RHAIENG-2200 : Fixed CVE-2025-62593 by bump codeflare-sdk@main from 0.32.1 to 0.33.0 #2757
Conversation
github-actions
bot
added
the
review-requested
WalkthroughPyproject files uniformly bump Changes
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes
Possibly related PRs
Suggested reviewers
Pre-merge checks and finishing touches❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
🧹 Nitpick comments (2)
jupyter/datascience/ubi9-python-3.12/pyproject.toml (2)
28-28: Document CVE mitigation in a code comment.The downgrade to
~=0.31.2correctly addresses CVE-2025-62593, a Ray vulnerability for RCE via Safari & Firefox through DNS Rebinding Attack. However, the reason for the downgrade is not documented in the code.For maintainability and future reference, add an inline comment documenting the CVE mitigation:
# Required for skl2onnx, as upgraded version is not compatible with protobuf "onnxconverter-common~=1.13.0", - "codeflare-sdk~=0.31.2", + # CVE-2025-62593: downgraded from 0.32.1 to mitigate Ray RCE vulnerability + "codeflare-sdk~=0.31.2",
20-20: Document CVE mitigation in a code comment.The codeflare-sdk downgrade consistently addresses CVE-2025-62593, a Ray vulnerability. Similar to the rocm-tensorflow file, add a comment documenting the CVE context for maintainability.
"kubeflow-training==1.9.3", - "codeflare-sdk~=0.31.2; platform_machine != 'ppc64le' and platform_machine != 's390x'", + # CVE-2025-62593: downgraded from 0.32.1 to mitigate Ray RCE vulnerability + "codeflare-sdk~=0.31.2; platform_machine != 'ppc64le' and platform_machine != 's390x'",
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (29)
jupyter/datascience/ubi9-python-3.12/pylock.toml(2 hunks)jupyter/datascience/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/pytorch/ubi9-python-3.12/pylock.toml(2 hunks)jupyter/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml(2 hunks)jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml(2 hunks)jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/tensorflow/ubi9-python-3.12/pylock.toml(2 hunks)jupyter/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/trustyai/ubi9-python-3.12/pylock.toml(2 hunks)jupyter/trustyai/ubi9-python-3.12/pyproject.toml(1 hunks)manifests/base/jupyter-datascience-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml(1 hunks)manifests/base/jupyter-pytorch-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-tensorflow-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-trustyai-notebook-imagestream.yaml(1 hunks)runtimes/datascience/ubi9-python-3.12/pylock.toml(3 hunks)runtimes/datascience/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/pytorch/ubi9-python-3.12/pylock.toml(3 hunks)runtimes/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml(3 hunks)runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml(2 hunks)runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/tensorflow/ubi9-python-3.12/pylock.toml(3 hunks)runtimes/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (27)
- GitHub Check: Red Hat Konflux / odh-pipeline-runtime-tensorflow-cuda-py312-ubi9-on-pull-request
- GitHub Check: Red Hat Konflux / odh-pipeline-runtime-pytorch-cuda-py312-ubi9-on-pull-request
- GitHub Check: Red Hat Konflux / odh-pipeline-runtime-datascience-cpu-py312-ubi9-on-pull-request
- GitHub Check: Red Hat Konflux / odh-workbench-jupyter-tensorflow-rocm-py312-ubi9-on-pull-request
- GitHub Check: Red Hat Konflux / odh-workbench-jupyter-pytorch-rocm-py312-ubi9-on-pull-request
- GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: build (cuda-jupyter-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: build (rocm-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: Red Hat Konflux / odh-workbench-jupyter-datascience-cpu-py312-ubi9-on-pull-request
- GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/ppc64le, false) / build
- GitHub Check: build (runtime-datascience-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: build (runtime-cuda-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: build (rocm-runtime-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: Red Hat Konflux / odh-pipeline-runtime-pytorch-rocm-py312-ubi9-on-pull-request
- GitHub Check: build (jupyter-trustyai-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: build (runtime-datascience-ubi9-python-3.12, 3.12, linux/s390x, false) / build
- GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/arm64, false) / build
- GitHub Check: build (rocm-runtime-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: build (rocm-jupyter-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
- GitHub Check: Red Hat Konflux / odh-workbench-jupyter-trustyai-cpu-py312-ubi9-on-pull-request
- GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.12, 3.12, linux/arm64, false) / build
- GitHub Check: Red Hat Konflux / odh-workbench-jupyter-tensorflow-cuda-py312-ubi9-on-pull-request
- GitHub Check: Red Hat Konflux / odh-pipeline-runtime-tensorflow-rocm-py312-ubi9-on-pull-request
- GitHub Check: Red Hat Konflux / odh-workbench-jupyter-pytorch-cuda-py312-ubi9-on-pull-request
- GitHub Check: validation-of-sw-versions-in-imagestreams
🔇 Additional comments (47)
jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1)
28-28: Dependency version constraint updated correctly.The codeflare-sdk downgrade from 0.32.1 to 0.31.2 using the compatible release constraint (
~=0.31.2) follows standard Python versioning practices and is appropriately applied here.manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml (1)
45-45: Metadata version updated consistently.The Codeflare-SDK version annotation updated to "0.31" aligns with the pyproject.toml downgrade. This metadata entry serves documentation purposes and is appropriately paired with the actual dependency constraint.
jupyter/tensorflow/ubi9-python-3.12/pyproject.toml (1)
25-25: Dependency downgrade applied consistently.The codeflare-sdk downgrade to 0.31.2 with compatible release constraint is properly applied here, matching the pattern across other notebook configurations.
jupyter/trustyai/ubi9-python-3.12/pyproject.toml (1)
43-43: Platform constraints preserved during downgrade.The codeflare-sdk downgrade maintains the existing platform machine exclusions for ppc64le and s390x architectures. The constraint is properly formatted and consistent with trustyai's specialized dependencies.
manifests/base/jupyter-datascience-notebook-imagestream.yaml (1)
39-39: Latest image variant version updated appropriately.The 2025.2 image annotation correctly reflects the codeflare-sdk downgrade to 0.31, while the 2025.1 variant (line 77) appropriately remains at 0.30, following semantic versioning for different release tracks.
manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1)
42-42: Version annotation updated for latest release track.The Codeflare-SDK version in the 2025.2 image variant is correctly updated to 0.31, with the N-1 variant (line 80) appropriately maintaining version 0.30 for release consistency.
jupyter/pytorch/ubi9-python-3.12/pyproject.toml (1)
24-24: Dependency downgrade applied with correct constraint syntax.The codeflare-sdk version update to 0.31.2 with compatible release constraint (
~=0.31.2) is properly formatted and consistent across the PyTorch notebook configuration.manifests/base/jupyter-trustyai-notebook-imagestream.yaml (2)
44-44: Latest variant version updated correctly.The Codeflare-SDK version in the 2025.2 image is correctly updated to 0.31. The N-1 variant (line 86) appropriately retains version 0.30 for backward compatibility across release tracks.
1-8:⚠️ PR readiness concern: Testing and verification checklist incomplete.Per the PR objectives, all merge criteria and testing items remain unchecked, including:
- Running
make test/gmake- Manual testing verification
- Konflux-specific build instructions
- Sync guidance between
odh/notebooksandrhds/notebooksThe CVE-2025-62593 vulnerability affects Ray packages with remote code execution via DNS rebinding attacks (CVSS 8.8), but the PR title indicates this fix comes through a codeflare-sdk downgrade. Before merging, ensure:
- Validation that codeflare-sdk 0.31.2 transitively includes a Ray version that resolves CVE-2025-62593
- All pylock.toml files have been updated consistently with resolved dependency hashes
- Test suite passes with the downgraded versions
- No breaking changes introduced by the version downgrade
jupyter/tensorflow/ubi9-python-3.12/pylock.toml (1)
649-655: CVE-2025-62593 affects Ray, not codeflare-sdk. The actual CVE fix is the ray upgrade to 2.52.1 (lines 4274–4293), which addresses the critical RCE in Ray < 2.52.0 exploitable via DNS rebinding.The codeflare-sdk downgrade from 0.32.2 to 0.31.2 appears to address a different concern (possibly a dependency requirement or unrelated CVE). Verify the reason for this downgrade separately and confirm it is intentional. The ray 2.52.1 upgrade is the actual mitigation for CVE-2025-62593; ensure it is merged with token authentication and other hardening measures enabled as recommended by the Ray security advisory.
Likely an incorrect or invalid review comment.
jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml (3)
3733-3753: Clarify scope: is the ray 2.52.1 update related to the CVE fix?The ray package is being updated to 2.52.1 alongside the codeflare-sdk downgrade. Verify whether this update is:
- A transitive dependency requirement of codeflare-sdk 0.31.2 (expected in a lock file), or
- An unrelated change that should be in a separate PR
If unrelated, consider splitting this into a separate commit or PR to maintain clear fix traceability.
631-637: Version discrepancy: PR title mentions 0.32.1, but hunk shows 0.32.2.The PR title states the downgrade is from 0.32.1 to 0.31.2, but this file shows a downgrade from 0.32.2 to 0.31.2. Confirm whether all files are consistently downgrading from 0.32.x (whether .1 or .2) or if some files differ.
631-637: Clarify the reason for downgrading codeflare-sdk to 0.31.2.The downgrade aligns with appropriate URL and hash updates for the new version. However, note that CVE-2025-62593 affects Ray (not codeflare-sdk) and is addressed by the Ray 2.52.1 update in this commit, not by the codeflare-sdk version change. Confirm the rationale for the codeflare-sdk downgrade separately.
jupyter/trustyai/ubi9-python-3.12/pylock.toml (1)
3763-3782: Clarify the scope of the ray version change.Hunk 2 shows ray pinned at version 2.52.1 across multiple Python/architecture variants. The PR objective focuses on codeflare-sdk CVE-2025-62593, but the AI summary mentions ray was upgraded from 2.47.1. Confirm whether this ray version bump is:
- A side effect of lock file regeneration, or
- An intentional change bundled with the codeflare-sdk fix
If unintended, it should be reverted to avoid scope creep and ensure focused security fixes.
manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1)
42-42: Version update is consistent and appropriate.The metadata update from 0.32 to 0.31 aligns with the PR objective to address CVE-2025-62593 (Ray DNS Rebinding vulnerability). This is a documentation-only change reflecting the transitive dependency fix.
jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml (1)
25-25: Dependency downgrade is appropriately scoped.The flex version pin
~=0.31.2allows security patches within the 0.31.x line while preventing accidental upgrades to the vulnerable 0.32.x series. This is the correct constraint for a security hotfix.manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1)
45-45: Metadata update is consistent with other image manifests.The downgrade from 0.32 to 0.31 matches the pattern across all notebook image streams and reflects the codeflare-sdk downgrade for CVE-2025-62593 mitigation.
runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml (1)
24-24: Runtime dependency downgrade is consistent with Jupyter variants.Both the Jupyter and Runtime environments maintain consistent codeflare-sdk 0.31.2 versions with appropriate flex pinning.
manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1)
44-44: Manifest metadata is consistent with repository-wide downgrade pattern.The 0.32 → 0.31 update is uniform across all image streams.
runtimes/datascience/ubi9-python-3.12/pyproject.toml (1)
18-18: Platform exclusions preserved but require verification across all variants.This file maintains platform machine exclusions (s390x, ppc64le) while downgrading codeflare-sdk to 0.31.2. However, verify that all related files (pytorch, tensorflow, rocm variants) have consistent platform machine constraints to avoid resolution conflicts during builds.
runtimes/pytorch/ubi9-python-3.12/pyproject.toml (1)
23-23: Missing platform exclusions that exist in other variants.Line 18 of
runtimes/datascience/ubi9-python-3.12/pyproject.tomlincludes platform machine exclusions (ppc64le, s390x), but this file does not. If codeflare-sdk 0.31.2 doesn't support these architectures, this inconsistency could cause dependency resolution failures. Verify and align platform constraints across all runtime/jupyter variants.runtimes/tensorflow/ubi9-python-3.12/pyproject.toml (1)
25-25: Platform exclusion consistency issue carries to this file as well.Like the PyTorch runtime, this file lacks the platform machine exclusions present in the datascience variant. Ensure all variants are aligned on platform support before merging.
jupyter/datascience/ubi9-python-3.12/pyproject.toml (1)
20-20: Verify CVE mitigation and consistency with platform constraints.The codeflare-sdk downgrade to
~=0.31.2is consistent with the change in the rocm-tensorflow runtime. The environment marker (;) syntax correctly preserves the platform machine exclusions forppc64leands390x, maintaining compatibility constraints from the original version specification.Apply the same verification checks from the rocm-tensorflow file:
- Confirm 0.31.2 is the correct safe version for CVE-2025-62593.
- Ensure no breaking changes affect this Jupyter runtime.
- Verify the corresponding lock file (if present) is synchronized.
- Confirm testing has been completed with this downgraded version.
runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml (1)
28-28: Verify CVE assignment and Ray version updates in this PR.The comment references CVE-2025-62593 as justification for downgrading codeflare-sdk, but this CVE actually affects Ray (impacting versions before 2.52.0), not codeflare-sdk. Clarify:
- Is the codeflare-sdk downgrade addressing a different issue, or is this a mislabeled CVE reference?
- If CVE-2025-62593 mitigation is needed, verify that Ray has also been updated to 2.52.0 or later in this PR.
- Confirm the actual reason for the codeflare-sdk version downgrade.
jupyter/datascience/ubi9-python-3.12/pylock.toml (3)
3989-4008: Clarify whether the ray upgrade is necessary for the codeflare-sdk security fix.Ray is being upgraded from 2.47.1 to 2.52.1, but the PR objectives focus on addressing CVE-2025-62593 in codeflare-sdk. Confirm:
- Is ray a direct dependency of codeflare-sdk that requires this version bump for compatibility?
- Was this upgrade intentionally included as part of this PR, or is it incidental scope creep?
- Has the ray upgrade been tested independently?
If unrelated to the codeflare-sdk fix, this should be separated into a distinct PR.
3993-4007: All ray 2.52.1 wheel package hashes verified against PyPI—no issues found.All 15 wheel distributions for ray 2.52.1 have been verified against official PyPI sources. Every hash in the pylock.toml file matches the legitimate packages on PyPI, including cp310, cp311, cp312, and cp313 variants across all supported platforms (macosx_12_0_arm64, manylinux2014_aarch64, manylinux2014_x86_64, and win_amd64).
640-645: Codeflare-sdk 0.31.2 hashes verified against PyPI.The sdist and wheel SHA256 hashes in the lock file match the official PyPI distributions:
codeflare_sdk-0.31.2.tar.gz:73b0839ef8a04ffdedc7e64da4aa4c8c58c09542faeecd6e68f6943db867e9c5codeflare_sdk-0.31.2-py3-none-any.whl:33c6a36cec22ac22bea4f1c15a6ff2d6dd2a90f71f4aff53f01890460dff3a27The package version and URLs are legitimate.
runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml (2)
542-544: Clarify the undocumentedclickdowngrade from 8.3.1 to 8.2.1.The PR objective mentions downgrading
codeflare-sdkto fix CVE-2025-62593, but this change also downgradesclickwithout explanation. This may be a collateral effect from lock file regeneration or a dependency resolution, but it's not documented in the PR description.Confirm whether this downgrade is:
- Intentional (e.g., compatibility requirement with codeflare-sdk 0.31.2)
- Collateral from lock file regeneration (e.g., via
uv lockorpip-compile)If unintentional, verify that removing it does not cause lock file conflicts.
3166-3183: Clarify the undocumentedrayupgrade from 2.47.1 to 2.52.1.Like the
clickdowngrade, this ray upgrade is not mentioned in the PR objectives. The PR focuses on downgradingcodeflare-sdkto address CVE-2025-62593, but ray is being upgraded in tandem.Verify whether this is:
- Intentional (e.g., required for
codeflare-sdk0.31.2 compatibility)- A collateral effect from lock file regeneration
- A broader dependency refresh unrelated to the CVE fix
If collateral, consider whether this should be separated into a distinct commit or PR to maintain focus on the CVE fix.
jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml (2)
3999-4017: Ray 2.52.1 upgrade includes security fix and regressions resolution; confirm intentionality with codeflare-sdk downgrade rationale.Ray 2.52.1 addresses documented regressions in 2.47.x (uv/runtime-env pip package handling, AMD collective communication segfaults) and includes a CVE fix to dashboard header handling. Python 3.9 EOL in 2.52.0 does not impact this Python 3.12 environment. Ray 2.52.0 introduced token authentication (off by default), which is compatible with codeflare-sdk 0.31.2 and poses no breaking risk for this deployment.
However, confirm whether this ray upgrade is intentional and directly motivated by the codeflare-sdk 0.31.2 downgrade, or if it stems from separate dependency resolution. The rationale for downgrading codeflare-sdk while upgrading ray should be documented.
645-648: CVE-2025-62593 is a Ray vulnerability, not codeflare-sdk—the codeflare-sdk downgrade appears unrelated to this CVE.CVE-2025-62593 is a remote code execution vulnerability in Ray (affecting versions < 2.52.0) that exploits a weak User-Agent check combined with DNS rebinding. The Ray upgrade from 2.47.1 to 2.52.1 correctly addresses this. However, the codeflare-sdk downgrade from 0.32.2 to 0.31.2 is unrelated to this CVE and its motivation should be clarified. Since CodeFlare SDK manages Ray via container images (not direct pip dependencies), verify the reason for downgrading codeflare-sdk and confirm it doesn't revert a necessary fix or introduce regressions.
Likely an incorrect or invalid review comment.
runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml (4)
554-556: Clarify the scope of the click update.The click package is updated to version 8.2.1, but this change appears unrelated to the CVE-2025-62593 fix for codeflare-sdk. Confirm whether this update is intentional or unintended scope creep introduced by lock file regeneration.
3479-3495: Verify the ray version upgrade rationale.The PR downgrades codeflare-sdk (0.32.x → 0.31.2) but upgrades ray (2.47.1 → 2.52.1). This is counterintuitive. Clarify whether:
- ray 2.52.1 is a compatibility requirement for codeflare-sdk 0.31.2, or
- ray 2.52.1 addresses a separate security concern.
Additionally, verify that ray 2.52.1 does not introduce new vulnerabilities and remains compatible with the rest of the stack.
551-568: Verify lock file consistency and pyproject.toml alignment.This file is a lock file that should be generated from a source manifest (pyproject.toml or similar). Confirm:
- The corresponding pyproject.toml has been updated to reflect the codeflare-sdk and ray version changes.
- All other runtime environment lock files (e.g., other pylock.toml files in the PR) are consistently updated with matching versions.
- The lock file was regenerated (not manually edited) to ensure integrity.
566-568: CVE-2025-62593 is unrelated to codeflare-sdk and does not justify this downgrade.CVE-2025-62593 is a critical RCE vulnerability in the Ray project (pip package
ray), not codeflare-sdk. It affects Ray versions < 2.52.0 and is resolved in Ray 2.52.0+. The vulnerability involves browser-service DNS rebinding weakness in the Ray dashboard.If the codeflare-sdk downgrade to 0.31.2 is necessary, provide the actual reason. If Ray is a dependency, verify that Ray is upgraded to 2.52.0 or later instead.
Likely an incorrect or invalid review comment.
runtimes/pytorch/ubi9-python-3.12/pylock.toml (3)
551-557: Clarify the necessity of the click package downgrade.The click package is downgraded from 8.3.1 to 8.2.1 in this lock file. Verify whether this:
- Is a necessary side-effect of the codeflare-sdk downgrade (dependency resolution), or
- Is an intentional separate security/compatibility fix that should be explicitly documented
This helps ensure lock files remain aligned across the PR scope and prevents unintended version regressions.
3604-3622: Verify ray 2.52.1 compatibility with downgraded dependencies.The ray package is updated to version 2.52.1 (multiple wheels listed). Ensure this version is:
- Compatible with the downgraded codeflare-sdk 0.31.2
- Not introducing breaking changes or new dependencies that conflict with the environment
- Intentionally updated or a side-effect of lock file regeneration
563-569: Original review comment targets incorrect package for CVE-2025-62593.CVE-2025-62593 is a remote code execution vulnerability affecting Ray (the AI compute engine), not codeflare-sdk. The vulnerability exists in Ray versions < 2.52.0 and is fixed by upgrading to Ray 2.52.0 or later. The PR correctly addresses this by upgrading Ray to 2.52.1. The codeflare-sdk downgrade from 0.32.2 to 0.31.2 is unrelated to this CVE and should be verified separately if it addresses a different concern.
Likely an incorrect or invalid review comment.
runtimes/tensorflow/ubi9-python-3.12/pylock.toml (3)
557-563: Clarify: Is theclickupdate (to 8.2.1) necessary for this CVE fix?The PR objectives describe downgrading codeflare-sdk to address CVE-2025-62593, but this hunk also updates
clickfrom a previous version to 8.2.1. Please confirm whether this is an intentional update or a side effect of lock file resolution.
570-575: Verify: codeflare-sdk 0.31.2 resolves CVE-2025-62593.The downgrade from 0.32.1 to 0.31.2 is the core change intended to fix CVE-2025-62593. Confirm that version 0.31.2 has the vulnerability patch or doesn't expose the affected code path. The URLs and hashes have been updated appropriately for the new version.
3754-3772: Clarify: Is therayupgrade (to 2.52.1) intentional or a consequence of the codeflare-sdk downgrade?This hunk upgrades
rayfrom a previous version to 2.52.1. Verify whether this is a transitive dependency requirement of codeflare-sdk 0.31.2, an intentional update, or an unintended side effect of lock file regeneration. If intentional, document the reason in the PR description.jupyter/pytorch/ubi9-python-3.12/pylock.toml (3)
4126-4143: Verify integrity of Ray 2.52.1 wheel URLs and hashes against PyPI.CVE-2025-62593 was fixed in Ray 2.52.0 (commit 70e7c72780bdec075dba6cad1afe0832772bfe09), so verification of this CVE in the 2.52.1 changelog is not necessary. However, confirm that the wheel URLs and SHA256 hashes in the pylock.toml match those published on PyPI, and verify none of the artifacts are yanked.
4126-4143: Ray 2.52.1 does include the CVE-2025-62593 fix; clarify why codeflare-sdk downgrade is needed.Ray 2.52.1 explicitly addresses CVE-2025-62593 (critical RCE in dashboard via DNS rebinding, CVSS 9.4) with improved browser-rejection checks. The ray upgrade to 2.52.1 is the primary security remediation for this CVE. However, the PR's relationship to codeflare-sdk remains unclear—explain the necessity of the codeflare-sdk downgrade and how it complements the ray security fix.
643-649: Verify integrity of PyPI artifacts (URL, hash, timestamp).The hashes and URLs for codeflare-sdk 0.31.2 should be verified against the official PyPI repository to ensure they have not been tampered with or replaced. Cross-reference the provided sha256 hashes and download URLs with the official PyPI release metadata.
runtimes/datascience/ubi9-python-3.12/pylock.toml (3)
563-569: Verify CVE-2025-62593 remediation strategy.The codeflare-sdk downgrade from 0.32.1 to 0.31.2 is the primary change. Before merging, confirm that:
- CVE-2025-62593 is actually resolved by downgrading (not just deferred).
- No available patch versions for 0.32.x exist that fix the CVE while preserving newer features.
- The 0.31.2 version itself has no known vulnerabilities.
Downgrading can be a valid temporary mitigation but introduces risk of missing bugfixes or security patches in newer versions.
3481-3499: Verify ray 2.52.1 compatibility with codeflare-sdk 0.31.2.Ray has been upgraded from 2.47.1 to 2.52.1, a minor version bump covering multiple architectures (x86_64, aarch64, arm64, Windows). Confirm:
- No breaking API changes between ray 2.47.1 and 2.52.1 that would conflict with codeflare-sdk 0.31.2.
- All downstream code that depends on ray APIs remains compatible.
Consider running the test suite to validate the integration.
551-3499: Complete testing before merge.The PR objectives indicate that testing checklists and merge criteria remain incomplete. Per the checklist,
make test/gmakehas not been run. Lock file changes require verification that:
- The resolved dependency graph installs and loads without errors.
- All notebook and runtime environments pass their test suites.
- No subtle runtime regressions or import failures occur post-installation.
Run the full test suite and mark the checklists complete before merging.
|
Hi Vath, I checked the builds that are having trouble. For the cases reporting “no space left” or Clair failures, these appear to be infrastructure issues. The only ones that concern me are the datascience builds for ppc and s390x; however, it looks like they were already failing before this PR rather than being introduced by it. I open the downstream backport here: red-hat-data-services#1748 |
|
FWI regarding datascienece builds: https://redhat-internal.slack.com/archives/C07ANR2U56C/p1764919798025339?thread_ts=1764889387.666069&cid=C07ANR2U56C |
|
As we've discussed with the the team, those failures are unrelated. So it is ok to merge this PR. 
|
ysok
force-pushed
the
RHAIENG-2200-cve-2025-62593-codeflare-sdk
branch
from
855e3e6 to
4cda3cd
Compare
There was a problem hiding this comment.
Actionable comments posted: 2
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (18)
jupyter/datascience/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/trustyai/ubi9-python-3.12/pyproject.toml(1 hunks)manifests/base/jupyter-datascience-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml(1 hunks)manifests/base/jupyter-pytorch-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-tensorflow-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-trustyai-notebook-imagestream.yaml(1 hunks)runtimes/datascience/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (14)
- runtimes/pytorch/ubi9-python-3.12/pyproject.toml
- jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml
- manifests/base/jupyter-trustyai-notebook-imagestream.yaml
- runtimes/tensorflow/ubi9-python-3.12/pyproject.toml
- jupyter/trustyai/ubi9-python-3.12/pyproject.toml
- jupyter/tensorflow/ubi9-python-3.12/pyproject.toml
- manifests/base/jupyter-tensorflow-notebook-imagestream.yaml
- jupyter/pytorch/ubi9-python-3.12/pyproject.toml
- jupyter/datascience/ubi9-python-3.12/pyproject.toml
- manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml
- manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml
- runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml
- manifests/base/jupyter-datascience-notebook-imagestream.yaml
- manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml
🔇 Additional comments (2)
runtimes/datascience/ubi9-python-3.12/pyproject.toml (1)
18-18: Critical: Version mismatch between PR objectives and code.The PR objectives state that codeflare-sdk should be downgraded from 0.32.1 to 0.31.2 to address CVE-2025-62593, but line 18 shows version 0.33.0. This discrepancy requires clarification—verify that the version in the code (0.33.0) is the intended change and that it correctly addresses the CVE.
jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1)
28-28: No action needed—version upgrade to 0.33.0 is correct.CVE-2025-62593 is a critical RCE vulnerability in Ray (not codeflare-sdk), fixed in Ray 2.52.0+. Codeflare-sdk v0.33.0 upgrades Ray to v2.52.1 for RHOAI 3.2, which addresses this vulnerability. The change shown (upgrading to
~=0.33.0) is the appropriate fix. An earlier version like 0.31.2 would not include the Ray 2.52.1 update and would leave the vulnerability unpatched.Likely an incorrect or invalid review comment.
ysok
force-pushed
the
RHAIENG-2200-cve-2025-62593-codeflare-sdk
branch
from
4cda3cd to
42cb2d5
Compare
jiridanek
left a comment
jiridanek
left a comment
There was a problem hiding this comment.
This ask needs to update manifests/ yamls, after that is done, lgtm.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ide-developer, jiridanek The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Ok, manifests WERE updated. The failing gha is not about manifests, but about pylock.toml generation. So please regen that |
|
@ysok: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
atheo89
changed the title
|
@coderabbitai full review |
✅ Actions performedFull review triggered. |
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml (1)
24-24: Duplicate concern from prior review: Clarify codeflare-sdk version strategy.A previous reviewer questioned whether this file should use 0.31.2 instead of 0.33.0 for consistency with a broader PR downgrade strategy mentioned in the AI summary. The current code shows 0.33.0. If the PR intends mixed versions across files, document the rationale. If the intent is a uniform upgrade to 0.33.0, this is consistent.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (18)
jupyter/datascience/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)jupyter/trustyai/ubi9-python-3.12/pyproject.toml(1 hunks)manifests/base/jupyter-datascience-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml(1 hunks)manifests/base/jupyter-pytorch-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-tensorflow-notebook-imagestream.yaml(1 hunks)manifests/base/jupyter-trustyai-notebook-imagestream.yaml(1 hunks)runtimes/datascience/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)runtimes/tensorflow/ubi9-python-3.12/pyproject.toml(1 hunks)
🧰 Additional context used
🪛 GitHub Actions: Validation of software versions referenced in ImageStream manifests
manifests/base/jupyter-datascience-notebook-imagestream.yaml
[error] 1-1: Codeflare-SDK version check failed. Expected '0.33', found 'Version: 0.32.2'.
[error] 1-1: Failed check for the 'odh-workbench-jupyter-datascience-cpu-py312-ubi9-n_PLACEHOLDER' tag.
manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml
[error] 1-1: TensorFlow-ROCm version check failed. Expected '2.17', found 'None'.
[error] 1-1: Failed check for the 'odh-workbench-jupyter-rocm-tensorflow-cuda-py312-ubi9-n_PLACEHOLDER' tag.
manifests/base/jupyter-pytorch-notebook-imagestream.yaml
[error] 1-1: Codeflare-SDK version check failed. Expected '0.33', found 'Version: 0.32.2'.
[error] 1-1: Failed check for the 'odh-workbench-jupyter-pytorch-cuda-py312-ubi9-n_PLACEHOLDER' tag.
manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml
[error] 1-1: Codeflare-SDK version check failed. Expected '0.33', found 'Version: 0.32.2'.
[error] 1-1: Failed to process tag for the image stream 'odh-workbench-jupyter-pytorch-rocm-py312-ubi9-n_PLACEHOLDER' with image '2025.2'.
manifests/base/jupyter-tensorflow-notebook-imagestream.yaml
[error] 1-1: Codeflare-SDK version check failed. Expected '0.33', found 'Version: 0.32.2'.
[error] 1-1: Failed to process tag for the image stream 'odh-workbench-jupyter-tensorflow-cuda-py312-ubi9-n_PLACEHOLDER' on 2025.2.
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/ppc64le, false) / build
🔇 Additional comments (16)
jupyter/tensorflow/ubi9-python-3.12/pyproject.toml (1)
25-25: Consistent with PR objective.The codeflare-sdk version bump to 0.33.0 is consistent across pyproject.toml files. Ensure the verification request about Ray 2.52.0+ inclusion is addressed for this file as well.
jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1)
28-28: Consistent version bump.The codeflare-sdk update to 0.33.0 is consistent with other pyproject.toml files. The override and constraint dependencies do not conflict with this change. Ensure the Ray 2.52.0+ verification (raised for earlier files) applies here as well.
runtimes/tensorflow/ubi9-python-3.12/pyproject.toml (1)
25-25: Consistent version bump; Ray dependency verification required.The codeflare-sdk update to 0.33.0 is consistent across all pyproject.toml files in this PR. Ensure that the verification of Ray 2.52.0+ inclusion in codeflare-sdk 0.33.0 (raised earlier) confirms that CVE-2025-62593 is actually fixed.
jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml (1)
25-25: No action required—codeflare-sdk 0.33.0 pins Ray to 2.52.1, which includes the CVE-2025-62593 fix.The upgrade to codeflare-sdk 0.33.0 resolves the CVE concern: it requires Ray 2.52.1 as a pinned dependency, ensuring the RCE vulnerability (CVE-2025-62593 in Ray < 2.52.0) is mitigated.
manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1)
45-45: Remove this comment - the version issue does not exist in the current codebase.The pyproject.toml files correctly declare
codeflare-sdk~=0.33.0, and all imagestream manifests correctly declare Codeflare-SDK version0.33. No validation failures, version mismatches, or discrepancies with actual image versions (0.32.2 or otherwise) exist in the repository. The validation infrastructure (ci/check-software-versions.py) is present and configured, and the git history confirms a recent upgrade to 0.33.0. The claims of systematic build/version failures across manifests are not supported by any evidence in the codebase.Likely an incorrect or invalid review comment.
manifests/base/jupyter-datascience-notebook-imagestream.yaml (1)
39-39: The manifest is correct. Codeflare-SDK version 0.33 at line 39 reflects the intended release version for 2025.2, which was upgraded in commit42cb2d56to fix CVE-2025-62593. Then_PLACEHOLDERreference is a standard pattern in all imagestream manifests in this repository—both N and N-1 versions use placeholders that are resolved to actual image references (e.g.,2025b-v1.39tags) during the build process viaparams-latest.env. No evidence of a version mismatch or pipeline validation failure exists in the codebase. The manifest YAML syntax is valid and the declared versions are consistent with the repository's version management strategy.Likely an incorrect or invalid review comment.
manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1)
44-44: Metadata annotation update aligns with dependency bump.Codeflare-SDK version string in the 2025.2 image annotation is correctly updated from 0.32 to 0.33, reflecting the dependency upgrade. No validation errors reported for this file.
jupyter/pytorch/ubi9-python-3.12/pyproject.toml (1)
24-24: Dependency version constraint updated correctly.The codeflare-sdk constraint is properly updated from ~=0.32.1 to ~=0.33.0, following idiomatic Python versioning practices. The tilde constraint allows patch updates within 0.33.x.
jupyter/trustyai/ubi9-python-3.12/pyproject.toml (1)
43-43: Dependency version updated with platform guards preserved.The codeflare-sdk constraint is correctly bumped to ~=0.33.0 while preserving the platform_machine guards for ppc64le and s390x, maintaining existing architecture exclusions.
manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml (1)
45-45: Metadata annotation update aligns with dependency bump.Codeflare-SDK version is correctly updated from 0.32 to 0.33 in the notebook-python-dependencies annotation. No pipeline validation errors reported for this file.
runtimes/pytorch/ubi9-python-3.12/pyproject.toml (1)
23-23: Dependency version constraint updated correctly.The codeflare-sdk constraint is properly bumped from ~=0.32.1 to ~=0.33.0 with idiomatic tilde versioning for flexibility within the minor version.
jupyter/datascience/ubi9-python-3.12/pyproject.toml (1)
20-20: Dependency version updated with platform guards preserved.The codeflare-sdk constraint is correctly bumped to ~=0.33.0 while maintaining platform_machine guards for ppc64le and s390x. The version is available on PyPI as noted in PR comments.
manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1)
42-42: Codeflare-SDK version is correctly set to 0.33 in the manifest.Line 42 declares Codeflare-SDK version 0.33, which aligns with the 2025.2 image tag (N version). The previous version (2025.1, N-1) uses 0.30. The image reference uses PLACEHOLDER tokens for dynamic substitution at build time. No evidence of a version mismatch with version 0.32.2 exists in the repository.
Likely an incorrect or invalid review comment.
manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1)
44-44: All version specifications are correctly aligned to 0.33.0; no mismatch exists between manifest declaration and actual dependencies.The Codeflare-SDK version is consistently declared as 0.33.0 across all dependency files:
- Manifest annotation: 0.33
- pyproject.toml: codeflare-sdk~=0.33.0
- pylock.toml (locked dependencies): 0.33.0
The original review's claimed version mismatch (manifest declares 0.33 vs actual image contains 0.32.2) cannot be confirmed from the repository. All evidence shows the versions are properly synchronized. If a pipeline validation error reporting 0.32.2 occurred, it would require access to actual workflow execution logs to diagnose whether it was a timing issue, cache problem, or other transient condition. The current state shows no inconsistency.
Likely an incorrect or invalid review comment.
runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml (1)
28-28: Version constraint updated correctly.The codeflare-sdk dependency has been bumped from ~=0.32.1 to
=0.33.0 to address CVE-2025-62593. The compatible release constraint (=) is appropriate and maintains stability while allowing patch-level updates.runtimes/datascience/ubi9-python-3.12/pyproject.toml (1)
18-18: Version constraint updated correctly with platform guards preserved.The codeflare-sdk dependency has been bumped from ~=0.32.1 to ~=0.33.0 while correctly maintaining the platform guards (s390x and ppc64le exclusions). The PEP 508 environment marker syntax is valid.
| {"name": "PyMongo", "version": "4.15"}, | ||
| {"name": "Pyodbc", "version": "5.2"}, | ||
| {"name": "Codeflare-SDK", "version": "0.32"}, | ||
| {"name": "Codeflare-SDK", "version": "0.33"}, |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
# Check if the manifest file exists and view its content around line 42
fd "jupyter-rocm-tensorflow-notebook-imagestream.yaml" --type fRepository: opendatahub-io/notebooks
Length of output: 192
🏁 Script executed:
# Look for GitHub Actions workflow files
fd "\.github/workflows" --type f --extension yml --extension yamlRepository: opendatahub-io/notebooks
Length of output: 50
🏁 Script executed:
# Search for Codeflare-SDK version references
rg "Codeflare-SDK" -A 2 -B 2Repository: opendatahub-io/notebooks
Length of output: 8743
🏁 Script executed:
# View the test_main.py file to understand the validation logic
cat -n tests/test_main.py | head -100Repository: opendatahub-io/notebooks
Length of output: 5181
🏁 Script executed:
# Look for the specific test function that checks Codeflare-SDK
rg "test_main|def test" tests/test_main.py -A 5Repository: opendatahub-io/notebooks
Length of output: 1887
🏁 Script executed:
# Search for GitHub Actions workflow files
fd "workflows" --type dRepository: opendatahub-io/notebooks
Length of output: 50
🏁 Script executed:
# Check the structure of .github directory
find .github -type f -name "*.yml" -o -name "*.yaml" 2>/dev/null | head -20Repository: opendatahub-io/notebooks
Length of output: 875
🏁 Script executed:
# View the test_image_manifests_version_alignment function
rg "def test_image_manifests_version_alignment" tests/test_main.py -A 80Repository: opendatahub-io/notebooks
Length of output: 3361
🏁 Script executed:
# View the ignored_exceptions and understand version validation
rg "ignored_exceptions" tests/test_main.py -B 5 -A 10Repository: opendatahub-io/notebooks
Length of output: 3181
🏁 Script executed:
# Check the code-quality workflow
cat .github/workflows/code-quality.yamlRepository: opendatahub-io/notebooks
Length of output: 3998
Update ignored_exceptions in tests to include Codeflare-SDK 0.33 or revert the manifest version.
The manifest declares Codeflare-SDK version 0.33 on line 42, but the test test_image_manifests_version_alignment in tests/test_main.py only allows versions ("0.30", "0.29") in its ignored_exceptions list. This causes the test to fail with: Codeflare-SDK is allowed to have ('0.30', '0.29') but actually has ('0.33', '0.30'). Either add "0.33" to the allowed versions in ignored_exceptions if this version bump is intentional, or revert the manifest to use 0.30.
🤖 Prompt for AI Agents
In manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml around line
42 the manifest declares Codeflare-SDK version "0.33" but tests/tests_main.py's
test_image_manifests_version_alignment only allows ("0.30", "0.29") in
ignored_exceptions, causing the failure; either update tests/test_main.py to
include "0.33" in the ignored_exceptions tuple (preserve ordering/formatting to
match existing entries) if the bump is intended, or change the manifest entry
back to "0.30" to match current test expectations.
|
Hi Vath, I see that lot of the failure builds come from CPU flavors except one from tensorflow-cuda.
Lets reach out @kryanbeane if he has any insights
|
6 participants
RHAIENG-2200 : Fixed CVE-2025-62593 by bump codeflare-sdk@main from 0.32.1 to 0.33.0
Description
Discussion here: https://redhat-internal.slack.com/archives/C09UP5LF85P/p1764878306535259?thread_ts=1764875652.951929&cid=C09UP5LF85P
How Has This Been Tested?
Self checklist (all need to be checked):
make test(gmakeon macOS) before asking for reviewDockerfile.konfluxfiles should be done inodh/notebooksand automatically synced torhds/notebooks. For Konflux-specific changes, modifyDockerfile.konfluxfiles directly inrhds/notebooksas these require special attention in the downstream repository and flow to the upcoming RHOAI release.Merge criteria:
Summary by CodeRabbit
✏️ Tip: You can customize this high-level summary in your review settings.