Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
python-numpy.10267
CVE-2019-6446_numpy_load.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2019-6446_numpy_load.patch of Package python-numpy.10267
--- a/numpy/lib/npyio.py +++ b/numpy/lib/npyio.py @@ -265,7 +265,7 @@ class NpzFile(object): return self.files.__contains__(key) -def load(file, mmap_mode=None, allow_pickle=True, fix_imports=True, +def load(file, mmap_mode=None, allow_pickle=None, fix_imports=True, encoding='ASCII'): """ Load arrays or pickled objects from ``.npy``, ``.npz`` or pickled files. @@ -367,6 +367,16 @@ def load(file, mmap_mode=None, allow_pic memmap([4, 5, 6]) """ + + if allow_pickle is None: + UserWarning(""" + numpy.load() run without explicit setting allow_pickle option. + If you are not completely certain about security of the pickled + data, you are strongly encouraged to set allow_pickle to False, + otherwise you can set it to True. + """) + allow_pickle = False + own_fid = False if isinstance(file, basestring): fid = open(file, "rb")
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor