openSUSE Security Update: Security update for tensorflow2
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2022:10014-1
Rating:             moderate
References:         #1173128 #1173314 #1178287 #1178564 #1179455 
                    #1181864 #1186860 #1189423 
Cross-References:   CVE-2020-26266 CVE-2020-26267 CVE-2020-26268
                    CVE-2020-26270 CVE-2020-26271 CVE-2021-37635
                    CVE-2021-37636 CVE-2021-37637 CVE-2021-37638
                    CVE-2021-37639 CVE-2021-37640 CVE-2021-37641
                    CVE-2021-37642 CVE-2021-37643 CVE-2021-37644
                    CVE-2021-37645 CVE-2021-37646 CVE-2021-37647
                    CVE-2021-37648 CVE-2021-37649 CVE-2021-37650
                    CVE-2021-37651 CVE-2021-37652 CVE-2021-37653
                    CVE-2021-37654 CVE-2021-37655 CVE-2021-37656
                    CVE-2021-37657 CVE-2021-37658 CVE-2021-37659
                    CVE-2021-37660 CVE-2021-37661 CVE-2021-37662
                    CVE-2021-37663 CVE-2021-37664 CVE-2021-37665
                    CVE-2021-37666 CVE-2021-37667 CVE-2021-37668
                    CVE-2021-37669 CVE-2021-37670 CVE-2021-37671
                    CVE-2021-37672 CVE-2021-37673 CVE-2021-37674
                    CVE-2021-37675 CVE-2021-37676 CVE-2021-37677
                    CVE-2021-37678 CVE-2021-37679 CVE-2021-37680
                    CVE-2021-37681 CVE-2021-37682 CVE-2021-37683
                    CVE-2021-37684 CVE-2021-37685 CVE-2021-37686
                    CVE-2021-37687 CVE-2021-37688 CVE-2021-37689
                    CVE-2021-37690 CVE-2021-37691 CVE-2021-37692
                   
CVSS scores:
                    CVE-2020-26266 (NVD) : 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
                    CVE-2020-26268 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
                    CVE-2020-26270 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2020-26271 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-37639 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Backports SLE-15-SP3
______________________________________________________________________________

   An update that fixes 63 vulnerabilities is now available.

Description:


   This update for tensorflow fixes the following issues:


   Update to TF2 2.6.0 which fixes multiple CVEs (boo#1189423).

   - Introduction of bazel6.3 and basel-skylib1.0.3 as build dependencies.
     The latter has been adapted to all a version in its package name (if
     %set_ver_suffix is set to 1). This allows multiple versions to exist for
     one product (not installed). NOTE: basel-skylib1.0.3 does not exist in
     oS:Factory: basel-skylib in oS:Factory - the base version - is 1.0.3.


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Backports SLE-15-SP3:

      zypper in -t patch openSUSE-2022-10014=1



Package List:

   - openSUSE Backports SLE-15-SP3 (aarch64 s390x x86_64):

      tensorflow2-lite-2.6.0-bp153.2.3.1
      tensorflow2-lite-debuginfo-2.6.0-bp153.2.3.1
      tensorflow2-lite-debugsource-2.6.0-bp153.2.3.1
      tensorflow2-lite-devel-2.6.0-bp153.2.3.1

   - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):

      bazel3.7-3.7.2-bp153.2.1
      libtensorflow2-2.6.0-bp153.2.3.1
      libtensorflow2-debuginfo-2.6.0-bp153.2.3.1
      libtensorflow2-gnu-hpc-2.6.0-bp153.2.3.1
      libtensorflow2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1
      libtensorflow2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1
      libtensorflow2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1
      libtensorflow_cc2-2.6.0-bp153.2.3.1
      libtensorflow_cc2-debuginfo-2.6.0-bp153.2.3.1
      libtensorflow_cc2-gnu-hpc-2.6.0-bp153.2.3.1
      libtensorflow_cc2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1
      libtensorflow_cc2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1
      libtensorflow_cc2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1
      libtensorflow_framework2-2.6.0-bp153.2.3.1
      libtensorflow_framework2-debuginfo-2.6.0-bp153.2.3.1
      libtensorflow_framework2-gnu-hpc-2.6.0-bp153.2.3.1
      libtensorflow_framework2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1
      libtensorflow_framework2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1
      libtensorflow_framework2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1
      tensorflow2-2.6.0-bp153.2.3.1
      tensorflow2-debuginfo-2.6.0-bp153.2.3.1
      tensorflow2-debugsource-2.6.0-bp153.2.3.1
      tensorflow2-devel-2.6.0-bp153.2.3.1
      tensorflow2-doc-2.6.0-bp153.2.3.1
      tensorflow2-gnu-hpc-2.6.0-bp153.2.3.1
      tensorflow2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-hpc-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-hpc-debugsource-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-hpc-devel-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-hpc-doc-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-openmpi2-hpc-debugsource-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-openmpi2-hpc-devel-2.6.0-bp153.2.3.1
      tensorflow2_2_6_0-gnu-openmpi2-hpc-doc-2.6.0-bp153.2.3.1

   - openSUSE Backports SLE-15-SP3 (ppc64le):

      bazel3.7-3.7.2-bp153.4.1

   - openSUSE Backports SLE-15-SP3 (x86_64):

      libiomp5-2.6.0-bp153.2.3.1
      libiomp5-debuginfo-2.6.0-bp153.2.3.1
      libiomp5-gnu-hpc-2.6.0-bp153.2.3.1
      libiomp5-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1
      libiomp5-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1
      libiomp5-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1

   - openSUSE Backports SLE-15-SP3 (noarch):

      bazel-skylib1.0.3-source-1.0.3-bp153.2.1


References:

   https://www.suse.com/security/cve/CVE-2020-26266.html
   https://www.suse.com/security/cve/CVE-2020-26267.html
   https://www.suse.com/security/cve/CVE-2020-26268.html
   https://www.suse.com/security/cve/CVE-2020-26270.html
   https://www.suse.com/security/cve/CVE-2020-26271.html
   https://www.suse.com/security/cve/CVE-2021-37635.html
   https://www.suse.com/security/cve/CVE-2021-37636.html
   https://www.suse.com/security/cve/CVE-2021-37637.html
   https://www.suse.com/security/cve/CVE-2021-37638.html
   https://www.suse.com/security/cve/CVE-2021-37639.html
   https://www.suse.com/security/cve/CVE-2021-37640.html
   https://www.suse.com/security/cve/CVE-2021-37641.html
   https://www.suse.com/security/cve/CVE-2021-37642.html
   https://www.suse.com/security/cve/CVE-2021-37643.html
   https://www.suse.com/security/cve/CVE-2021-37644.html
   https://www.suse.com/security/cve/CVE-2021-37645.html
   https://www.suse.com/security/cve/CVE-2021-37646.html
   https://www.suse.com/security/cve/CVE-2021-37647.html
   https://www.suse.com/security/cve/CVE-2021-37648.html
   https://www.suse.com/security/cve/CVE-2021-37649.html
   https://www.suse.com/security/cve/CVE-2021-37650.html
   https://www.suse.com/security/cve/CVE-2021-37651.html
   https://www.suse.com/security/cve/CVE-2021-37652.html
   https://www.suse.com/security/cve/CVE-2021-37653.html
   https://www.suse.com/security/cve/CVE-2021-37654.html
   https://www.suse.com/security/cve/CVE-2021-37655.html
   https://www.suse.com/security/cve/CVE-2021-37656.html
   https://www.suse.com/security/cve/CVE-2021-37657.html
   https://www.suse.com/security/cve/CVE-2021-37658.html
   https://www.suse.com/security/cve/CVE-2021-37659.html
   https://www.suse.com/security/cve/CVE-2021-37660.html
   https://www.suse.com/security/cve/CVE-2021-37661.html
   https://www.suse.com/security/cve/CVE-2021-37662.html
   https://www.suse.com/security/cve/CVE-2021-37663.html
   https://www.suse.com/security/cve/CVE-2021-37664.html
   https://www.suse.com/security/cve/CVE-2021-37665.html
   https://www.suse.com/security/cve/CVE-2021-37666.html
   https://www.suse.com/security/cve/CVE-2021-37667.html
   https://www.suse.com/security/cve/CVE-2021-37668.html
   https://www.suse.com/security/cve/CVE-2021-37669.html
   https://www.suse.com/security/cve/CVE-2021-37670.html
   https://www.suse.com/security/cve/CVE-2021-37671.html
   https://www.suse.com/security/cve/CVE-2021-37672.html
   https://www.suse.com/security/cve/CVE-2021-37673.html
   https://www.suse.com/security/cve/CVE-2021-37674.html
   https://www.suse.com/security/cve/CVE-2021-37675.html
   https://www.suse.com/security/cve/CVE-2021-37676.html
   https://www.suse.com/security/cve/CVE-2021-37677.html
   https://www.suse.com/security/cve/CVE-2021-37678.html
   https://www.suse.com/security/cve/CVE-2021-37679.html
   https://www.suse.com/security/cve/CVE-2021-37680.html
   https://www.suse.com/security/cve/CVE-2021-37681.html
   https://www.suse.com/security/cve/CVE-2021-37682.html
   https://www.suse.com/security/cve/CVE-2021-37683.html
   https://www.suse.com/security/cve/CVE-2021-37684.html
   https://www.suse.com/security/cve/CVE-2021-37685.html
   https://www.suse.com/security/cve/CVE-2021-37686.html
   https://www.suse.com/security/cve/CVE-2021-37687.html
   https://www.suse.com/security/cve/CVE-2021-37688.html
   https://www.suse.com/security/cve/CVE-2021-37689.html
   https://www.suse.com/security/cve/CVE-2021-37690.html
   https://www.suse.com/security/cve/CVE-2021-37691.html
   https://www.suse.com/security/cve/CVE-2021-37692.html
   https://bugzilla.suse.com/1173128
   https://bugzilla.suse.com/1173314
   https://bugzilla.suse.com/1178287
   https://bugzilla.suse.com/1178564
   https://bugzilla.suse.com/1179455
   https://bugzilla.suse.com/1181864
   https://bugzilla.suse.com/1186860
   https://bugzilla.suse.com/1189423

openSUSE: 2022:10014-1 moderate: tensorflow2

June 18, 2022
An update that fixes 63 vulnerabilities is now available

Description

This update for tensorflow fixes the following issues: Update to TF2 2.6.0 which fixes multiple CVEs (boo#1189423). - Introduction of bazel6.3 and basel-skylib1.0.3 as build dependencies. The latter has been adapted to all a version in its package name (if %set_ver_suffix is set to 1). This allows multiple versions to exist for one product (not installed). NOTE: basel-skylib1.0.3 does not exist in oS:Factory: basel-skylib in oS:Factory - the base version - is 1.0.3.

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-10014=1


Package List

- openSUSE Backports SLE-15-SP3 (aarch64 s390x x86_64): tensorflow2-lite-2.6.0-bp153.2.3.1 tensorflow2-lite-debuginfo-2.6.0-bp153.2.3.1 tensorflow2-lite-debugsource-2.6.0-bp153.2.3.1 tensorflow2-lite-devel-2.6.0-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (aarch64 x86_64): bazel3.7-3.7.2-bp153.2.1 libtensorflow2-2.6.0-bp153.2.3.1 libtensorflow2-debuginfo-2.6.0-bp153.2.3.1 libtensorflow2-gnu-hpc-2.6.0-bp153.2.3.1 libtensorflow2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 libtensorflow2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_cc2-2.6.0-bp153.2.3.1 libtensorflow_cc2-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_cc2-gnu-hpc-2.6.0-bp153.2.3.1 libtensorflow_cc2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_cc2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 libtensorflow_cc2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_framework2-2.6.0-bp153.2.3.1 libtensorflow_framework2-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_framework2-gnu-hpc-2.6.0-bp153.2.3.1 libtensorflow_framework2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_framework2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 libtensorflow_framework2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 tensorflow2-2.6.0-bp153.2.3.1 tensorflow2-debuginfo-2.6.0-bp153.2.3.1 tensorflow2-debugsource-2.6.0-bp153.2.3.1 tensorflow2-devel-2.6.0-bp153.2.3.1 tensorflow2-doc-2.6.0-bp153.2.3.1 tensorflow2-gnu-hpc-2.6.0-bp153.2.3.1 tensorflow2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-debugsource-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-devel-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-doc-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-debugsource-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-devel-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-doc-2.6.0-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (ppc64le): bazel3.7-3.7.2-bp153.4.1 - openSUSE Backports SLE-15-SP3 (x86_64): libiomp5-2.6.0-bp153.2.3.1 libiomp5-debuginfo-2.6.0-bp153.2.3.1 libiomp5-gnu-hpc-2.6.0-bp153.2.3.1 libiomp5-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 libiomp5-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 libiomp5-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (noarch): bazel-skylib1.0.3-source-1.0.3-bp153.2.1


References

https://www.suse.com/security/cve/CVE-2020-26266.html https://www.suse.com/security/cve/CVE-2020-26267.html https://www.suse.com/security/cve/CVE-2020-26268.html https://www.suse.com/security/cve/CVE-2020-26270.html https://www.suse.com/security/cve/CVE-2020-26271.html https://www.suse.com/security/cve/CVE-2021-37635.html https://www.suse.com/security/cve/CVE-2021-37636.html https://www.suse.com/security/cve/CVE-2021-37637.html https://www.suse.com/security/cve/CVE-2021-37638.html https://www.suse.com/security/cve/CVE-2021-37639.html https://www.suse.com/security/cve/CVE-2021-37640.html https://www.suse.com/security/cve/CVE-2021-37641.html https://www.suse.com/security/cve/CVE-2021-37642.html https://www.suse.com/security/cve/CVE-2021-37643.html https://www.suse.com/security/cve/CVE-2021-37644.html https://www.suse.com/security/cve/CVE-2021-37645.html https://www.suse.com/security/cve/CVE-2021-37646.html https://www.suse.com/security/cve/CVE-2021-37647.html https://www.suse.com/security/cve/CVE-2021-37648.html https://www.suse.com/security/cve/CVE-2021-37649.html https://www.suse.com/security/cve/CVE-2021-37650.html https://www.suse.com/security/cve/CVE-2021-37651.html https://www.suse.com/security/cve/CVE-2021-37652.html https://www.suse.com/security/cve/CVE-2021-37653.html https://www.suse.com/security/cve/CVE-2021-37654.html https://www.suse.com/security/cve/CVE-2021-37655.html https://www.suse.com/security/cve/CVE-2021-37656.html https://www.suse.com/security/cve/CVE-2021-37657.html https://www.suse.com/security/cve/CVE-2021-37658.html https://www.suse.com/security/cve/CVE-2021-37659.html https://www.suse.com/security/cve/CVE-2021-37660.html https://www.suse.com/security/cve/CVE-2021-37661.html https://www.suse.com/security/cve/CVE-2021-37662.html https://www.suse.com/security/cve/CVE-2021-37663.html https://www.suse.com/security/cve/CVE-2021-37664.html https://www.suse.com/security/cve/CVE-2021-37665.html https://www.suse.com/security/cve/CVE-2021-37666.html https://www.suse.com/security/cve/CVE-2021-37667.html https://www.suse.com/security/cve/CVE-2021-37668.html https://www.suse.com/security/cve/CVE-2021-37669.html https://www.suse.com/security/cve/CVE-2021-37670.html https://www.suse.com/security/cve/CVE-2021-37671.html https://www.suse.com/security/cve/CVE-2021-37672.html https://www.suse.com/security/cve/CVE-2021-37673.html https://www.suse.com/security/cve/CVE-2021-37674.html https://www.suse.com/security/cve/CVE-2021-37675.html https://www.suse.com/security/cve/CVE-2021-37676.html https://www.suse.com/security/cve/CVE-2021-37677.html https://www.suse.com/security/cve/CVE-2021-37678.html https://www.suse.com/security/cve/CVE-2021-37679.html https://www.suse.com/security/cve/CVE-2021-37680.html https://www.suse.com/security/cve/CVE-2021-37681.html https://www.suse.com/security/cve/CVE-2021-37682.html https://www.suse.com/security/cve/CVE-2021-37683.html https://www.suse.com/security/cve/CVE-2021-37684.html https://www.suse.com/security/cve/CVE-2021-37685.html https://www.suse.com/security/cve/CVE-2021-37686.html https://www.suse.com/security/cve/CVE-2021-37687.html https://www.suse.com/security/cve/CVE-2021-37688.html https://www.suse.com/security/cve/CVE-2021-37689.html https://www.suse.com/security/cve/CVE-2021-37690.html https://www.suse.com/security/cve/CVE-2021-37691.html https://www.suse.com/security/cve/CVE-2021-37692.html https://bugzilla.suse.com/1173128 https://bugzilla.suse.com/1173314 https://bugzilla.suse.com/1178287 https://bugzilla.suse.com/1178564 https://bugzilla.suse.com/1179455 https://bugzilla.suse.com/1181864 https://bugzilla.suse.com/1186860 https://bugzilla.suse.com/1189423


Severity
Announcement ID: openSUSE-SU-2022:10014-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP3 .

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved