NumPy 1.16.3 Release Notes#
The NumPy 1.16.3 release fixes bugs reported against the 1.16.2 release, andalso backports several enhancements from master that seem appropriate for arelease series that is the last to support Python 2.7. The wheels on PyPI arelinked with OpenBLAS v0.3.4+, which should fix the known threading issuesfound in previous OpenBLAS versions.
Downstream developers building this release should use Cython >= 0.29.2 and,if using OpenBLAS, OpenBLAS > v0.3.4.
The most noticeable change in this release is that unpickling object arrayswhen loading*.npy or*.npz files now requires an explicit opt-in.This backwards incompatible change was made in response toCVE-2019-6446.
Compatibility notes#
Unpickling while loading requires explicit opt-in#
The functionsnp.load, andnp.lib.format.read_array take anallow_pickle keyword which now defaults toFalse in response toCVE-2019-6446.
Improvements#
Covariance inrandom.mvnormal cast to double#
This should make the tolerance used when checking the singular values of thecovariance matrix more meaningful.
Changes#
__array_interface__ offset now works as documented#
The interface may use anoffset value that was previously mistakenlyignored.