From d0e6311f6a65c7fbb7dbbfbeb5b950a93ba0f61c Mon Sep 17 00:00:00 2001 From: Emma Date: Mon, 15 Jan 2024 09:52:35 +0800 Subject: [PATCH] Some fixes for security issue (#1094) * Fix some security issue * Change back version for transformers * Add some comments --- docker/dockerfile.merlin | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docker/dockerfile.merlin b/docker/dockerfile.merlin index 1640eb097..65a6be4f9 100644 --- a/docker/dockerfile.merlin +++ b/docker/dockerfile.merlin @@ -169,6 +169,9 @@ RUN ARCH=$([ "${TARGETARCH}" = "arm64" ] && echo "sbsa" || echo "x86_64") && \ apt-key adv --fetch-keys https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/${ARCH}/3bf863cc.pub && \ add-apt-repository "deb https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/${ARCH}/ /" && \ apt install -y --no-install-recommends \ + # Add libc and libc-bin for security issue VE-2023-4911 + libc6 \ + libc-bin \ ca-certificates \ clang-format \ curl \ @@ -300,8 +303,9 @@ COPY --chown=1000:1000 --from=dlfw /usr/local/lib/python${PYTHON_VERSION}/dist-p COPY --chown=1000:1000 --from=dlfw /usr/local/lib/python${PYTHON_VERSION}/dist-packages/cubinlinker-*.dist-info /usr/local/lib/python${PYTHON_VERSION}/dist-packages/cubinlinker.dist-info/ # There 'Illegal instruction' error, add env 'LIGHTFM_NO_CFLAGS' to workaround +# Add pyarrow-hotfix for https://github.com/advisories/GHSA-5wvp-7f3h-6wmm ENV LIGHTFM_NO_CFLAGS=1 -RUN pip install --no-cache-dir jupyterlab notebook pydot testbook numpy==1.22.4 lightfm +RUN pip install --no-cache-dir jupyterlab notebook pydot testbook numpy==1.22.4 lightfm pyarrow-hotfix ENV JUPYTER_CONFIG_DIR=/tmp/.jupyter ENV JUPYTER_DATA_DIR=/tmp/.jupyter