fix(sec): upgrade paddlepaddle to 2.4.0 #7248

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Closed

ChengDaqi2023 wants to merge 1 commit into PaddlePaddle:develop from ChengDaqi2023:oscs_fix_ckmvceoau51vtpiu92ag

ChengDaqi2023 commented Oct 17, 2023

What happened？

There are 1 security vulnerabilities found in paddlepaddle 2.3.1

CVE-2022-46741

What did I do？

Upgrade paddlepaddle from 2.3.1 to 2.4.0 for vulnerability fix

What did you expect to happen？

Ideally, no insecure libs should be used.

How can we automate the detection of these types of issues?

By using the GitHub Actions configurations provided by murphysec, we can conduct automatic code security checks in our CI pipeline.

The specification of the pull request

PR Specification from OSCS


          update paddlepaddle 2.3.1 to 2.5.0rc0

1cceff4

paddle-bot bot commented Oct 17, 2023

Thanks for your contribution!

CLAassistant commented Oct 17, 2023

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

paddle-bot bot added the contributor label

codecov bot commented Oct 17, 2023 •

edited

Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 59.33%. Comparing base (dd9bec0) to head (1cceff4).
⚠️ Report is 1639 commits behind head on develop.

Additional details and impacted files

@@           Coverage Diff            @@
##           develop    #7248   +/-   ##
========================================
  Coverage    59.33%   59.33%           
========================================
  Files          567      567           
  Lines        83231    83231           
========================================
+ Hits         49381    49383    +2     
+ Misses       33850    33848    -2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

github-actions bot commented Dec 17, 2023

This Pull Request is stale because it has been open for 60 days with no activity. 当前Pull Request 60天内无活动，被标记为stale。

github-actions bot added the stale label

paddle-bot bot assigned wawltor

github-actions bot removed the stale label

github-actions bot commented Apr 27, 2024

This Pull Request is stale because it has been open for 60 days with no activity. 当前Pull Request 60天内无活动，被标记为stale。

github-actions bot added stale and removed stale labels

github-actions bot commented Jun 28, 2024

This Pull Request is stale because it has been open for 60 days with no activity. 当前Pull Request 60天内无活动，被标记为stale。

github-actions bot added stale and removed stale labels

github-actions bot commented Aug 28, 2024

This Pull Request is stale because it has been open for 60 days with no activity. 当前Pull Request 60天内无活动，被标记为stale。

github-actions bot added stale and removed stale labels

github-actions bot commented Oct 28, 2024

This Pull Request is stale because it has been open for 60 days with no activity. 当前Pull Request 60天内无活动，被标记为stale。

github-actions bot added stale and removed stale labels

github-actions bot commented Dec 29, 2024

This Pull Request is stale because it has been open for 60 days with no activity. 当前Pull Request 60天内无活动，被标记为stale。

github-actions bot added the stale label

paddle-bot bot closed this

paddle-bot bot commented Dec 30, 2025

Automatically closed by Paddle-bot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

contributor stale