Please provide the following information when requesting support.
• Hardware (T4/V100/Xavier/Nano/etc) : T4
• Network Type : OCDNET
• TLT Version (Please run “tlt info --verbose” and share “docker_tag” here)
• Training spec file(If have, please share here)
• How to reproduce the issue ? (This is for errors. Please share the command line and the detailed log here.)
We have installed TAO toolkit 5.2 and can train model using the same. But our IT team found vulnerabilities in the server for older Pillow version.
One example is
| CVE-ID | Severity | CVSS Score | Package Name | Package Version | Package Path | Fix Version |
|---|---|---|---|---|---|---|
| CVE-2023-4863 | HIGH | 8.8 | Pillow | 10.0.0 | var/lib/docker/overlay2/c8ec67106bb0685a59826d79e27ad4ad70c519846e4acd9efb528070750b9d02/diff/usr/local/lib/python3.10/dist-packages/Pillow-10.0.0.dist-info/METADATA | 10.0.1 |
But these Pillow versions coming from the docker containers; so how can we get them upgraded to 10.0.1 version?
2 posts - 2 participants