[rope] Critical severity vulnerability that affects rope

base/oi/doa.py in the Rope library in CPython (aka Python) allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load.

References

• https://nvd.nist.gov/vuln/detail/CVE-2014-3539
• https://bugzilla.redhat.com/show_bug.cgi?id=1116485
• http://www.openwall.com/lists/oss-security/2015/02/07/1
• https://github.com/python-rope/rope/commit/b01da7aab5cd02129941d2a900e6e5e3b5f7d4fb
• https://github.com/advisories/GHSA-r38r-qp28-2m63