Issue #6972: keep the warning about untrusted extraction and mention

author Gregory P. Smith <greg@krypto.org>

Fri, 8 Feb 2013 06:17:21 +0000 (22:17 -0800)

committer Gregory P. Smith <greg@krypto.org>

Fri, 8 Feb 2013 06:17:21 +0000 (22:17 -0800)
author Gregory P. Smith <greg@krypto.org>
Fri, 8 Feb 2013 06:17:21 +0000 (22:17 -0800)
committer Gregory P. Smith <greg@krypto.org>
Fri, 8 Feb 2013 06:17:21 +0000 (22:17 -0800)
diff --cc Doc/library/zipfile.rst

index b00e26d9c033f4ce0b7b00a5297ca6a48df948d1,c63b23bffb4149a5eb0ca50b4efffab60cb67571..e84c707b22fce3534828c946afeecfe4ad30fb53
--- 1/Doc/library/zipfile.rst
--- 2/Doc/library/zipfile.rst
+++ b/Doc/library/zipfile.rst
@@@ -260,9 -260,15 +260,13 @@@ ZipFile Object
      be a subset of the list returned by :meth:`namelist`.  *pwd* is the password
      used for encrypted files.
   
-    .. note::
+    .. warning::
   
- -      dots ``".."``.
- -
- -   .. versionchanged:: 3.3.1
- -      The zipfile module attempts to prevent that.  See :meth:`extract` note.
+       Never extract archives from untrusted sources without prior inspection.
+       It is possible that files are created outside of *path*, e.g. members
+       that have absolute filenames starting with ``"/"`` or filenames with two
++      dots ``".."``.  This module attempts to prevent that.
+ +      See :meth:`extract` note.
   
   
   .. method:: ZipFile.printdir()
author	Gregory P. Smith <greg@krypto.org>
	Fri, 8 Feb 2013 06:17:21 +0000 (22:17 -0800)
committer	Gregory P. Smith <greg@krypto.org>
	Fri, 8 Feb 2013 06:17:21 +0000 (22:17 -0800)