file, mmap_mode=None, allow_pickle=None, fix_imports=True,
encoding='ASCII'):
"""
Load arrays or pickled objects from ``.npy``, ``.npz`` or pickled files.
@@ -367,6 +367,16 @@ def load(file, mmap_mode=None, allow_pic
memmap([4, 5, 6])
"""
+
+ if allow_pickle is None:
+ UserWarning("""
+ numpy.load() run without explicit setting allow_pickle option.
+ If you are not completely certain about security of the pickled
+ data, you are strongly encouraged to set allow_pickle to False,
+ otherwise you can set it to True.
+ """)
+ allow_pickle = False
+
own_fid = False
if isinstance(file, basestring):
fid = open(file, "rb")
ãªããžã§ã¯ãããŒã¿ãããŒããããšãã®èŠåã«ã¯ãŸã è³æã§ããå°ããé
ããããå¯èœæ§ããããŸãããé·ç§»ã®ãã€ãºã¯ã¯ããã«å°ãªããªããŸãã ä¿åæã«èŠåãè¿œå ã§ããŸãïŒæ°žç¶çãªèŠåã®ã¿ïŒã ãªãŒãã³PRãããããã£ãšãããããã®ã«å€ããŠã»ãããšæããŸãã ããªããããã«æéãè²»ããããã®ã§ããã°ãç§ãã¡ã¯äžè¬çã«PRã«æºè¶³ããŠããŸãã
ãããã«ãããããã«éæšå¥šãµã€ã¯ã«ãéå§ããæ¹åãžã®è»¢æã§ããããã«ç§ã«ã¯æããŸãããããŠç§ã¯ãããèµ·ãããšæããŸãïŒããã誰ãããããæŸããªãã°ããã¯ããæ©ããªãã§ããã;ïŒïŒã ãªã¯ãšã¹ããé
ããå¯èœæ§ã¯ãããã«ãããããããŸããããç§ã¯ãããçã£ãŠãããè©Šããã«ç¥ãããšã¯å°é£ã§ãã
https://nvd.nist.gov/vuln/detail/CVE-2019-6446ã§åç §ãããŠããããããã®åé¡ãéããŠãã ãã
ããããšã@ Manjunath07
æãåèã«ãªãã³ã¡ã³ã
ãªããžã§ã¯ãããŒã¿ãããŒããããšãã®èŠåã«ã¯ãŸã è³æã§ããå°ããé ããããå¯èœæ§ããããŸãããé·ç§»ã®ãã€ãºã¯ã¯ããã«å°ãªããªããŸãã ä¿åæã«èŠåãè¿œå ã§ããŸãïŒæ°žç¶çãªèŠåã®ã¿ïŒã ãªãŒãã³PRãããããã£ãšãããããã®ã«å€ããŠã»ãããšæããŸãã ããªããããã«æéãè²»ããããã®ã§ããã°ãç§ãã¡ã¯äžè¬çã«PRã«æºè¶³ããŠããŸãã
ãããã«ãããããã«éæšå¥šãµã€ã¯ã«ãéå§ããæ¹åãžã®è»¢æã§ããããã«ç§ã«ã¯æããŸãããããŠç§ã¯ãããèµ·ãããšæããŸãïŒããã誰ãããããæŸããªãã°ããã¯ããæ©ããªãã§ããã;ïŒïŒã ãªã¯ãšã¹ããé ããå¯èœæ§ã¯ãããã«ãããããããŸããããç§ã¯ãããçã£ãŠãããè©Šããã«ç¥ãããšã¯å°é£ã§ãã