NumPy 1.16.3 Release Notes

The NumPy 1.16.3 release fixes bugs reported against the 1.16.2 release, and also backports several enhancements from master that seem appropriate for a release series that is the last to support Python 2.7. The wheels on PyPI are linked with OpenBLAS v0.3.4+, which should fix the known threading issues found in previous OpenBLAS versions.

Downstream developers building this release should use Cython >= 0.29.2 and, if using OpenBLAS, OpenBLAS > v0.3.4.

The most noticeable change in this release is that unpickling object arrays when loading *.npy or *.npz files now requires an explicit opt-in. This backwards incompatible change was made in response to CVE-2019-6446.

Compatibility notes

Unpickling while loading requires explicit opt-in

The functions np.load, and np.lib.format.read_array take an allow_pickle keyword which now defaults to False in response to CVE-2019-6446.

Improvements

Covariance in random.mvnormal cast to double

This should make the tolerance used when checking the singular values of the covariance matrix more meaningful.

Changes

__array_interface__ offset now works as documented

The interface may use an offset value that was previously mistakenly ignored.

NumPy 1.16.4 Release Notes NumPy 1.16.2 Release Notes