test python upgrade to 3.12

.github/CODEOWNERS

@@ -50,10 +50,10 @@ dgl_tests/ @aws/dlc-dgl-reviewers
 *triton* @aws/dlc-triton-reviewers
 
 # Files under stabilityai/ and huggingface/ directories can be directly reviewed by below teams
-stabilityai/ @aws/sagemaker-1p-algorithms
-huggingface/ @aws/sagemaker-1p-algorithms
-test/sagemaker_tests/huggingface/ @aws/sagemaker-1p-algorithms
-test/sagemaker_tests/huggingface_pytorch/ @aws/sagemaker-1p-algorithms
-test/sagemaker_tests/huggingface_tensorflow/ @aws/sagemaker-1p-algorithms
-test/sagemaker_tests/pytorch/inference/integration/sagemaker/test_stabilityai.py @aws/sagemaker-1p-algorithms
-test/sagemaker_tests/pytorch/inference/resources/stabilityai/ @aws/sagemaker-1p-algorithms
+stabilityai/ @aws/dl-containers
+huggingface/ @aws/dl-containers
+test/sagemaker_tests/huggingface/ @aws/dl-containers
+test/sagemaker_tests/huggingface_pytorch/ @aws/dl-containers
+test/sagemaker_tests/huggingface_tensorflow/ @aws/dl-containers
+test/sagemaker_tests/pytorch/inference/integration/sagemaker/test_stabilityai.py @aws/dl-containers
+test/sagemaker_tests/pytorch/inference/resources/stabilityai/ @aws/dl-containers

available_images.md

@@ -366,8 +366,12 @@ Note: Starting from Neuron SDK 2.17.0, Dockerfiles for PyTorch Neuron Containers
 
 | Framework                                                                                                                                          | Neuron Package                                           | Neuron SDK Version | Job Type  | Supported EC2 Instance Types | Python Version Options | Example URL                                                                                                          |
 |----------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------|--------------------|-----------|------------------------------|------------------------|----------------------------------------------------------------------------------------------------------------------|
+| [PyTorch 2.8.0](https://github.com/aws-neuron/deep-learning-containers/blob/2.26.0/docker/pytorch/inference/2.8.0/Dockerfile.neuronx)              | torch-neuronx, neuronx_distributed, neuronx_distributed_inference | Neuron 2.26.0      | inference | trn1,trn2,inf2                    | 3.11 (py311)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-inference-neuronx:2.8.0-neuronx-py311-sdk2.26.0-ubuntu22.04     |
+| [PyTorch 2.8.0](https://github.com/aws-neuron/deep-learning-containers/blob/2.26.0/docker/pytorch/training/2.8.0/Dockerfile.neuronx)              | torch-neuronx, neuronx_distributed, neuronx_distributed_training | Neuron 2.26.0      | training | trn1,trn2,inf2                    | 3.11 (py311)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-training-neuronx:2.8.0-neuronx-py311-sdk2.26.0-ubuntu22.04     |
 | [PyTorch 2.7.0](https://github.com/aws-neuron/deep-learning-containers/blob/2.25.0/docker/pytorch/inference/2.7.0/Dockerfile.neuronx)              | torch-neuronx, transformers-neuronx, neuronx_distributed, neuronx_distributed_inference | Neuron 2.25.0      | inference | trn1,trn2,inf2                    | 3.10 (py310)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-inference-neuronx:2.7.0-neuronx-py310-sdk2.25.0-ubuntu22.04     |
 | [PyTorch 2.7.0](https://github.com/aws-neuron/deep-learning-containers/blob/2.25.0/docker/pytorch/training/2.7.0/Dockerfile.neuronx)              | torch-neuronx, transformers-neuronx, neuronx_distributed, neuronx_distributed_training | Neuron 2.25.0      | training | trn1,trn2,inf2                    | 3.10 (py310)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-training-neuronx:2.7.0-neuronx-py310-sdk2.25.0-ubuntu22.04     |
+| [PyTorch 2.7.0](https://github.com/aws-neuron/deep-learning-containers/blob/2.24.1/docker/pytorch/inference/2.7.0/Dockerfile.neuronx)              | torch-neuronx, transformers-neuronx, neuronx_distributed, neuronx_distributed_inference | Neuron 2.24.1      | inference | trn1,trn2,inf2                    | 3.10 (py310)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-inference-neuronx:2.7.0-neuronx-py310-sdk2.24.1-ubuntu22.04     |
+| [PyTorch 2.7.0](https://github.com/aws-neuron/deep-learning-containers/blob/2.24.1/docker/pytorch/training/2.7.0/Dockerfile.neuronx)              | torch-neuronx, transformers-neuronx, neuronx_distributed, neuronx_distributed_training | Neuron 2.24.1      | training | trn1,trn2,inf2                    | 3.10 (py310)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-training-neuronx:2.7.0-neuronx-py310-sdk2.24.1-ubuntu22.04     |
 | [PyTorch 2.6.0](https://github.com/aws-neuron/deep-learning-containers/blob/2.23.0/docker/pytorch/inference/2.6.0/Dockerfile.neuronx)              | torch-neuronx, transformers-neuronx, neuronx_distributed, neuronx_distributed_inference | Neuron 2.23.0      | inference | trn1,trn2,inf2                    | 3.10 (py310)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-inference-neuronx:2.6.0-neuronx-py310-sdk2.23.0-ubuntu22.04     |
 | [PyTorch 2.6.0](https://github.com/aws-neuron/deep-learning-containers/blob/2.23.0/docker/pytorch/training/2.6.0/Dockerfile.neuronx)              | torch-neuronx, transformers-neuronx, neuronx_distributed, neuronx_distributed_training | Neuron 2.23.0      | training | trn1,trn2,inf2                    | 3.10 (py310)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-training-neuronx:2.6.0-neuronx-py310-sdk2.23.0-ubuntu22.04     |
 | [PyTorch 2.5.1](https://github.com/aws-neuron/deep-learning-containers/blob/2.22.0/docker/pytorch/inference/2.5.1/Dockerfile.neuronx)              | torch-neuronx, transformers-neuronx, neuronx_distributed, neuronx_distributed_inference | Neuron 2.22.0      | inference | trn1,trn2,inf2                    | 3.10 (py310)           | 763104351884.dkr.ecr.us-west-2.amazonaws.com/pytorch-inference-neuronx:2.5.1-neuronx-py310-sdk2.22.0-ubuntu22.04     |

dlc_developer_config.toml

@@ -37,12 +37,12 @@ deep_canary_mode = false
 [build]
 # Add in frameworks you would like to build. By default, builds are disabled unless you specify building an image.
 # available frameworks - ["base", "vllm", "autogluon", "huggingface_tensorflow", "huggingface_pytorch", "huggingface_tensorflow_trcomp", "huggingface_pytorch_trcomp", "pytorch_trcomp", "tensorflow", "pytorch", "stabilityai_pytorch"]
-build_frameworks = []
+build_frameworks = ["pytorch"]
 
 
 # By default we build both training and inference containers. Set true/false values to determine which to build.
 build_training = true
-build_inference = true
+build_inference = false
 
 # Set do_build to "false" to skip builds and test the latest image built by this PR
 # Note: at least one build is required to set do_build to "false"
@@ -122,7 +122,7 @@ use_scheduler = false
 dlc-pr-base = ""
 
 # Standard Framework Training
-dlc-pr-pytorch-training = ""
+dlc-pr-pytorch-training = "pytorch/training/buildspec-2-8-ec2.yml"
 dlc-pr-tensorflow-2-training = ""
 dlc-pr-autogluon-training = ""
 

huggingface/pytorch/training/docker/2.1/py3/sdk2.20.0/Dockerfile.neuronx.os_scan_allowlist.json

@@ -845,6 +845,35 @@
       }
     ],
     "linux-libc-dev": [
+      {
+         "description": "In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias(). In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will point beyond the buffer's end. Add the buffer overflow check after the 1st snprintf() call and fix such check after the strlen() call (accounting for the terminating NUL char).",
+         "vulnerability_id": "CVE-2024-38541",
+         "name": "CVE-2024-38541",
+         "package_name": "linux-libc-dev",
+         "package_details": {
+            "file_path": null,
+            "name": "linux-libc-dev",
+            "package_manager": "OS",
+            "version": "5.4.0",
+            "release": "192.212"
+         },
+         "remediation": {
+            "recommendation": {
+                  "text": "None Provided"
+            }
+         },
+         "cvss_v3_score": 7.8,
+         "cvss_v30_score": 0.0,
+         "cvss_v31_score": 7.8,
+         "cvss_v2_score": 0.0,
+         "cvss_v3_severity": "HIGH",
+         "source_url": "https://ubuntu.com/security/CVE-2024-38541",
+         "source": "UBUNTU_CVE",
+         "severity": "CRITICAL",
+         "status": "ACTIVE",
+         "title": "CVE-2024-38541 - linux-libc-dev",
+         "reason_to_ignore": "N/A"
+      },
       {
          "description":"In the Linux kernel, the following vulnerability has been resolved: greybus: Fix use-after-free bug in gb_interface_release due to race condition. In gb_interface_create, &intf->mode_switch_completion is bound with gb_interface_mode_switch_work. Then it will be started by gb_interface_request_mode_switch. Here is the relevant code. if (!queue_work(system_long_wq, &intf->mode_switch_work)) { ... } If we call gb_interface_release to make cleanup, there may be an unfinished work. This function will call kfree to free the object \"intf\". However, if gb_interface_mode_switch_work is scheduled to run after kfree, it may cause use-after-free error as gb_interface_mode_switch_work will use the object \"intf\". The possible execution flow that may lead to the issue is as follows: CPU0 CPU1 | gb_interface_create | gb_interface_request_mode_switch gb_interface_release | kfree(intf) (free) | | gb_interface_mode_switch_work | mutex_lock(&intf->mutex) (use) Fix it by canceling the work before kfree.",
          "vulnerability_id":"CVE-2024-39495",

pytorch/inference/buildspec-arm64-2-5-sm.yml

@@ -43,7 +43,7 @@ images:
     torch_serve_version: &TORCHSERVE_VERSION 0.12.0
     tool_kit_version: &SM_TOOLKIT_VERSION 2.0.25
     tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION , "-sagemaker"]
-    latest_release_tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION, "-sagemaker" ]
+    # latest_release_tag: !join [ *VERSION, "-", *DEVICE_TYPE, "-", *TAG_PYTHON_VERSION, "-", *OS_VERSION, "-sagemaker" ]
     # skip_build: "False"
     docker_file: !join [ docker/, *SHORT_VERSION, /, *DOCKER_PYTHON_VERSION, /Dockerfile.arm64., *DEVICE_TYPE ]
     target: sagemaker

pytorch/inference/docker/2.5/py3/Dockerfile.ec2.arm64.cpu.os_scan_allowlist.json

@@ -29,5 +29,67 @@
       "title": "CVE-2025-32434 - torch",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "dpkg": [
+    {
+      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.",
+      "vulnerability_id": "CVE-2025-6297",
+      "name": "CVE-2025-6297",
+      "package_name": "dpkg",
+      "package_details": {
+        "file_path": null,
+        "name": "dpkg",
+        "package_manager": "OS",
+        "version": "1.21.1ubuntu2.3",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 8.2,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 8.2,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-6297 - dpkg, libdpkg-perl",
+      "reason_to_ignore": "N/A"
+    }
+  ],
+  "libdpkg-perl": [
+    {
+      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.",
+      "vulnerability_id": "CVE-2025-6297",
+      "name": "CVE-2025-6297",
+      "package_name": "libdpkg-perl",
+      "package_details": {
+        "file_path": null,
+        "name": "libdpkg-perl",
+        "package_manager": "OS",
+        "version": "1.21.1ubuntu2.3",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 8.2,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 8.2,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-6297 - dpkg, libdpkg-perl",
+      "reason_to_ignore": "N/A"
+    }
   ]
 }

pytorch/inference/docker/2.5/py3/Dockerfile.ec2.cpu.os_scan_allowlist.json

@@ -89,5 +89,67 @@
       "title": "CVE-2025-32434 - torch",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "dpkg": [
+    {
+      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.",
+      "vulnerability_id": "CVE-2025-6297",
+      "name": "CVE-2025-6297",
+      "package_name": "dpkg",
+      "package_details": {
+        "file_path": null,
+        "name": "dpkg",
+        "package_manager": "OS",
+        "version": "1.21.1ubuntu2.3",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 8.2,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 8.2,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-6297 - dpkg, libdpkg-perl",
+      "reason_to_ignore": "N/A"
+    }
+  ],
+  "libdpkg-perl": [
+    {
+      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.",
+      "vulnerability_id": "CVE-2025-6297",
+      "name": "CVE-2025-6297",
+      "package_name": "libdpkg-perl",
+      "package_details": {
+        "file_path": null,
+        "name": "libdpkg-perl",
+        "package_manager": "OS",
+        "version": "1.21.1ubuntu2.3",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 8.2,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 8.2,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html",
+      "source": "UBUNTU_CVE",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-6297 - dpkg, libdpkg-perl",
+      "reason_to_ignore": "N/A"
+    }
   ]
 }

pytorch/inference/docker/2.5/py3/Dockerfile.sagemaker.arm64.cpu.os_scan_allowlist.json

@@ -29,5 +29,67 @@
       "title": "CVE-2025-32434 - torch",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "dpkg": [
+    {
+      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.", 
+      "vulnerability_id": "CVE-2025-6297", 
+      "name": "CVE-2025-6297", 
+      "package_name": "dpkg", 
+      "package_details": {
+        "file_path": null, 
+        "name": "dpkg", 
+        "package_manager": "OS", 
+        "version": "1.21.1ubuntu2.3", 
+        "release": null
+        }, 
+        "remediation": {
+          "recommendation": {
+            "text": "None Provided"
+          }
+        }, 
+        "cvss_v3_score": 8.2, 
+        "cvss_v30_score": 0.0, 
+        "cvss_v31_score": 8.2, 
+        "cvss_v2_score": 0.0, 
+        "cvss_v3_severity": "HIGH", 
+        "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html", 
+        "source": "UBUNTU_CVE", 
+        "severity": "HIGH", 
+        "status": "ACTIVE", 
+        "title": "CVE-2025-6297 - dpkg, libdpkg-perl", 
+        "reason_to_ignore": "N/A"
+    }
+  ], 
+  "libdpkg-perl": [
+    {
+      "description": "It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions.", 
+      "vulnerability_id": "CVE-2025-6297", 
+      "name": "CVE-2025-6297", 
+      "package_name": "libdpkg-perl", 
+      "package_details": {
+        "file_path": null, 
+        "name": "libdpkg-perl", 
+        "package_manager": "OS", 
+        "version": "1.21.1ubuntu2.3", 
+        "release": null
+        }, 
+        "remediation": {
+          "recommendation": {
+            "text": "None Provided"
+          }
+        }, 
+        "cvss_v3_score": 8.2, 
+        "cvss_v30_score": 0.0, 
+        "cvss_v31_score": 8.2, 
+        "cvss_v2_score": 0.0, 
+        "cvss_v3_severity": "HIGH", 
+        "source_url": "https://people.canonical.com/~ubuntu-security/cve/2025/CVE-2025-6297.html", 
+        "source": "UBUNTU_CVE", 
+        "severity": "HIGH", 
+        "status": "ACTIVE", 
+        "title": "CVE-2025-6297 - dpkg, libdpkg-perl", 
+        "reason_to_ignore": "N/A"
+    }
   ]
 }