build tf 2.18 with protobuf (#5117)

* build tf 2.18 with protobuf

* enable autopatch for 2.18 ec2

* enable autopatch for 2.18 sm

* add allowlist and rebuild ec2

* [djl-serving] 0.32.0 lmi image patch release (#5120)

* allowlist protobuf ec2

* enable autopatch sm

* fix allowlist

* rebuild ec2

* rebuild autopatch ec2

* rebuild autopatch sm

* rebuild sm

* rebuild sm

* build ec2

* ec2 build

* add protobuf constraint ec2

* ec2 build

* build sm

* build sm

* build sm

* build sm

* build ec2

* revert toml

---------

Co-authored-by: Xin Yang <[email protected]>

Author: Jyothirmaikottu

tensorflow/training/buildspec-2-18-ec2.yml

@@ -5,7 +5,7 @@ framework: &FRAMEWORK tensorflow
 version: &VERSION 2.18.0
 short_version: &SHORT_VERSION "2.18"
 arch_type: x86
-# autopatch_build: "True"
+autopatch_build: "True"
 
 repository_info:
   training_repository: &TRAINING_REPOSITORY

tensorflow/training/docker/2.18/py3/Dockerfile.cpu

@@ -157,7 +157,6 @@ RUN ${PIP} install --no-cache-dir -U \
  && ${PIP} install --no-cache-dir -U \
     h5py \
     absl-py \
-    opencv-python \
     werkzeug \
     psutil 
 
@@ -188,7 +187,9 @@ ARG TF_URL
 RUN ${PIP} install --no-cache-dir -U \
     ${TF_URL} \
     "tensorflow-io==0.37.*" \
-    "tensorflow-datasets==4.9.7"
+    "tensorflow-datasets==4.9.7" \
+    opencv-python 
+
 
 RUN HOME_DIR=/root \
    && curl -o ${HOME_DIR}/oss_compliance.zip https://aws-dlinfra-utilities.s3.amazonaws.com/oss_compliance.zip \

tensorflow/training/docker/2.18/py3/Dockerfile.ec2.cpu.core_packages.json

@@ -3,7 +3,7 @@
     "version_specifier": ">=1.33.13,<2"
   },
   "protobuf": {
-    "version_specifier": ">=4.21.12"
+    "version_specifier": ">=3.19.6,<4.22"
   },
   "pyyaml": {
     "version_specifier": ">=6.0,<6.1"
@@ -18,7 +18,8 @@
     "version_specifier": "==2.18.0"
   },
   "tensorflow-datasets": {
-    "version_specifier": ">=4.9.4"
+    "version_specifier": "==4.9.7",
+    "skip": "True"
   },
   "tensorflow-io": {
     "version_specifier": "==0.37.*"
@@ -27,7 +28,8 @@
     "version_specifier": "==0.37.*"
   },
   "tensorflow-metadata": {
-    "version_specifier": ">=1.14.0"
+    "version_specifier": "==1.17.2",
+    "skip": "True"
   },
   "urllib3": {
     "version_specifier": ">=2.2.2"

tensorflow/training/docker/2.18/py3/Dockerfile.ec2.cpu.os_scan_allowlist.json

@@ -2491,5 +2491,32 @@
       "title": "CVE-2022-48434 - libavfilter7, libavformat58 and 7 more",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "protobuf": [
+    {
+      "description": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901",
+      "vulnerability_id": "CVE-2025-4565",
+      "name": "CVE-2025-4565", 
+      "package_name": "protobuf",
+      "package_details": {
+        "file_path": "/usr/local/lib/python3.10/site-packages/protobuf-4.21.12.dist-info/METADATA",
+        "name": "protobuf",
+        "package_manager": "PYTHON",
+        "version": "4.21.12",
+        "release": null
+      },
+      "remediation": { "recommendation": { "text": "None Provided" } },
+      "cvss_v3_score": 0.0,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 0.0,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "CRITICAL",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4565",
+      "source": "NVD",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-4565 - protobuf",
+      "reason_to_ignore": "protobuf upgrade is not possible at the moment - this version has dependency with tensorflow metadata "
+    }
   ]
 }

tensorflow/training/docker/2.18/py3/cu125/Dockerfile.ec2.gpu.core_packages.json

@@ -3,7 +3,7 @@
     "version_specifier": ">=1.33.13,<2"
   },
   "protobuf": {
-    "version_specifier": ">=4.21.12"
+    "version_specifier": ">=3.19.6,<4.22"
   },
   "pyyaml": {
     "version_specifier": ">=6.0,<6.1"
@@ -18,7 +18,8 @@
     "version_specifier": "==2.18.0"
   },
   "tensorflow-datasets": {
-    "version_specifier": ">=4.9.4"
+    "version_specifier": "==4.9.7",
+    "skip" : "True"
   },
   "tensorflow-io": {
     "version_specifier": "==0.37.*"
@@ -27,7 +28,8 @@
     "version_specifier": "==0.37.*"
   },
   "tensorflow-metadata": {
-    "version_specifier": ">=1.14.0"
+    "version_specifier": "==1.17.2",
+    "skip": "True"
   },
   "urllib3": {
     "version_specifier": ">=2.2.2"

tensorflow/training/docker/2.18/py3/cu125/Dockerfile.ec2.gpu.os_scan_allowlist.json

@@ -2491,5 +2491,32 @@
       "title": "CVE-2021-38092 - libswresample3, libpostproc55 and 7 more",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "protobuf": [
+    {
+      "description": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901",
+      "vulnerability_id": "CVE-2025-4565",
+      "name": "CVE-2025-4565", 
+      "package_name": "protobuf",
+      "package_details": {
+        "file_path": "/usr/local/lib/python3.10/site-packages/protobuf-4.21.12.dist-info/METADATA",
+        "name": "protobuf",
+        "package_manager": "PYTHON",
+        "version": "4.21.12",
+        "release": null
+      },
+      "remediation": { "recommendation": { "text": "None Provided" } },
+      "cvss_v3_score": 0.0,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 0.0,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "CRITICAL",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4565",
+      "source": "NVD",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-4565 - protobuf",
+      "reason_to_ignore": "protobuf upgrade is not possible at the moment - this version has dependency with tensorflow metadata "
+    }
   ]
 }

tensorflow/training/docker/2.18/py3/cu125/Dockerfile.gpu

@@ -219,7 +219,6 @@ RUN ${PIP} install --no-cache-dir -U \
    mpi4py \
    h5py \
    absl-py \
-   opencv-python \
    werkzeug \
    urllib3 
 
@@ -295,7 +294,8 @@ ARG TF_URL
 RUN ${PIP} install --no-cache-dir -U \
    ${TF_URL} \
    "tensorflow-io==0.37.*" \
-   "tensorflow-datasets==4.9.7"
+   "tensorflow-datasets==4.9.7" \
+   opencv-python 
 
 RUN HOME_DIR=/root \
    && curl -o ${HOME_DIR}/oss_compliance.zip https://aws-dlinfra-utilities.s3.amazonaws.com/oss_compliance.zip \