Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package tensorflow2 for openSUSE:Factory checked in at 2021-11-12 15:59:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tensorflow2 (Old) and /work/SRC/openSUSE:Factory/.tensorflow2.new.1890 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tensorflow2" Fri Nov 12 15:59:17 2021 rev:25 rq:930619 version:2.6.2 Changes: -------- --- /work/SRC/openSUSE:Factory/tensorflow2/tensorflow2.changes 2021-10-23 23:14:20.044991588 +0200 +++ /work/SRC/openSUSE:Factory/.tensorflow2.new.1890/tensorflow2.changes 2021-11-12 16:00:01.602586088 +0100 @@ -1,0 +2,49 @@ +Tue Nov 9 13:26:21 UTC 2021 - Christian Goll <cg...@suse.com> + +- updated to 2.6.2 which is bug fix release which just fixes an issue where + keras, tensorflow_estimator and tensorboard were missing proper upper bounds + and resulted in broken installs after Keras 2.7 release for all packages in + TensorFlow ecosystem +- Fixes from 2.6.1 (boo#1192447): + * Fixes a code injection issue in saved_model_cli (CVE-2021-41228) + * Fixes a vulnerability due to use of uninitialized value in Tensorflow (CVE-2021-41225) + * Fixes a heap OOB in FusedBatchNorm kernels (CVE-2021-41223) + * Fixes an arbitrary memory read in ImmutableConst (CVE-2021-41227) + * Fixes a heap OOB in SparseBinCount (CVE-2021-41226) + * Fixes a heap OOB in SparseFillEmptyRows (CVE-2021-41224) + * Fixes a segfault due to negative splits in SplitV (CVE-2021-41222) + * Fixes segfaults and vulnerabilities caused by accesses to invalid memory + during shape inference in Cudnn* ops (CVE-2021-41221) + * Fixes a null pointer exception when Exit node is not preceded by Enter op (CVE-2021-41217) + * Fixes an integer division by 0 in tf.raw_ops.AllToAll (CVE-2021-41218) + * Fixes a use after free and a memory leak in CollectiveReduceV2 (CVE-2021-41220) + * Fixes an undefined behavior via nullptr reference binding in sparse matrix + multiplication (CVE-2021-41219) + * Fixes a heap buffer overflow in Transpose (CVE-2021-41216) + * Prevents deadlocks arising from mutually recursive tf.function objects (CVE-2021-41213) + * Fixes a null pointer exception in DeserializeSparse (CVE-2021-41215) + * Fixes an undefined behavior arising from reference binding to nullptr in + tf.ragged.cross (CVE-2021-41214) + * Fixes a heap OOB read in tf.ragged.cross (CVE-2021-41212) + * Fixes a heap OOB in shape inference for QuantizeV2 (CVE-2021-41211) + * Fixes a heap OOB read in all tf.raw_ops.QuantizeAndDequantizeV* ops (CVE-2021-41205) + * Fixes an FPE in ParallelConcat (CVE-2021-41207) + * Fixes FPE issues in convolutions with zero size filters (CVE-2021-41209) + * Fixes a heap OOB read in tf.raw_ops.SparseCountSparseOutput (CVE-2021-41210) + * Fixes vulnerabilities caused by incomplete validation in boosted trees code (CVE-2021-41208) + * Fixes vulnerabilities caused by incomplete validation of shapes in multiple TF ops (CVE-2021-41206) + * Fixes a segfault produced while copying constant resource tensor (CVE-2021-41204) + * Fixes a vulnerability caused by unitialized access in EinsumHelper::ParseEquation (CVE-2021-41201) + * Fixes several vulnerabilities and segfaults caused by missing validation + during checkpoint loading (CVE-2021-41203) + * Fixes an overflow producing a crash in tf.range (CVE-2021-41202) + * Fixes an overflow producing a crash in tf.image.resize when size is large (CVE-2021-41199) + * Fixes an overflow producing a crash in tf.tile when tiling tensor is large (CVE-2021-41198) + * Fixes a vulnerability produced due to incomplete validation in + tf.summary.create_file_writer (CVE-2021-41200) + * Fixes multiple crashes due to overflow and CHECK-fail in ops with large + tensor shapes (CVE-2021-41197) + * Fixes a crash in max_pool3d when size argument is 0 or negative (CVE-2021-41196) + * Fixes a crash in tf.math.segment_* operations (CVE-2021-41195) + +------------------------------------------------------------------- Old: ---- tensorflow-2.6.0.tar.gz New: ---- tensorflow-2.6.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tensorflow2.spec ++++++ --- /var/tmp/diff_new_pack.iBLUij/_old 2021-11-12 16:00:04.802587569 +0100 +++ /var/tmp/diff_new_pack.iBLUij/_new 2021-11-12 16:00:04.806587571 +0100 @@ -1,5 +1,5 @@ # -# spec file for package tensorflow2 +# spec file # # Copyright (c) 2021 SUSE LLC # @@ -18,12 +18,15 @@ # %define pname tensorflow2 -%define vers 2.6.0 +%define vers 2.6.2 +# compatible versions used for dependencies +%define base_vers_min 2.6 +%define base_vers_max 2.7 #%%define cand -rc4 -%define _vers 2_6_0 +%define _vers 2_6_2 %define libmaj 2 %define libmin 6 -%define libref 0 +%define libref 2 %define python_ver_hack python3.[0-9] %ifarch aarch64 %define mklconfig mkl_aarch64 @@ -221,6 +224,7 @@ Patch22: tensorflow-2.6.0-tf-keras-hdf5-3.patch # PATCH-FIX-OPENSUSE tensorflow-2.6.0-compile-with-protobuf-3.16.patch https://github.com/protocolbuffers/protobuf/pull/8354 Patch23: tensorflow-2.6.0-compile-with-protobuf-3.16.patch +# cuda header is fetched on vanilla, disable it the hard way # See https://github.com/tensorflow/tensorflow/blob/master/tensorflow/tools/pip_package/setup.py Requires: python3 @@ -231,14 +235,14 @@ Requires: python3-flatbuffers Requires: python3-gast Requires: python3-h5py -Requires: python3-keras = %{version} Requires: python3-opt-einsum Requires: python3-protobuf Requires: python3-six -Requires: python3-tensorboard = %{version} -Requires: python3-tensorflow-estimator = %{version} Requires: python3-termcolor Requires: python3-wrapt +Requires: (python3-keras >= %{base_vers_min} with python3-keras < %{base_vers_max}) +Requires: (python3-tensorboard >= %{base_vers_min} with python3-tensorboard < %{base_vers_max}) +Requires: (python3-tensorflow-estimator >= %{base_vers_min} with python3-tensorflow-estimator < %{base_vers_max}) %if %{with hpc} Requires: python3-numpy-%{compiler_family}%{?c_f_ver}-hpc %else @@ -332,7 +336,6 @@ BuildRequires: python3-flatbuffers BuildRequires: python3-gast BuildRequires: python3-h5py -BuildRequires: python3-keras = %{version} BuildRequires: python3-mock BuildRequires: python3-numpy-devel BuildRequires: python3-opt-einsum @@ -340,8 +343,6 @@ BuildRequires: python3-protobuf BuildRequires: python3-setuptools BuildRequires: python3-six -BuildRequires: python3-tensorboard = %{version} -BuildRequires: python3-tensorflow-estimator = %{version} BuildRequires: python3-termcolor BuildRequires: python3-wheel BuildRequires: python3-wrapt @@ -351,6 +352,9 @@ BuildRequires: unzip BuildRequires: upb-devel BuildRequires: zlib-devel +BuildRequires: (python3-keras >= %{base_vers_min} with python3-keras < %{base_vers_max}) +BuildRequires: (python3-tensorboard >= %{base_vers_min} with python3-tensorboard < %{base_vers_max}) +BuildRequires: (python3-tensorflow-estimator >= %{base_vers_min} with python3-tensorflow-estimator < %{base_vers_max}) %if %{with hpc} %hpc_requires BuildRequires: %{compiler_family}%{?c_f_ver}-compilers-hpc-macros-devel @@ -683,6 +687,7 @@ --verbose_failures \\\ --cxxopt="-D_GLIBCXX_USE_CXX11_ABI=1" \\\ --config=%{mklconfig} \\\ + --config=nonccl \\\ --config=v2 \\\ --config=noaws \\\ --override_repository="upb=/usr/share/bazel-workspaces/upb" \\\ ++++++ tensorflow-2.6.0.tar.gz -> tensorflow-2.6.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/tensorflow2/tensorflow-2.6.0.tar.gz /work/SRC/openSUSE:Factory/.tensorflow2.new.1890/tensorflow-2.6.2.tar.gz differ: char 13, line 1
