Fixing RO Security Vulnerabilities Jinja2 sets autoescape to False, disabling SSL certificate checks, use of unsafe yaml load, Try-Except-Pass detected, use of assert detected. Removing openmanoconfig.py. Change-Id: I3353208e150ae6c2f91befa1a3bbed33ed0c528d Signed-off-by: aticig <gulsum.atici@canonical.com>

commit: 7b521f73dd996a279f23b2f512cd89a42c1c79f6 [log] [tgz]
author: aticig <gulsum.atici@canonical.com> Fri Jul 15 00:43:09 2022 +0300
committer: aticig <gulsum.atici@canonical.com> Mon Aug 01 00:13:55 2022 +0300
tree: 2faa54a06e16785fec76bd54ae6e5de981edb9b0
parent: 1ac189e7d842e8aa09133b769097e8703ec1352c [diff] [blame]
diff --git a/RO-VIM-aws/osm_rovim_aws/vimconn_aws.py b/RO-VIM-aws/osm_rovim_aws/vimconn_aws.py
index df8914b..5fc0704 100644
--- a/RO-VIM-aws/osm_rovim_aws/vimconn_aws.py
+++ b/RO-VIM-aws/osm_rovim_aws/vimconn_aws.py

@@ -141,9 +141,9 @@
                 try:
                     if flavor_data[0] == "@":  # read from a file
                         with open(flavor_data[1:], "r") as stream:
-                            self.flavor_info = yaml.load(stream, Loader=yaml.Loader)
+                            self.flavor_info = yaml.safe_load(stream)
                     else:
-                        self.flavor_info = yaml.load(flavor_data, Loader=yaml.Loader)
+                        self.flavor_info = yaml.safe_load(flavor_data)
                 except yaml.YAMLError as e:
                     self.flavor_info = None
commit	7b521f73dd996a279f23b2f512cd89a42c1c79f6	[log] [tgz]
author	aticig <gulsum.atici@canonical.com>	Fri Jul 15 00:43:09 2022 +0300
committer	aticig <gulsum.atici@canonical.com>	Mon Aug 01 00:13:55 2022 +0300
tree	2faa54a06e16785fec76bd54ae6e5de981edb9b0
parent	1ac189e7d842e8aa09133b769097e8703ec1352c [diff] [blame]