Hello community,
here is the log from the commit of package python-joblib for openSUSE:Factory checked in at 2019-06-01 09:56:37
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-joblib (Old)
and /work/SRC/openSUSE:Factory/.python-joblib.new.5148 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-joblib"
Sat Jun 1 09:56:37 2019 rev:9 rq:706481 version:0.13.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-joblib/python-joblib.changes 2019-03-26 22:34:45.941671497 +0100
+++ /work/SRC/openSUSE:Factory/.python-joblib.new.5148/python-joblib.changes 2019-06-01 09:56:42.907176487 +0200
@@ -1,0 +2,7 @@
+Tue May 28 10:34:57 UTC 2019 - Tomáš Chvátal
From 0f1f647a8e2310a2291ea9ffab8c8336fc01f2c7 Mon Sep 17 00:00:00 2001 From: Olivier Grisel
Date: Wed, 29 May 2019 15:52:38 +0200 Subject: [PATCH] DOC emphasize security sensitivity of joblib.load (#879)
--- joblib/numpy_pickle.py | 4 ++++ joblib/numpy_pickle_compat.py | 14 +++++++++++--- 4 files changed, 44 insertions(+), 3 deletions(-) diff --git a/joblib/numpy_pickle.py b/joblib/numpy_pickle.py index bae0df31..bd807db2 100644 --- a/joblib/numpy_pickle.py +++ b/joblib/numpy_pickle.py @@ -550,6 +550,10 @@ def load(filename, mmap_mode=None): Read more in the :ref:`User Guide <persistence>`. + WARNING: joblib.load relies on the pickle module and can therefore + execute arbitrary Python code. It should therefore never be used + to load files from untrusted sources. + Parameters ----------- filename: str, pathlib.Path, or file object. diff --git a/joblib/numpy_pickle_compat.py b/joblib/numpy_pickle_compat.py index ba8ab827..d1532415 100644 --- a/joblib/numpy_pickle_compat.py +++ b/joblib/numpy_pickle_compat.py @@ -3,6 +3,8 @@ import pickle import os import zlib +import inspect + from io import BytesIO from ._compat import PY3_OR_LATER @@ -96,9 +98,15 @@ def read(self, unpickler): # use getattr instead of self.allow_mmap to ensure backward compat # with NDArrayWrapper instances pickled with joblib < 0.9.0 allow_mmap = getattr(self, 'allow_mmap', True) - memmap_kwargs = ({} if not allow_mmap - else {'mmap_mode': unpickler.mmap_mode}) - array = unpickler.np.load(filename, **memmap_kwargs) + kwargs = {} + if allow_mmap: + kwargs['mmap_mode'] = unpickler.mmap_mode + if "allow_pickle" in inspect.signature(unpickler.np.load).parameters: + # Required in numpy 1.16.3 and later to aknowledge the security + # risk. + kwargs["allow_pickle"] = True + array = unpickler.np.load(filename, **kwargs) + # Reconstruct subclasses. This does not work with old # versions of numpy if (hasattr(array, '__array_prepare__') and