diff --git a/CVE-2021-41202.patch b/CVE-2021-41202.patch new file mode 100644 index 0000000000000000000000000000000000000000..c91886d1142b62dd4081ee6a42553e991f9d39fd --- /dev/null +++ b/CVE-2021-41202.patch @@ -0,0 +1,45 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/kernels/sequence_ops.cc tensorflow-2.3.1-new/tensorflow/core/kernels/sequence_ops.cc +--- tensorflow-2.3.1/tensorflow/core/kernels/sequence_ops.cc 2022-06-15 15:45:00.284730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/kernels/sequence_ops.cc 2022-06-21 15:36:47.516736000 +0800 +@@ -71,10 +71,13 @@ + errors::InvalidArgument( + "Requires start >= limit when delta < 0: ", start, "/", limit)); + } +- int64 size = (std::is_integral::value +- ? ((std::abs(limit - start) + std::abs(delta) - 1) / +- std::abs(delta)) +- : std::ceil(std::abs((limit - start) / delta))); ++ int64_t size = 0; ++ if (std::is_integral::value) { ++ size = static_cast( ++ (std::abs(limit - start) + std::abs(delta) - 1) / std::abs(delta)); ++ } else { ++ size = static_cast(std::ceil(std::abs((limit - start) / delta))); ++ } + Tensor* out = nullptr; + OP_REQUIRES_OK(context, + context->allocate_output(0, TensorShape({size}), &out)); +diff -Naru tensorflow-2.3.1/tensorflow/python/kernel_tests/init_ops_test.py tensorflow-2.3.1-new/tensorflow/python/kernel_tests/init_ops_test.py +--- tensorflow-2.3.1/tensorflow/python/kernel_tests/init_ops_test.py 2022-06-15 15:45:07.354730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/python/kernel_tests/init_ops_test.py 2022-06-21 15:36:10.373027000 +0800 +@@ -23,6 +23,7 @@ + + from tensorflow.python.framework import constant_op + from tensorflow.python.framework import dtypes ++from tensorflow.python.framework import errors_impl + from tensorflow.python.framework import ops + from tensorflow.python.framework import random_seed + from tensorflow.python.framework import test_util +@@ -542,6 +543,12 @@ + constant_op.constant(4, dtype=dtypes.int32), dtype=dtypes.int64) + self.assertAllEqual(self.evaluate(tf_ans), np.array([0, 1, 2, 3])) + ++ def testLargeLimits(self): ++ # Test case for GitHub issue 46913. ++ with self.session(): ++ with self.assertRaises(errors_impl.ResourceExhaustedError): ++ v = math_ops.range(0, 9223372036854775807) ++ self.evaluate(v) + + # TODO(vrv): move to sequence_ops_test? + class LinSpaceTest(test.TestCase): diff --git a/CVE-2021-41209_CVE-2021-41207.patch b/CVE-2021-41209_CVE-2021-41207.patch new file mode 100644 index 0000000000000000000000000000000000000000..f8e876effd122b7833f354d3ec269028a6f6f311 --- /dev/null +++ b/CVE-2021-41209_CVE-2021-41207.patch @@ -0,0 +1,18 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/kernels/inplace_ops.cc tensorflow-2.3.1-new/tensorflow/core/kernels/inplace_ops.cc +--- tensorflow-2.3.1/tensorflow/core/kernels/inplace_ops.cc 2022-06-15 15:44:58.174730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/kernels/inplace_ops.cc 2022-06-15 15:49:41.323465000 +0800 +@@ -91,6 +91,14 @@ + + void Compute(OpKernelContext* ctx) override { + auto value = ctx->input(0); ++ // Value should be at least rank 1. Also the 0th dimension should be ++ // at least loc_. ++ OP_REQUIRES(ctx, value.dims() >= 1, ++ errors::InvalidArgument("value should be at least rank 1.")); ++ OP_REQUIRES( ++ ctx, value.dim_size(0) > loc_, ++ errors::InvalidArgument("0th dimension of value = ", value.dim_size(0), ++ " is less than loc_=", loc_)); + auto update = ctx->input(1); + + OP_REQUIRES( diff --git a/CVE-2021-41213.patch b/CVE-2021-41213.patch new file mode 100644 index 0000000000000000000000000000000000000000..4c21203a21e6455d1e9c6727746851dae27eb316 --- /dev/null +++ b/CVE-2021-41213.patch @@ -0,0 +1,42 @@ +diff -Naru tensorflow-2.3.1/tensorflow/python/eager/def_function.py tensorflow-2.3.1-new/tensorflow/python/eager/def_function.py +--- tensorflow-2.3.1/tensorflow/python/eager/def_function.py 2022-06-15 15:45:06.084730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/python/eager/def_function.py 2022-06-15 16:02:49.383046000 +0800 +@@ -86,7 +86,7 @@ + + def __init__(self): + self._counters = weakref.WeakKeyDictionary() # GUARDED_BY(self._lock) +- self._lock = threading.Lock() ++ self._lock = threading.RLock() + + def _get_counter(self, key): + if key not in self._counters: +@@ -516,7 +516,7 @@ + ValueError: if `input_signature` is not None and the `python_function`'s + argspec has keyword arguments. + """ +- self._lock = threading.Lock() ++ self._lock = threading.RLock() + self._python_function = python_function + self._function_spec = function_lib.FunctionSpec.from_function_and_signature( + python_function, input_signature) +@@ -549,7 +549,7 @@ + def __setstate__(self, state): + """Restore from pickled state.""" + self.__dict__ = state +- self._lock = threading.Lock() ++ self._lock = threading.RLock() + self._descriptor_cache = weakref.WeakKeyDictionary() + self._key_for_call_stats = self._get_key_for_call_stats() + +diff -Naru tensorflow-2.3.1/tensorflow/python/eager/function.py tensorflow-2.3.1-new/tensorflow/python/eager/function.py +--- tensorflow-2.3.1/tensorflow/python/eager/function.py 2022-06-15 15:45:06.124730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/python/eager/function.py 2022-06-15 16:02:46.483046000 +0800 +@@ -2815,7 +2815,7 @@ + self._capture_by_value = capture_by_value + self.tracing_count = 0 + +- self._lock = threading.Lock() ++ self._lock = threading.RLock() + # _descriptor_cache is a of instance of a class to an instance-specific + # `Function`, used to make sure defun-decorated methods create different + # functions for each instance. diff --git a/CVE-2021-41218.patch b/CVE-2021-41218.patch new file mode 100644 index 0000000000000000000000000000000000000000..111c63a177e8ca83c56728e47144fcd1e9fd1a05 --- /dev/null +++ b/CVE-2021-41218.patch @@ -0,0 +1,47 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/ops/tpu_cross_replica_ops.cc tensorflow-2.3.1-new/tensorflow/core/ops/tpu_cross_replica_ops.cc +--- tensorflow-2.3.1/tensorflow/core/ops/tpu_cross_replica_ops.cc 2022-06-15 15:45:01.694730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/ops/tpu_cross_replica_ops.cc 2022-06-16 09:11:48.969108000 +0800 +@@ -32,6 +32,7 @@ + .Attr("split_count: int") + .SetShapeFn([](InferenceContext* c) { + ShapeHandle input = c->input(0); ++ ShapeHandle group_assignment = c->input(1); + int64 rank; + if (c->RankKnown(input)) { + rank = c->Rank(input); +@@ -43,7 +44,21 @@ + int split_count; + + TF_RETURN_IF_ERROR(c->GetAttr("split_count", &split_count)); +- ++ if (split_count < 1) { ++ return errors::InvalidArgument("split_count ", split_count, ++ " must at least be one."); ++ } ++ if (c->RankKnown(group_assignment) && c->Rank(group_assignment) != 2) { ++ return errors::InvalidArgument("group_assignment must have rank 2."); ++ } ++ DimensionHandle num_replicas_per_group = c->Dim(group_assignment, 1); ++ if (c->ValueKnown(num_replicas_per_group) && ++ (c->Value(num_replicas_per_group) != split_count)) { ++ return errors::InvalidArgument( ++ "split_count ", split_count, ++ " must equal the size of the second dimension of group_assignment ", ++ c->Value(num_replicas_per_group)); ++ } + TF_RETURN_IF_ERROR(c->GetAttr("concat_dimension", &concat_dimension)); + + if (concat_dimension < 0 || concat_dimension >= rank) { +@@ -66,6 +81,12 @@ + dims[i] = c->MakeDim(c->Value(dims[i]) * split_count); + } + if (i == split_dimension) { ++ if (c->ValueKnown(dims[i]) && ++ (c->Value(dims[i]) % split_count != 0)) { ++ return errors::InvalidArgument( ++ "input dimension ", c->Value(dims[i]), ++ " not divisible by split_count ", split_count); ++ } + dims[i] = c->MakeDim(c->Value(dims[i]) / split_count); + } + } diff --git a/CVE-2021-41222.patch b/CVE-2021-41222.patch new file mode 100644 index 0000000000000000000000000000000000000000..11708539b0055d7ac5a5c3f084c1406fe8f741be --- /dev/null +++ b/CVE-2021-41222.patch @@ -0,0 +1,61 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/kernels/split_v_op.cc tensorflow-2.3.1-new/tensorflow/core/kernels/split_v_op.cc +--- tensorflow-2.3.1/tensorflow/core/kernels/split_v_op.cc 2022-06-15 15:45:00.624730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/kernels/split_v_op.cc 2022-06-21 11:06:13.317876000 +0800 +@@ -138,6 +138,13 @@ + (*split_sizes_vec)[neg_one_dim] = input_size_split_dim - determined_size; + } + ++ for (int i = 0; i < split_sizes_vec->size(); ++i) { ++ const Tlen& split_size = (*split_sizes_vec)[i]; ++ OP_REQUIRES(context, split_size >= Tlen(0), ++ errors::InvalidArgument("Split size at index ", i, ++ " must be >= 0. Got: ", split_size)); ++ } ++ + // Special case 2: split along the 1st dimension. We can share the + // underlying buffer. + // +diff -Naru tensorflow-2.3.1/tensorflow/core/ops/array_ops.cc tensorflow-2.3.1-new/tensorflow/core/ops/array_ops.cc +--- tensorflow-2.3.1/tensorflow/core/ops/array_ops.cc 2022-06-15 15:45:01.354730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/ops/array_ops.cc 2022-06-21 11:07:25.630637000 +0800 +@@ -680,6 +680,12 @@ + if (data[i] == -1 && c->ValueKnown(split_dim_size)) { + size = split_dim_size - total_size; + } ++ // If we have a negative known size (either explicit, or computed ++ // via -1), then the split sizes are invalid. ++ if (size < -1 || (size == -1 && c->ValueKnown(split_dim_size))) { ++ return errors::InvalidArgument("Split size at index ", i, ++ " must be >= 0. Got: ", size); ++ } + TF_RETURN_IF_ERROR( + c->ReplaceDim(input, split_dim, c->MakeDim(size), &output_shape)); + c->set_output(i, output_shape); +diff -Naru tensorflow-2.3.1/tensorflow/python/kernel_tests/split_op_test.py tensorflow-2.3.1-new/tensorflow/python/kernel_tests/split_op_test.py +--- tensorflow-2.3.1/tensorflow/python/kernel_tests/split_op_test.py 2022-06-15 15:45:07.704730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/python/kernel_tests/split_op_test.py 2022-06-21 11:09:32.137253000 +0800 +@@ -387,6 +387,24 @@ + with self.assertRaisesRegexp(errors_impl.InvalidArgumentError, + "must have exactly one element"): + sess.run(y, {x: np.array([], dtype=np.int32), splits: [4, 11, 15]}) ++ ++ @test_util.run_in_graph_and_eager_modes ++ def testNegativeSizes(self): ++ x = constant_op.constant([1, 2, 3], dtypes.float32) ++ # A size of -1 signifies to determine size based on sum of other splits. ++ with self.assertRaisesRegex((ValueError, errors_impl.InvalidArgumentError), ++ "Split size at index 1 must be >= 0. Got: -2"): ++ splits = [-1, -2] ++ self.evaluate(array_ops.split(x, splits, axis=0)) ++ ++ @test_util.run_in_graph_and_eager_modes ++ def testBadSplitSizes(self): ++ x = constant_op.constant([1, 2], dtypes.float32) ++ with self.assertRaisesRegex((ValueError, errors_impl.InvalidArgumentError), ++ "Determined shape must either match input" ++ "|can't split axis"): ++ splits = [1, 2] ++ self.evaluate(array_ops.split(x, splits, axis=0)) + + + if __name__ == "__main__": diff --git a/CVE-2021-41227.patch b/CVE-2021-41227.patch new file mode 100644 index 0000000000000000000000000000000000000000..4e58e59a5a3fff125ea8ec16e647d6d9d4cfcae6 --- /dev/null +++ b/CVE-2021-41227.patch @@ -0,0 +1,13 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/kernels/immutable_constant_op.cc tensorflow-2.3.1-new/tensorflow/core/kernels/immutable_constant_op.cc +--- tensorflow-2.3.1/tensorflow/core/kernels/immutable_constant_op.cc 2022-06-15 15:44:58.074730000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/kernels/immutable_constant_op.cc 2022-06-15 15:53:50.236972000 +0800 +@@ -89,6 +89,9 @@ + + OP_REQUIRES_OK(ctx, + allocator->InitializeFromRegion(region_name_, ctx->env())); ++ OP_REQUIRES(ctx, dtype_ != DT_STRING, ++ errors::Unimplemented("Sorry, DT_STRING is not currently " ++ "supported for ImmutableConstOp.")); + ctx->set_output(0, Tensor(allocator.get(), dtype_, shape_)); + OP_REQUIRES_OK(ctx, allocator->allocation_status()); + // Allocator is owned by the tensor from this point. diff --git a/CVE-2022-23557.patch b/CVE-2022-23557.patch new file mode 100644 index 0000000000000000000000000000000000000000..e947e483cc869b5c32798298c6b677854577528d --- /dev/null +++ b/CVE-2022-23557.patch @@ -0,0 +1,11 @@ +diff -Naru tensorflow-2.3.1/tensorflow/lite/kernels/internal/common.h tensorflow-2.3.1-new/tensorflow/lite/kernels/internal/common.h +--- tensorflow-2.3.1/tensorflow/lite/kernels/internal/common.h 2022-06-15 15:45:43.615809000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/lite/kernels/internal/common.h 2022-06-17 10:22:49.262793000 +0800 +@@ -72,6 +72,7 @@ + inline void BiasAndClamp(float clamp_min, float clamp_max, int bias_size, + const float* bias_data, int array_size, + float* array_data) { ++ if (bias_size == 0) return; + // Note: see b/132215220: in May 2019 we thought it would be OK to replace + // this with the Eigen one-liner: + // return (array.colwise() + bias).cwiseMin(clamp_max).cwiseMin(clamp_max). diff --git a/CVE-2022-23571.patch b/CVE-2022-23571.patch new file mode 100644 index 0000000000000000000000000000000000000000..878b267f5a7033fa175ed363cd4373043d6e5245 --- /dev/null +++ b/CVE-2022-23571.patch @@ -0,0 +1,19 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/framework/tensor.cc tensorflow-2.3.1-new/tensorflow/core/framework/tensor.cc +--- tensorflow-2.3.1/tensorflow/core/framework/tensor.cc 2022-06-15 15:44:55.614267000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/framework/tensor.cc 2022-06-17 10:09:25.251432000 +0800 +@@ -935,6 +935,15 @@ + dtype_error = true, dtype_error = true); + } + if (dtype_error || p == nullptr) return false; ++ } else { ++ // Handle the case of empty tensors (N = 0) or tensors with incomplete shape ++ // (N = -1). All other values of `shape.num_elements()` should be invalid by ++ // construction. ++ // Here, we just need to validate that the `proto.dtype()` value is valid. ++ bool dtype_error = false; ++ CASES_WITH_DEFAULT(proto.dtype(), break, dtype_error = true, ++ dtype_error = true); ++ if (dtype_error) return false; + } + shape_ = shape; + set_dtype(proto.dtype()); diff --git a/CVE-2022-23575.patch b/CVE-2022-23575.patch new file mode 100644 index 0000000000000000000000000000000000000000..6995a97f66fb1d6b0072d0e9c58da96b9bafd771 --- /dev/null +++ b/CVE-2022-23575.patch @@ -0,0 +1,26 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/grappler/costs/op_level_cost_estimator.cc tensorflow-2.3.1-new/tensorflow/core/grappler/costs/op_level_cost_estimator.cc +--- tensorflow-2.3.1/tensorflow/core/grappler/costs/op_level_cost_estimator.cc 2022-06-15 15:45:44.325809000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/grappler/costs/op_level_cost_estimator.cc 2022-06-22 15:58:16.528521000 +0800 +@@ -24,6 +24,7 @@ + #include "tensorflow/core/framework/types.h" + #include "tensorflow/core/grappler/clusters/utils.h" + #include "tensorflow/core/grappler/costs/utils.h" ++#include "tensorflow/core/util/overflow.h" + + namespace tensorflow { + namespace grappler { +@@ -1218,7 +1219,13 @@ + int64 count = CalculateTensorElementCount(tensor, found_unknown_shapes); + int size = DataTypeSize(BaseType(tensor.dtype())); + VLOG(2) << "Count: " << count << " DataTypeSize: " << size; +- return count * size; ++ int64 tensor_size = MultiplyWithoutOverflow(count, size); ++ if (tensor_size < 0) { ++ VLOG(1) << "Overflow encountered when computing tensor size, multiplying " ++ << count << " with " << size; ++ return -1; ++ } ++ return tensor_size; + } + + int64 OpLevelCostEstimator::CalculateInputSize(const OpInfo& op_info, diff --git a/CVE-2022-23577.patch b/CVE-2022-23577.patch new file mode 100644 index 0000000000000000000000000000000000000000..c612069761757551f4d31e6b75ba0e607d796281 --- /dev/null +++ b/CVE-2022-23577.patch @@ -0,0 +1,21 @@ +diff -Naru tensorflow-2.3.1/tensorflow/cc/saved_model/loader_util.cc tensorflow-2.3.1-new/tensorflow/cc/saved_model/loader_util.cc +--- tensorflow-2.3.1/tensorflow/cc/saved_model/loader_util.cc 2022-06-15 15:44:52.174267000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/cc/saved_model/loader_util.cc 2022-06-17 10:05:56.823581000 +0800 +@@ -34,9 +34,14 @@ + const auto& init_op_sig_it = + meta_graph_def.signature_def().find(kSavedModelInitOpSignatureKey); + if (init_op_sig_it != sig_def_map.end()) { +- *init_op_name = init_op_sig_it->second.outputs() +- .find(kSavedModelInitOpSignatureKey) +- ->second.name(); ++ const auto& sig_def_outputs = init_op_sig_it->second.outputs(); ++ const auto& sig_def_outputs_it = ++ sig_def_outputs.find(kSavedModelInitOpSignatureKey); ++ if (sig_def_outputs_it == sig_def_outputs.end()) { ++ return errors::FailedPrecondition("Could not find output ", ++ kSavedModelInitOpSignatureKey); ++ } ++ *init_op_name = sig_def_outputs_it->second.name(); + return Status::OK(); + } + diff --git a/CVE-2022-23578.patch b/CVE-2022-23578.patch new file mode 100644 index 0000000000000000000000000000000000000000..e8cda651b110f946d0cc10ee0aee1a56e1111709 --- /dev/null +++ b/CVE-2022-23578.patch @@ -0,0 +1,11 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/common_runtime/immutable_executor_state.cc tensorflow-2.3.1-new/tensorflow/core/common_runtime/immutable_executor_state.cc +--- tensorflow-2.3.1/tensorflow/core/common_runtime/immutable_executor_state.cc 2022-06-15 15:44:54.134267000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/common_runtime/immutable_executor_state.cc 2022-06-15 16:15:08.926344000 +0800 +@@ -131,6 +131,7 @@ + + Status s = params_.create_kernel(n->properties(), &item->kernel); + if (!s.ok()) { ++ params_.delete_kernel(item->kernel); + item->kernel = nullptr; + s = AttachDef(s, *n); + return s; diff --git a/CVE-2022-23582.patch b/CVE-2022-23582.patch new file mode 100644 index 0000000000000000000000000000000000000000..5665f646f6cc4a23852291719dacb5d33e8055b3 --- /dev/null +++ b/CVE-2022-23582.patch @@ -0,0 +1,12 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/framework/attr_value_util.cc tensorflow-2.3.1-new/tensorflow/core/framework/attr_value_util.cc +--- tensorflow-2.3.1/tensorflow/core/framework/attr_value_util.cc 2022-06-15 15:44:55.054267000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/framework/attr_value_util.cc 2022-06-17 09:49:25.060191000 +0800 +@@ -42,7 +42,7 @@ + // not fully defined return -1. + int64 TensorByteSize(const TensorProto& t) { + // num_elements returns -1 if shape is not fully defined. +- int64 num_elems = TensorShape(t.tensor_shape()).num_elements(); ++ int64 num_elems = PartialTensorShape(t.tensor_shape()).num_elements(); + return num_elems < 0 ? -1 : num_elems * DataTypeSize(t.dtype()); + } + diff --git a/CVE-2022-23585.patch b/CVE-2022-23585.patch new file mode 100644 index 0000000000000000000000000000000000000000..ce9b41428097a18a89d3ac4ce751659d04e0d231 --- /dev/null +++ b/CVE-2022-23585.patch @@ -0,0 +1,28 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/kernels/decode_image_op.cc tensorflow-2.3.1-new/tensorflow/core/kernels/decode_image_op.cc +--- tensorflow-2.3.1/tensorflow/core/kernels/decode_image_op.cc 2022-06-15 15:44:57.374267000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/kernels/decode_image_op.cc 2022-06-17 09:44:09.384607000 +0800 +@@ -29,6 +29,8 @@ + #include "tensorflow/core/lib/png/png_io.h" + #include "tensorflow/core/lib/strings/str_util.h" + #include "tensorflow/core/platform/logging.h" ++#include "tensorflow/core/lib/gtl/cleanup.h" ++ + + namespace tensorflow { + namespace { +@@ -243,6 +245,15 @@ + png::CommonInitDecode(input, channels_, channel_bits_, &decode), + errors::InvalidArgument("Invalid PNG header, data size ", + input.size())); ++ // If we reach this point, then there is data in `decode` which must be ++ // freed by the time we end execution in this function. We cannot call ++ // `png::CommonFreeDecode()` before an `OP_REQUIRES` because if ++ // `OP_REQUIRES` constraint is satisfied then the data would be freed ++ // prematurely. Instead, let's use a `Cleanup` object. ++ auto cleanup = gtl::MakeCleanup([&decode]() { ++ std::cerr << "Cleanup called...\n"; ++ png::CommonFreeDecode(&decode); ++ }); + + // Verify that width and height are not too large: + // - verify width and height don't overflow int. diff --git a/CVE-2022-23586.patch b/CVE-2022-23586.patch new file mode 100644 index 0000000000000000000000000000000000000000..cf171c4f2d99c657e55b6b04e5de12e95fe831df --- /dev/null +++ b/CVE-2022-23586.patch @@ -0,0 +1,16 @@ +diff -Naru tensorflow-2.3.1/tensorflow/core/framework/function.cc tensorflow-2.3.1-new/tensorflow/core/framework/function.cc +--- tensorflow-2.3.1/tensorflow/core/framework/function.cc 2022-06-15 15:44:55.164267000 +0800 ++++ tensorflow-2.3.1-new/tensorflow/core/framework/function.cc 2022-06-17 09:59:11.204412000 +0800 +@@ -184,7 +184,11 @@ + for (size_t i = 0; i < dtypes.size(); ++i) { + TF_RETURN_IF_ERROR(AddItem(strings::StrCat(arg_def.name(), ":", i), + {true, arg_index, 0, false, {dtypes[i]}})); +- DCHECK_EQ(arg_index, result_.nodes.size()); ++ if (arg_index != result_.nodes.size()) { ++ return errors::Internal( ++ "Expected arg_index to be equal to the number of nodes in result.", ++ " Got ", arg_index, " and ", result_.nodes.size()); ++ } + string name = arg_def.name(); + if (dtypes.size() > 1) { + strings::StrAppend(&name, "_", i); diff --git a/tensorflow.spec b/tensorflow.spec index 5da9a4a132676245dc8f580ada14e8652b078146..fd21815ff0f7cea99ccabeefb679b65d0b67d834 100644 --- a/tensorflow.spec +++ b/tensorflow.spec @@ -1,7 +1,7 @@ %global _empty_manifest_terminate_build 0 Name: tensorflow Version: 2.3.1 -Release: 14 +Release: 15 Summary: An Open Source Machine Learning Framework for Everyone License: Apache License 2.0 URL: https://www.tensorflow.org/ @@ -195,6 +195,21 @@ Patch0182: CVE-2021-41223.patch Patch0183: 0001-distutils-is-deprecated-in-Python-3.10-51776.patch Patch0184: 0001-Provide-overload-to-cope-with-const-ness-change-of-N.patch +Patch0186: CVE-2021-41209_CVE-2021-41207.patch +Patch0187: CVE-2021-41213.patch +Patch0188: CVE-2021-41218.patch +Patch0189: CVE-2021-41222.patch +Patch0190: CVE-2021-41227.patch +Patch0191: CVE-2022-23557.patch +Patch0192: CVE-2021-41202.patch +Patch0193: CVE-2022-23571.patch +Patch0194: CVE-2022-23577.patch +Patch0195: CVE-2022-23578.patch +Patch0196: CVE-2022-23582.patch +Patch0197: CVE-2022-23585.patch +Patch0198: CVE-2022-23586.patch +Patch0199: CVE-2022-23575.patch + Requires: python3-future Requires: python3-numpy @@ -242,6 +257,9 @@ bazel --output_user_root=`pwd`/../output_user_root build --host_copt=-Wno-string %{_bindir}/* %changelog +* Wed Thu 23 2022 yanghuan - 2.3.1-15 +- Fix CVE-2022-23578 CVE-2021-41209 CVE-2021-41213 CVE-2021-41227 CVE-2021-41207 CVE-2021-41218 CVE-2021-41222 CVE-2021-41202 CVE-2022-23585 CVE-2022-23582 CVE-2022-23575 CVE-2022-23586 CVE-2022-23577 CVE-2022-23571 CVE-2022-23557 + * Sun Jun 12 2022 Zhipeng Xie - 2.3.1-14 - backport patch to fix build failure on python3.10