patch tf training 2.19 (#5388)

* patch tf training 2.19

* offboard tf 2.19 training

* disable regression test

Author: sirutBuasai

tensorflow/training/buildspec-2-19-sm.yml

@@ -5,7 +5,7 @@ framework: &FRAMEWORK tensorflow
 version: &VERSION 2.19.0
 short_version: &SHORT_VERSION "2.19"
 arch_type: x86
-autopatch_build: "True"
+# autopatch_build: "True"
 
 repository_info:
   training_repository: &TRAINING_REPOSITORY
@@ -42,7 +42,7 @@ images:
     tag_python_version: &TAG_PYTHON_VERSION py312
     os_version: &OS_VERSION ubuntu22.04
     tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION, "-sagemaker" ]
-    latest_release_tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION, "-sagemaker" ]
+    # latest_release_tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION, "-sagemaker" ]
     docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /Dockerfile., *DEVICE_TYPE ]
     # build_tag_override: "pr:2.16.2-cpu-py310-ubuntu20.04-sagemaker-pr-4362-autopatch"
     target: sagemaker
@@ -59,7 +59,7 @@ images:
     cuda_version: &CUDA_VERSION cu125
     os_version: &OS_VERSION ubuntu22.04
     tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *CUDA_VERSION, "-", *OS_VERSION, "-sagemaker" ]
-    latest_release_tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *CUDA_VERSION, "-", *OS_VERSION, "-sagemaker" ]
+    # latest_release_tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *CUDA_VERSION, "-", *OS_VERSION, "-sagemaker" ]
     docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /, *CUDA_VERSION, /Dockerfile., *DEVICE_TYPE ]
     # build_tag_override: "pr:2.16.2-gpu-py310-cu123-ubuntu20.04-sagemaker-pr-4362-autopatch"
     target: sagemaker

tensorflow/training/docker/2.19/py3/Dockerfile.cpu

@@ -264,7 +264,7 @@ RUN pip install --no-cache-dir -U \
 # https://github.com/tensorflow/models/issues/9267
 # tf-models does not respect existing installations of TF and always installs open source TF
 RUN ${PIP} install \
-    --default-timeout=300 \ 
+    --default-timeout=300 \
     --retries 5 \
     --no-cache-dir -U \
     "tf-models-official==${TF_VERSION}.1" \
@@ -302,6 +302,9 @@ RUN $PYTHON -m pip install --no-cache-dir -U \
 # Remove python kernel installed by sparkmagic
 RUN /usr/local/bin/jupyter-kernelspec remove -f python3
 
+# Remove ipykernel
+RUN rm -rf /usr/local/share/jupyter/kernels/python3/kernel.json
+
 # remove tmp files
 RUN rm -rf /tmp/*
 

tensorflow/training/docker/2.19/py3/Dockerfile.sagemaker.cpu.os_scan_allowlist.json

@@ -181,97 +181,97 @@
       "reason_to_ignore": "N/A"
     }
   ],
-  "form-data": [
+  "dpkg": [
     {
-      "description": "Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.\n\nThis issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.",
-      "vulnerability_id": "CVE-2025-7783",
-      "name": "CVE-2025-7783",
-      "package_name": "form-data",
+      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.",
+      "vulnerability_id": "CVE-2025-6297",
+      "name": "CVE-2025-6297",
+      "package_name": "dpkg",
       "package_details": {
-        "file_path": "/usr/local/lib/python3.12/site-packages/jupyterlab/staging/yarn.lock",
-        "name": "form-data",
-        "package_manager": "NODE",
-        "version": "4.0.2",
+        "file_path": null,
+        "name": "dpkg",
+        "package_manager": "OS",
+        "version": "1.21.1ubuntu2.3",
         "release": null
       },
       "remediation": {
         "recommendation": {
           "text": "None Provided"
         }
       },
-      "cvss_v3_score": 0.0,
+      "cvss_v3_score": 8.2,
       "cvss_v30_score": 0.0,
-      "cvss_v31_score": 0.0,
+      "cvss_v31_score": 8.2,
       "cvss_v2_score": 0.0,
-      "cvss_v3_severity": "CRITICAL",
-      "title": "CVE-2025-7783 - form-data",
-      "source": "NVD",
-      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7783",
-      "severity": "CRITICAL",
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
       "status": "ACTIVE",
+      "title": "CVE-2025-6297 - dpkg, libdpkg-perl",
       "reason_to_ignore": "N/A"
     }
   ],
-  "dpkg": [
+  "libdpkg-perl": [
     {
-      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.", 
-      "vulnerability_id": "CVE-2025-6297", 
-      "name": "CVE-2025-6297", 
-      "package_name": "dpkg", 
+      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.",
+      "vulnerability_id": "CVE-2025-6297",
+      "name": "CVE-2025-6297",
+      "package_name": "libdpkg-perl",
       "package_details": {
-        "file_path": null, 
-        "name": "dpkg", 
-        "package_manager": "OS", 
-        "version": "1.21.1ubuntu2.3", 
+        "file_path": null,
+        "name": "libdpkg-perl",
+        "package_manager": "OS",
+        "version": "1.21.1ubuntu2.3",
         "release": null
-        }, 
-        "remediation": {
-          "recommendation": {
-            "text": "None Provided"
-          }
-        }, 
-        "cvss_v3_score": 8.2, 
-        "cvss_v30_score": 0.0, 
-        "cvss_v31_score": 8.2, 
-        "cvss_v2_score": 0.0, 
-        "cvss_v3_severity": "HIGH", 
-        "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html", 
-        "source": "UBUNTU_CVE", 
-        "severity": "HIGH", 
-        "status": "ACTIVE", 
-        "title": "CVE-2025-6297 - dpkg, libdpkg-perl", 
-        "reason_to_ignore": "N/A"
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 8.2,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 8.2,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-6297 - dpkg, libdpkg-perl",
+      "reason_to_ignore": "N/A"
     }
-  ], 
-  "libdpkg-perl": [
+  ],
+  "fast-redact": [
     {
-      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.", 
-      "vulnerability_id": "CVE-2025-6297", 
-      "name": "CVE-2025-6297", 
-      "package_name": "libdpkg-perl", 
+      "description": "fast-redact is a package that provides do very fast object redaction. A Prototype Pollution vulnerability in the nestedRestore function of fast-redact version 3.5.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence. NOTE: the Supplier disputes this because the reporter only demonstrated access to properties by an internal utility function, and there is no means for achieving prototype pollution via the public API.",
+      "vulnerability_id": "CVE-2025-57319",
+      "name": "CVE-2025-57319",
+      "package_name": "fast-redact",
       "package_details": {
-        "file_path": null, 
-        "name": "libdpkg-perl", 
-        "package_manager": "OS", 
-        "version": "1.21.1ubuntu2.3", 
+        "file_path": "/usr/local/lib/python3.12/site-packages/jupyterlab/staging/yarn.lock",
+        "name": "fast-redact",
+        "package_manager": "NODE",
+        "version": "3.5.0",
         "release": null
-        }, 
-        "remediation": {
-          "recommendation": {
-            "text": "None Provided"
-          }
-        }, 
-        "cvss_v3_score": 8.2, 
-        "cvss_v30_score": 0.0, 
-        "cvss_v31_score": 8.2, 
-        "cvss_v2_score": 0.0, 
-        "cvss_v3_severity": "HIGH", 
-        "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html", 
-        "source": "UBUNTU_CVE", 
-        "severity": "HIGH", 
-        "status": "ACTIVE", 
-        "title": "CVE-2025-6297 - dpkg, libdpkg-perl", 
-        "reason_to_ignore": "N/A"
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 7.5,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 7.5,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57319",
+      "source": "NVD",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-57319 - fast-redact",
+      "reason_to_ignore": "N/A"
     }
   ]
 }

tensorflow/training/docker/2.19/py3/cu125/Dockerfile.gpu

@@ -236,7 +236,7 @@ RUN mkdir -p /tmp/nvjpeg \
 && rm -rf /tmp/nvjpeg \
 # patch cuobjdump and nvdisasm
 && rm -rf /usr/local/cuda/bin/cuobjdump* \
-&& rm -rf /usr/local/cuda/bin/nvdisasm* 
+&& rm -rf /usr/local/cuda/bin/nvdisasm*
 
 ADD https://raw.githubusercontent.com/aws/deep-learning-containers/master/src/deep_learning_container.py /usr/local/bin/deep_learning_container.py
 RUN chmod +x /usr/local/bin/deep_learning_container.py
@@ -333,7 +333,7 @@ RUN pip install --no-cache-dir -U \
 # https://github.com/tensorflow/models/issues/9267
 # tf-models does not respect existing installations of TF and always installs open source TF
 RUN ${PIP} install \
-    --default-timeout=300 \ 
+    --default-timeout=300 \
     --retries 5 \
     --no-cache-dir -U \
     "tf-models-official==${TF_VERSION}.1" \
@@ -342,8 +342,8 @@ RUN ${PIP} install \
  && ${PIP} install --no-cache-dir -U \
     ${TF_URL} \
     "tensorflow-io==0.37.*" \
-    tensorflow-datasets 
-    
+    tensorflow-datasets
+
 # Install rust and cargo
 RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
 ENV PATH="/root/.cargo/bin:${PATH}"
@@ -386,6 +386,9 @@ ENV TF_AUTOTUNE_THRESHOLD=2
 # Remove python kernel installed by sparkmagic
 RUN /usr/local/bin/jupyter-kernelspec remove -f python3
 
+# Remove ipykernel
+RUN rm -rf /usr/local/share/jupyter/kernels/python3/kernel.json
+
 # remove tmp files
 RUN rm -rf /tmp/*