Index: roslaunch/src/roslaunch/loader.py
===================================================================
--- roslaunch.orig/src/roslaunch/loader.py
+++ roslaunch/src/roslaunch/loader.py
@@ -98,7 +98,7 @@ def convert_value(value, type_):
         raise ValueError("%s is not a '%s' type"%(value, type_))
     elif type_ == 'yaml':
         try:
-            return yaml.load(value)
+            return yaml.safe_load(value)
         except yaml.parser.ParserError as e:
             raise ValueError(e)
     else:
@@ -409,7 +409,7 @@ class Loader(object):
             if rosparam is None:
                 import rosparam
             try:
-                data = yaml.load(text)
+                data = yaml.safe_load(text)
                 # #3162: if there is no YAML, load() will return an
                 # empty string.  We want an empty dictionary instead
                 # for our representation of empty.
Index: roslaunch/test/unit/test_roslaunch_dump_params.py
===================================================================
--- roslaunch.orig/test/unit/test_roslaunch_dump_params.py
+++ roslaunch/test/unit/test_roslaunch_dump_params.py
@@ -53,7 +53,7 @@ class TestDumpParams(unittest.TestCase):
         o, e = p.communicate()
         self.assert_(p.returncode == 0, "Return code nonzero for param dump! Code: %d" % (p.returncode))
 
-        self.assertEquals({'/noop': 'noop'}, yaml.load(o))
+        self.assertEquals({'/noop': 'noop'}, yaml.safe_load(o))
 
         p = Popen([cmd, '--dump-params', 'roslaunch', 'test-dump-rosparam.launch'], stdout = PIPE)
         o, e = p.communicate()
@@ -95,7 +95,7 @@ class TestDumpParams(unittest.TestCase):
             '/noparam1': 'value1',
             '/noparam2': 'value2',
             }
-        output_val = yaml.load(o)
+        output_val = yaml.safe_load(o)
         if not val == output_val:
             for k, v in val.items():
                 if k not in output_val: