Advisories ยป MGASA-2019-0322

Updated python-numpy packages fix security vulnerability

Publication date: 14 Nov 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-6446

Description

Updated python-numpy packages fix security vulnerability:

An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle
Python module unsafely, which allows remote attackers to execute arbitrary
code via a crafted serialized object, as demonstrated by a numpy.load call
(CVE-2019-6446).
                

References

SRPMS

7/core