From 23f21f8b9cadef63b55b969ad5b1eccc8dfe6141 Mon Sep 17 00:00:00 2001
From: Dario Ernst <github@kanojo.de>
Date: Sat, 7 Mar 2020 18:58:57 +0000
Subject: [PATCH] Use pyyaml safe_load instead of load

Since load in unsafe (ref: https://msg.pyyaml.org/load),
switch the only occurrance of `yaml.load` that i could
find to safe_load.

closes #1085
---
 core/admin/mailu/manage.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/admin/mailu/manage.py b/core/admin/mailu/manage.py
index 819fe410..62f214d3 100644
--- a/core/admin/mailu/manage.py
+++ b/core/admin/mailu/manage.py
@@ -177,7 +177,7 @@ def config_update(verbose=False, delete_objects=False):
     """sync configuration with data from YAML-formatted stdin"""
     import yaml
     import sys
-    new_config = yaml.load(sys.stdin)
+    new_config = yaml.safe_load(sys.stdin)
     # print new_config
     domains = new_config.get('domains', [])
     tracked_domains = set()