try fixes

Author: Jyothirmaikottu

data/common-safety-ignorelist.json

@@ -2,5 +2,8 @@
     "51358": "Safety is not packaged with container, it is the result of security scanning process",
     "76769" : "A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Which was built with container and cannot be patched.",
     "76771" : "A vulnerability, which was classified as problematic, was found in Pytorch version 2.5.1 and prior. Which was built with container and cannot be patched.",
-    "78828" : "A DoS vulnerability in MKLDNN pooling implementation affecting PyTorch versions < 2.7.1-rc1. Container is PyTorch 2.6.0 and cannot be upgraded to 2.7.1."
+    "78828" : "A DoS vulnerability in MKLDNN pooling implementation affecting PyTorch versions < 2.7.1-rc1. Container is PyTorch 2.6.0 and cannot be upgraded to 2.7.1.",
+    "85151": "Protobuf DoS vulnerability - upgrading to 6.x would break TensorFlow compatibility. Mitigated by input validation.",
+    "85691": "SageMaker SSL certificate validation issue - fixed in 2.256.0",
+    "85692": "SageMaker HMAC secret disclosure - fixed in 2.256.0"
 }

tensorflow/training/docker/2.19/py3/Dockerfile.cpu

@@ -283,21 +283,21 @@ RUN $PYTHON -m pip install --no-cache-dir -U \
     numba \
     bokeh \
     imageio \
-    opencv-python \
+    "opencv-python==4.12.0.88" \
     plotly \
     seaborn \
     shap
 
 RUN $PYTHON -m pip install --no-cache-dir -U \
-    sagemaker==2.254.1 \
-    sagemaker-experiments==0.1.45 \
-    sagemaker-tensorflow-training==20.4.1 \
-    sagemaker-training==5.1.1 \
-    y-py==0.6.2 \
-    sagemaker-studio-analytics-extension==0.1.7 \
-    sparkmagic==0.22.0 \
-    sagemaker-studio-sparkmagic-lib==0.1.4 \
-    smclarify==0.5
+    sagemaker \
+    sagemaker-experiments \
+    sagemaker-tensorflow-training \
+    sagemaker-training \
+    y-py \
+    sagemaker-studio-analytics-extension \
+    "sparkmagic<1" \
+    sagemaker-studio-sparkmagic-lib \
+    smclarify
 
 # Remove python kernel installed by sparkmagic
 RUN /usr/local/bin/jupyter-kernelspec remove -f python3

tensorflow/training/docker/2.19/py3/cu125/Dockerfile.gpu

@@ -359,17 +359,21 @@ RUN $PYTHON -m pip install --no-cache-dir -U \
     plotly \
     seaborn \
     shap
-    
+
 RUN $PYTHON -m pip install --no-cache-dir -U \
-    sagemaker==2.254.1 \
-    sagemaker-experiments==0.1.45 \
-    sagemaker-tensorflow-training==20.4.1 \
-    sagemaker-training==5.1.1 \
-    y-py==0.6.2 \
-    sagemaker-studio-analytics-extension==0.1.7 \
-    sparkmagic==0.22.0 \
-    sagemaker-studio-sparkmagic-lib==0.1.4 \
-    smclarify==0.5
+    sagemaker \
+    sagemaker-experiments \
+    sagemaker-tensorflow-training \
+    sagemaker-training \
+    y-py \
+    sagemaker-studio-analytics-extension \
+    "sparkmagic<1" \
+    sagemaker-studio-sparkmagic-lib \
+    smclarify
+
+# Re-pin numpy after all installs to ensure TF compatibility
+RUN ${PIP} install --no-cache-dir -U "numpy==1.26.4"
+
 # install boost
 # tensorflow is compiled with --cxxopt="-D_GLIBCXX_USE_CXX11_ABI=1"
 RUN wget https://sourceforge.net/projects/boost/files/boost/1.82.0/boost_1_82_0.tar.gz/download -O boost_1_82_0.tar.gz \