Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

python310Packages.tensorflow: mark insecure #224436

Merged
merged 2 commits into from
Apr 4, 2023
Merged

python310Packages.tensorflow: mark insecure #224436

merged 2 commits into from
Apr 4, 2023

Conversation

dotlambda
Copy link
Member

Description of changes

See https://github.com/tensorflow/tensorflow/blob/v2.12.0/RELEASE.md#security.

Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.05 Release Notes (or backporting 22.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@dotlambda dotlambda added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-22.11 labels Apr 3, 2023
@ofborg ofborg bot added 8.has: clean-up 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild 10.rebuild-linux: 0 This PR does not cause any packages to rebuild labels Apr 3, 2023
SomeoneSerge
SomeoneSerge approved these changes Apr 3, 2023
View reviewed changes
Copy link
Contributor

@SomeoneSerge SomeoneSerge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

❯ nix eval github:dotlambda/nixpkgs/tensorflow-insecure#python3Packages.tensorflow-bin.outPath
error: Package ‘python3.10-tensorflow-2.11.0’ in /nix/store/0yapaxkfdvcbk90z962y6jxn8qz9j59s-source/pkgs/development/python-modules/tensorflow/bin.nix:198 is marked as insecure, refusing to evaluate.


       Known issues:
        - CVE-2023-27579
        ...

Looks good as far as I'm concerned

This was referenced Apr 3, 2023
Closed
Closed
@dotlambda dotlambda merged commit adb2e5a into NixOS:master Apr 4, 2023
@dotlambda dotlambda deleted the tensorflow-insecure branch April 4, 2023 14:21
@github-actions github-actions bot mentioned this pull request Apr 4, 2023
Closed
1 task
@github-actions
Copy link
Contributor

github-actions bot commented Apr 4, 2023

Successfully created backport PR for release-22.11:

@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/tensorflow-unstable-not-installing-after-update/27041/2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SomeoneSerge SomeoneSerge SomeoneSerge approved these changes

@Mic92 Mic92 Awaiting requested review from Mic92

@mweinelt mweinelt Awaiting requested review from mweinelt

@veprbl veprbl Awaiting requested review from veprbl

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: python 8.has: clean-up 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild 10.rebuild-linux: 0 This PR does not cause any packages to rebuild
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dotlambda @nixos-discourse @SomeoneSerge