Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.5086
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5086
<patchinfo incident="5086"> <category>security</category> <rating>important</rating> <issue tracker="bnc" id="1122208">VUL-0: CVE-2019-6446: python-numpy: NumPy uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code</issue> <issue tracker="cve" id="2019-6446"/> <packager>dirkmueller</packager> <description>This update for python-numpy fixes the following issue: Security issue fixed: - CVE-2019-6446: Set allow_pickle to false by default to restrict loading untrusted content (bsc#1122208). With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing numpy.load(). A warning during runtime will show-up when the allow_pickle is not explicitly set. NOTE: By applying this update the behavior of python-numpy changes, which might break your application. In order to get the old behaviour back, you have to explicitly set `allow_pickle` to True. Be aware that this should only be done for trusted input, as loading untrusted input might lead to arbitrary code execution. </description> <summary>Security update for python-numpy</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
