Fix XSS in issue2550817 Note that the code that triggers that particular bug is no longer in roundup core. But the change to the templates we suggest is a *lot* safer as it always escapes the error and ok messages now. If you are upgrading: you *MUST* read doc/upgrading.txt and do the necessary changes to your templates, the escaping now happens in the template and not in the roundup code. So if you don't make the necessary changes *you are vulnerable*.

from roundup.dist.command.build import build_message_files, check_manifest
from distutils.command.install_lib import install_lib as base

class install_lib(base):

    def run(self):
        check_manifest()
        build_message_files(self)
        base.run(self)