CVE-2014-0485: unsafe Python pickle in s3ql

[Florian Weimer <fw () deneb enyo de>]

Nikolaus Rath discovered a vulnerability in s3ql which can result in
remote code execution, caused by the unsafe use of Python's pickle
serialization library.

The upstream commit is here:

  <https://bitbucket.org/nikratio/s3ql/commits/091ac263809b4e8>

(This issue was reported privately to Debian, the distros list was
notified, and this is the public heads-up required by list policy.)