Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update to tensorflow 2.6.1 in Rasa 2.8.x #10241

Closed
hsm207 opened this issue Nov 16, 2021 · 2 comments · Fixed by #10240
Closed

Update to tensorflow 2.6.1 in Rasa 2.8.x #10241

hsm207 opened this issue Nov 16, 2021 · 2 comments · Fixed by #10240
Assignees
@hsm207
Labels
area:rasa-oss 🎡 Anything related to the open source Rasa framework

Comments

@hsm207
Copy link
Contributor

hsm207 commented Nov 16, 2021
edited by rasabot-exalate
Loading

Rasa Open Source version

2.8.13

Rasa SDK version

No response

Rasa X version

No response

Python version

3.8

What operating system are you using?

Linux

What happened?

Tensorflow 2.6.0 has the following security vulnerabilities:

CRIT Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-57wx-m983-2f88 - GHSA-57wx-m983-2f88) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37635 - https://nvd.nist.gov/vuln/detail/CVE-2021-37635) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37638 - https://nvd.nist.gov/vuln/detail/CVE-2021-37638) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37639 - https://nvd.nist.gov/vuln/detail/CVE-2021-37639) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37641 - https://nvd.nist.gov/vuln/detail/CVE-2021-37641) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37643 - https://nvd.nist.gov/vuln/detail/CVE-2021-37643) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37648 - https://nvd.nist.gov/vuln/detail/CVE-2021-37648) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37650 - https://nvd.nist.gov/vuln/detail/CVE-2021-37650) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37651 - https://nvd.nist.gov/vuln/detail/CVE-2021-37651) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37652 - https://nvd.nist.gov/vuln/detail/CVE-2021-37652) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37654 - https://nvd.nist.gov/vuln/detail/CVE-2021-37654) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37655 - https://nvd.nist.gov/vuln/detail/CVE-2021-37655) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37656 - https://nvd.nist.gov/vuln/detail/CVE-2021-37656) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37657 - https://nvd.nist.gov/vuln/detail/CVE-2021-37657) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37658 - https://nvd.nist.gov/vuln/detail/CVE-2021-37658) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37659 - https://nvd.nist.gov/vuln/detail/CVE-2021-37659) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37662 - https://nvd.nist.gov/vuln/detail/CVE-2021-37662) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37663 - https://nvd.nist.gov/vuln/detail/CVE-2021-37663) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37664 - https://nvd.nist.gov/vuln/detail/CVE-2021-37664) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37665 - https://nvd.nist.gov/vuln/detail/CVE-2021-37665) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37666 - https://nvd.nist.gov/vuln/detail/CVE-2021-37666) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37667 - https://nvd.nist.gov/vuln/detail/CVE-2021-37667) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37671 - https://nvd.nist.gov/vuln/detail/CVE-2021-37671) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37676 - https://nvd.nist.gov/vuln/detail/CVE-2021-37676) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37678 - https://nvd.nist.gov/vuln/detail/CVE-2021-37678) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37679 - https://nvd.nist.gov/vuln/detail/CVE-2021-37679) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37681 - https://nvd.nist.gov/vuln/detail/CVE-2021-37681) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (CVE-2021-37682 - https://nvd.nist.gov/vuln/detail/CVE-2021-37682) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-374m-jm66-3vj8 - GHSA-374m-jm66-3vj8) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-3rcw-9p9x-582v - GHSA-3rcw-9p9x-582v) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-49rx-x2rw-pc6f - GHSA-49rx-x2rw-pc6f) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-4f99-p9c2-3j8x - GHSA-4f99-p9c2-3j8x) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-7pxj-m4jf-r6h2 - GHSA-7pxj-m4jf-r6h2) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-cqv6-3phm-hcwx - GHSA-cqv6-3phm-hcwx) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-cvgx-3v3q-m36c - GHSA-cvgx-3v3q-m36c) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-f54p-f6jp-4rhr - GHSA-f54p-f6jp-4rhr) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-fr77-rrx3-cp7g - GHSA-fr77-rrx3-cp7g) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-gpfh-jvf9-7wg5 - GHSA-gpfh-jvf9-7wg5) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-j86v-p27c-73fm - GHSA-j86v-p27c-73fm) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-m342-ff57-4jcc - GHSA-m342-ff57-4jcc) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-pgcq-h79j-2f69 - GHSA-pgcq-h79j-2f69) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-rg3m-hqc5-344v - GHSA-rg3m-hqc5-344v) HIGH Vulnerability found in non-os package type (python) - /opt/venv/lib/python3.8/site-packages/tensorflow (fixed in: 2.6.1)(GHSA-vwhq-49r4-gj9v - GHSA-vwhq-49r4-gj9v)

Command / Request

No response

Relevant log output

No response
@hsm207 hsm207 added type:bug 🐛 Inconsistencies or issues which will cause an issue or problem for users or implementors. area:rasa-oss 🎡 Anything related to the open source Rasa framework labels Nov 16, 2021
@hsm207 hsm207 self-assigned this Nov 16, 2021
@hsm207 hsm207 mentioned this issue Nov 16, 2021
Merged
4 tasks
@koaning
Copy link
Contributor

koaning commented Nov 16, 2021
edited by rasabot-exalate
Loading

Exalate commented:

koaning commented:

Is there anything preventing us from upgrading to 2.7?

@hsm207 hsm207 linked a pull request Nov 16, 2021 that will close this issue
Update Dependencies #10240
Merged
4 tasks
@hsm207
Copy link
Contributor Author

hsm207 commented Nov 17, 2021
edited by rasabot-exalate
Loading

Exalate commented:

hsm207 commented:

@koaning Micro updates are easier to do because they are bug/security fixes. Minor updates would require more thought in case thought it case they introduce regressions.

@hsm207 hsm207 mentioned this issue Nov 17, 2021
Closed
@rasabot-exalate rasabot-exalate added area:rasa-oss and removed type:bug 🐛 Inconsistencies or issues which will cause an issue or problem for users or implementors. area:rasa-oss 🎡 Anything related to the open source Rasa framework labels Mar 15, 2022 — with Exalate Issue Sync
@rasabot rasabot added area:rasa-oss 🎡 Anything related to the open source Rasa framework and removed area:rasa-oss labels Mar 16, 2022
@tmbo tmbo closed this as completed Aug 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hsm207 hsm207

Labels
area:rasa-oss 🎡 Anything related to the open source Rasa framework
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update Dependencies RasaHQ/rasa
5 participants
@koaning @tmbo @hsm207 @rasabot @rasabot-exalate