openSUSE-SU-2022:10014-1: moderate: Security update for tensorflow2
openSUSE Security Update: Security update for tensorflow2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:10014-1 Rating: moderate References: #1173128 #1173314 #1178287 #1178564 #1179455 #1181864 #1186860 #1189423 Cross-References: CVE-2020-26266 CVE-2020-26267 CVE-2020-26268 CVE-2020-26270 CVE-2020-26271 CVE-2021-37635 CVE-2021-37636 CVE-2021-37637 CVE-2021-37638 CVE-2021-37639 CVE-2021-37640 CVE-2021-37641 CVE-2021-37642 CVE-2021-37643 CVE-2021-37644 CVE-2021-37645 CVE-2021-37646 CVE-2021-37647 CVE-2021-37648 CVE-2021-37649 CVE-2021-37650 CVE-2021-37651 CVE-2021-37652 CVE-2021-37653 CVE-2021-37654 CVE-2021-37655 CVE-2021-37656 CVE-2021-37657 CVE-2021-37658 CVE-2021-37659 CVE-2021-37660 CVE-2021-37661 CVE-2021-37662 CVE-2021-37663 CVE-2021-37664 CVE-2021-37665 CVE-2021-37666 CVE-2021-37667 CVE-2021-37668 CVE-2021-37669 CVE-2021-37670 CVE-2021-37671 CVE-2021-37672 CVE-2021-37673 CVE-2021-37674 CVE-2021-37675 CVE-2021-37676 CVE-2021-37677 CVE-2021-37678 CVE-2021-37679 CVE-2021-37680 CVE-2021-37681 CVE-2021-37682 CVE-2021-37683 CVE-2021-37684 CVE-2021-37685 CVE-2021-37686 CVE-2021-37687 CVE-2021-37688 CVE-2021-37689 CVE-2021-37690 CVE-2021-37691 CVE-2021-37692 CVSS scores: CVE-2020-26266 (NVD) : 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVE-2020-26268 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L CVE-2020-26270 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2020-26271 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-37639 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes 63 vulnerabilities is now available. Description: This update for tensorflow fixes the following issues: Update to TF2 2.6.0 which fixes multiple CVEs (boo#1189423). - Introduction of bazel6.3 and basel-skylib1.0.3 as build dependencies. The latter has been adapted to all a version in its package name (if %set_ver_suffix is set to 1). This allows multiple versions to exist for one product (not installed). NOTE: basel-skylib1.0.3 does not exist in oS:Factory: basel-skylib in oS:Factory - the base version - is 1.0.3. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-10014=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 s390x x86_64): tensorflow2-lite-2.6.0-bp153.2.3.1 tensorflow2-lite-debuginfo-2.6.0-bp153.2.3.1 tensorflow2-lite-debugsource-2.6.0-bp153.2.3.1 tensorflow2-lite-devel-2.6.0-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (aarch64 x86_64): bazel3.7-3.7.2-bp153.2.1 libtensorflow2-2.6.0-bp153.2.3.1 libtensorflow2-debuginfo-2.6.0-bp153.2.3.1 libtensorflow2-gnu-hpc-2.6.0-bp153.2.3.1 libtensorflow2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 libtensorflow2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_cc2-2.6.0-bp153.2.3.1 libtensorflow_cc2-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_cc2-gnu-hpc-2.6.0-bp153.2.3.1 libtensorflow_cc2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_cc2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 libtensorflow_cc2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_framework2-2.6.0-bp153.2.3.1 libtensorflow_framework2-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_framework2-gnu-hpc-2.6.0-bp153.2.3.1 libtensorflow_framework2-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 libtensorflow_framework2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 libtensorflow_framework2-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 tensorflow2-2.6.0-bp153.2.3.1 tensorflow2-debuginfo-2.6.0-bp153.2.3.1 tensorflow2-debugsource-2.6.0-bp153.2.3.1 tensorflow2-devel-2.6.0-bp153.2.3.1 tensorflow2-doc-2.6.0-bp153.2.3.1 tensorflow2-gnu-hpc-2.6.0-bp153.2.3.1 tensorflow2-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-debugsource-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-devel-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-hpc-doc-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-debugsource-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-devel-2.6.0-bp153.2.3.1 tensorflow2_2_6_0-gnu-openmpi2-hpc-doc-2.6.0-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (ppc64le): bazel3.7-3.7.2-bp153.4.1 - openSUSE Backports SLE-15-SP3 (x86_64): libiomp5-2.6.0-bp153.2.3.1 libiomp5-debuginfo-2.6.0-bp153.2.3.1 libiomp5-gnu-hpc-2.6.0-bp153.2.3.1 libiomp5-gnu-hpc-debuginfo-2.6.0-bp153.2.3.1 libiomp5-gnu-openmpi2-hpc-2.6.0-bp153.2.3.1 libiomp5-gnu-openmpi2-hpc-debuginfo-2.6.0-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (noarch): bazel-skylib1.0.3-source-1.0.3-bp153.2.1 References: https://www.suse.com/security/cve/CVE-2020-26266.html https://www.suse.com/security/cve/CVE-2020-26267.html https://www.suse.com/security/cve/CVE-2020-26268.html https://www.suse.com/security/cve/CVE-2020-26270.html https://www.suse.com/security/cve/CVE-2020-26271.html https://www.suse.com/security/cve/CVE-2021-37635.html https://www.suse.com/security/cve/CVE-2021-37636.html https://www.suse.com/security/cve/CVE-2021-37637.html https://www.suse.com/security/cve/CVE-2021-37638.html https://www.suse.com/security/cve/CVE-2021-37639.html https://www.suse.com/security/cve/CVE-2021-37640.html https://www.suse.com/security/cve/CVE-2021-37641.html https://www.suse.com/security/cve/CVE-2021-37642.html https://www.suse.com/security/cve/CVE-2021-37643.html https://www.suse.com/security/cve/CVE-2021-37644.html https://www.suse.com/security/cve/CVE-2021-37645.html https://www.suse.com/security/cve/CVE-2021-37646.html https://www.suse.com/security/cve/CVE-2021-37647.html https://www.suse.com/security/cve/CVE-2021-37648.html https://www.suse.com/security/cve/CVE-2021-37649.html https://www.suse.com/security/cve/CVE-2021-37650.html https://www.suse.com/security/cve/CVE-2021-37651.html https://www.suse.com/security/cve/CVE-2021-37652.html https://www.suse.com/security/cve/CVE-2021-37653.html https://www.suse.com/security/cve/CVE-2021-37654.html https://www.suse.com/security/cve/CVE-2021-37655.html https://www.suse.com/security/cve/CVE-2021-37656.html https://www.suse.com/security/cve/CVE-2021-37657.html https://www.suse.com/security/cve/CVE-2021-37658.html https://www.suse.com/security/cve/CVE-2021-37659.html https://www.suse.com/security/cve/CVE-2021-37660.html https://www.suse.com/security/cve/CVE-2021-37661.html https://www.suse.com/security/cve/CVE-2021-37662.html https://www.suse.com/security/cve/CVE-2021-37663.html https://www.suse.com/security/cve/CVE-2021-37664.html https://www.suse.com/security/cve/CVE-2021-37665.html https://www.suse.com/security/cve/CVE-2021-37666.html https://www.suse.com/security/cve/CVE-2021-37667.html https://www.suse.com/security/cve/CVE-2021-37668.html https://www.suse.com/security/cve/CVE-2021-37669.html https://www.suse.com/security/cve/CVE-2021-37670.html https://www.suse.com/security/cve/CVE-2021-37671.html https://www.suse.com/security/cve/CVE-2021-37672.html https://www.suse.com/security/cve/CVE-2021-37673.html https://www.suse.com/security/cve/CVE-2021-37674.html https://www.suse.com/security/cve/CVE-2021-37675.html https://www.suse.com/security/cve/CVE-2021-37676.html https://www.suse.com/security/cve/CVE-2021-37677.html https://www.suse.com/security/cve/CVE-2021-37678.html https://www.suse.com/security/cve/CVE-2021-37679.html https://www.suse.com/security/cve/CVE-2021-37680.html https://www.suse.com/security/cve/CVE-2021-37681.html https://www.suse.com/security/cve/CVE-2021-37682.html https://www.suse.com/security/cve/CVE-2021-37683.html https://www.suse.com/security/cve/CVE-2021-37684.html https://www.suse.com/security/cve/CVE-2021-37685.html https://www.suse.com/security/cve/CVE-2021-37686.html https://www.suse.com/security/cve/CVE-2021-37687.html https://www.suse.com/security/cve/CVE-2021-37688.html https://www.suse.com/security/cve/CVE-2021-37689.html https://www.suse.com/security/cve/CVE-2021-37690.html https://www.suse.com/security/cve/CVE-2021-37691.html https://www.suse.com/security/cve/CVE-2021-37692.html https://bugzilla.suse.com/1173128 https://bugzilla.suse.com/1173314 https://bugzilla.suse.com/1178287 https://bugzilla.suse.com/1178564 https://bugzilla.suse.com/1179455 https://bugzilla.suse.com/1181864 https://bugzilla.suse.com/1186860 https://bugzilla.suse.com/1189423
participants (1)
-
opensuse-security@opensuse.org