openSUSE-SU-2020:1766-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:1766-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:1766-1
- Related
- Published
- 2020-10-29T11:23:39Z
- Modified
- 2020-10-29T11:23:39Z
- Summary
- Security update for tensorflow2
- Details
-
This update for tensorflow2 fixes the following issues:
- updated to 2.1.2 with following fixes (boo#1177022):
- Fixes an undefined behavior causing a segfault in tf.rawops.Switch (CVE-2020-15190)
- Fixes three vulnerabilities in conversion to DLPack format (CVE-2020-15191, CVE-2020-15192, CVE-2020-15193)
- Fixes two vulnerabilities in SparseFillEmptyRowsGrad (CVE-2020-15194, CVE-2020-15195)
- Fixes an integer truncation vulnerability in code using the work sharder API (CVE-2020-15202)
- Fixes a format string vulnerability in tf.strings.asstring (CVE-2020-15203)
- Fixes segfault raised by calling session-only ops in eager mode (CVE-2020-15204)
- Fixes data leak and potential ASLR violation from tf.raw_ops.StringNGrams (CVE-2020-15205)
- Fixes segfaults caused by incomplete SavedModel validation (CVE-2020-15206)
- Fixes a data corruption due to a bug in negative indexing support in TFLite (CVE-2020-15207)
- Fixes a data corruption due to dimension mismatch in TFLite (CVE-2020-15208)
- Fixes several vulnerabilities in TFLite saved model format (CVE-2020-15209, CVE-2020-15210, CVE-2020-15211)
- updated to 2.1.2 with following fixes (boo#1177022):
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TNMEEN772D6LWSHNB64QFB5TB3CZZEF4/
- https://bugzilla.suse.com/1173314
- https://bugzilla.suse.com/1175099
- https://bugzilla.suse.com/1175789
- https://bugzilla.suse.com/1177022
- https://www.suse.com/security/cve/CVE-2020-15190
- https://www.suse.com/security/cve/CVE-2020-15191
- https://www.suse.com/security/cve/CVE-2020-15192
- https://www.suse.com/security/cve/CVE-2020-15193
- https://www.suse.com/security/cve/CVE-2020-15194
- https://www.suse.com/security/cve/CVE-2020-15195
- https://www.suse.com/security/cve/CVE-2020-15202
- https://www.suse.com/security/cve/CVE-2020-15203
- https://www.suse.com/security/cve/CVE-2020-15204
- https://www.suse.com/security/cve/CVE-2020-15205
- https://www.suse.com/security/cve/CVE-2020-15206
- https://www.suse.com/security/cve/CVE-2020-15207
- https://www.suse.com/security/cve/CVE-2020-15208
- https://www.suse.com/security/cve/CVE-2020-15209
- https://www.suse.com/security/cve/CVE-2020-15210
- https://www.suse.com/security/cve/CVE-2020-15211
Affected packages
openSUSE:Leap 15.2 / tensorflow2
Package
- Name
- tensorflow2
- Purl
- purl:rpm/suse/tensorflow2&distro=openSUSE%20Leap%2015.2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.1.2-lp152.7.3.1
Ecosystem specific
{
"binaries": [
{
"libtensorflow2": "2.1.2-lp152.7.3.1",
"libtensorflow2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc-devel": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc-devel": "2.1.2-lp152.7.3.1",
"tensorflow2-gnu-hpc": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-devel": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2": "2.1.2-lp152.7.3.1",
"libtensorflow2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc-doc": "2.1.2-lp152.7.3.1",
"tensorflow2-doc": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2-gnu-hpc": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-lite": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc-doc": "2.1.2-lp152.7.3.1",
"tensorflow2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-lite-devel": "2.1.2-lp152.7.3.1",
"tensorflow2": "2.1.2-lp152.7.3.1"
}
]
}
openSUSE:Leap 15.2 / tensorflow2-lite
Package
- Name
- tensorflow2-lite
- Purl
- purl:rpm/suse/tensorflow2-lite&distro=openSUSE%20Leap%2015.2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.1.2-lp152.7.3.1
Ecosystem specific
{
"binaries": [
{
"libtensorflow2": "2.1.2-lp152.7.3.1",
"libtensorflow2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc-devel": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc-devel": "2.1.2-lp152.7.3.1",
"tensorflow2-gnu-hpc": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-devel": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2": "2.1.2-lp152.7.3.1",
"libtensorflow2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc-doc": "2.1.2-lp152.7.3.1",
"tensorflow2-doc": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2-gnu-hpc": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-lite": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc-doc": "2.1.2-lp152.7.3.1",
"tensorflow2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-lite-devel": "2.1.2-lp152.7.3.1",
"tensorflow2": "2.1.2-lp152.7.3.1"
}
]
}
openSUSE:Leap 15.2 / tensorflow2_2_1_2-gnu-hpc
Package
- Name
- tensorflow2_2_1_2-gnu-hpc
- Purl
- purl:rpm/suse/tensorflow2_2_1_2-gnu-hpc&distro=openSUSE%20Leap%2015.2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.1.2-lp152.7.3.1
Ecosystem specific
{
"binaries": [
{
"libtensorflow2": "2.1.2-lp152.7.3.1",
"libtensorflow2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc-devel": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc-devel": "2.1.2-lp152.7.3.1",
"tensorflow2-gnu-hpc": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-devel": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2": "2.1.2-lp152.7.3.1",
"libtensorflow2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc-doc": "2.1.2-lp152.7.3.1",
"tensorflow2-doc": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2-gnu-hpc": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-lite": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc-doc": "2.1.2-lp152.7.3.1",
"tensorflow2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-lite-devel": "2.1.2-lp152.7.3.1",
"tensorflow2": "2.1.2-lp152.7.3.1"
}
]
}
openSUSE:Leap 15.2 / tensorflow2_2_1_2-gnu-openmpi2-hpc
Package
- Name
- tensorflow2_2_1_2-gnu-openmpi2-hpc
- Purl
- purl:rpm/suse/tensorflow2_2_1_2-gnu-openmpi2-hpc&distro=openSUSE%20Leap%2015.2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.1.2-lp152.7.3.1
Ecosystem specific
{
"binaries": [
{
"libtensorflow2": "2.1.2-lp152.7.3.1",
"libtensorflow2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc-devel": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc-devel": "2.1.2-lp152.7.3.1",
"tensorflow2-gnu-hpc": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-devel": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2": "2.1.2-lp152.7.3.1",
"libtensorflow2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-hpc-doc": "2.1.2-lp152.7.3.1",
"tensorflow2-doc": "2.1.2-lp152.7.3.1",
"libtensorflow_framework2-gnu-hpc": "2.1.2-lp152.7.3.1",
"libtensorflow_cc2-gnu-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-lite": "2.1.2-lp152.7.3.1",
"tensorflow2_2_1_2-gnu-openmpi2-hpc-doc": "2.1.2-lp152.7.3.1",
"tensorflow2-gnu-openmpi2-hpc": "2.1.2-lp152.7.3.1",
"tensorflow2-lite-devel": "2.1.2-lp152.7.3.1",
"tensorflow2": "2.1.2-lp152.7.3.1"
}
]
}