From 8e696947843c5fb48ecc7a984efce25071f2fd3b Mon Sep 17 00:00:00 2001 From: the_laughing_man <2115994138@qq.com> Date: Sat, 26 Jun 2021 21:59:19 +0800 Subject: [PATCH 1/3] fix CVE-2021-29540 --- 0002-CVE-2021-29540.patch | 42 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 0002-CVE-2021-29540.patch diff --git a/0002-CVE-2021-29540.patch b/0002-CVE-2021-29540.patch new file mode 100644 index 0000000..ad661e1 --- /dev/null +++ b/0002-CVE-2021-29540.patch @@ -0,0 +1,42 @@ +From c570e2ecfc822941335ad48f6e10df4e21f11c96 Mon Sep 17 00:00:00 2001 +From: Mihai Maruseac +Date: Wed, 21 Apr 2021 17:50:10 -0700 +Subject: [PATCH] Fix issues in Conv2DBackpropFilter. + +PiperOrigin-RevId: 369772454 +Change-Id: I49b465f2ae2ce91def61b56cea8000197d5177d8 +--- + tensorflow/core/kernels/conv_grad_filter_ops.cc | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/tensorflow/core/kernels/conv_grad_filter_ops.cc b/tensorflow/core/kernels/conv_grad_filter_ops.cc +index fb48e3e285a27..2645d850ab7cf 100644 +--- a/tensorflow/core/kernels/conv_grad_filter_ops.cc ++++ b/tensorflow/core/kernels/conv_grad_filter_ops.cc +@@ -495,6 +495,14 @@ class Conv2DCustomBackpropFilterOp : public OpKernel { + const int filter_total_size = dims.spatial_dims[0].filter_size * + dims.spatial_dims[1].filter_size * + dims.in_depth; ++ OP_REQUIRES( ++ context, ++ filter_total_size * dims.out_depth == filter_backprop->NumElements(), ++ errors::InvalidArgument( ++ "filter_size does not have enough elements, requested ", ++ filter_total_size * dims.out_depth, ", got ", ++ filter_backprop->NumElements())); ++ + // The output image size is the spatial size of the output. + const int output_image_size = + dims.spatial_dims[0].output_size * dims.spatial_dims[1].output_size; +@@ -518,6 +526,11 @@ class Conv2DCustomBackpropFilterOp : public OpKernel { + + const size_t work_unit_size = size_A + size_B + size_C; + ++ OP_REQUIRES( ++ context, work_unit_size != 0, ++ errors::InvalidArgument( ++ "Work size for convolution would be 0, which is not acceptable")); ++ + const size_t shard_size = + (target_working_set_size + work_unit_size - 1) / work_unit_size; + -- Gitee From dc3560c4c822f624e0193a7b3fd1d6fda118eb71 Mon Sep 17 00:00:00 2001 From: the_laughing_man <2115994138@qq.com> Date: Tue, 29 Jun 2021 15:44:03 +0800 Subject: [PATCH 2/3] Fix CVE-2021-29540.patch --- 0002-CVE-2021-29540.patch => CVE-2021-29540.patch | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename 0002-CVE-2021-29540.patch => CVE-2021-29540.patch (100%) diff --git a/0002-CVE-2021-29540.patch b/CVE-2021-29540.patch similarity index 100% rename from 0002-CVE-2021-29540.patch rename to CVE-2021-29540.patch -- Gitee From b521c75c822f0e6d63392a835b086a6b3e8d7185 Mon Sep 17 00:00:00 2001 From: the_laughing_man <2115994138@qq.com> Date: Tue, 29 Jun 2021 15:45:56 +0800 Subject: [PATCH 3/3] update tensorflow.spec --- tensorflow.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tensorflow.spec b/tensorflow.spec index 452938e..c724ed9 100644 --- a/tensorflow.spec +++ b/tensorflow.spec @@ -1,7 +1,7 @@ %global _empty_manifest_terminate_build 0 Name: tensorflow Version: 2.3.1 -Release: 3 +Release: 4 Summary: An Open Source Machine Learning Framework for Everyone License: Apache License 2.0 URL: https://www.tensorflow.org/ @@ -13,6 +13,7 @@ Patch0001: 0001-Add-arm-source-file-into-aws-checksums.patch Patch0002: CVE-2021-29538.patch Patch0003: CVE-2021-29535.patch Patch0004: CVE-2021-29566.patch +Patch0005: CVE-2021-29540.patch Requires: python3-future Requires: python3-numpy @@ -59,6 +60,9 @@ bazel --output_user_root=`pwd`/../output_user_root build //tensorflow/tools/pip_ %{_bindir}/* %changelog +* Sat Jun 26 2021 wss1235<2115994138@qq.com> - 2.3.1-4 +- Fix CVE-2021-29540.patch + * Fri Jun 25 2021 yaozc7 - 2.3.1-3 - Add patch CVE-2021-29538,CVE-2021-29535,CVE-2021-29566 -- Gitee