Due to a vulnerability reported in PyTorch Lightning (Pull Request 11099) described in the National Vulnerability Database (CVE-2020-1747), Habana has released new PyTorch Docker images for our 1.2.0 SynapseAI® Software stack to address this issue. Since the fix has not officially been released yet by the PyTorch Lightning community, this new image is published without PyTorch Lightning and is available in the Habana Vault (here) and the Amazon ECR Public Gallery (here). No other changes were made to the Habana SynapseAI Software stack. Users who wish to continue using PyTorch Lightning may use the PyTorch Ubuntu18.04 Docker Images.
Each repository now contains this new docker image with the date “-20220127” attached to end of the Docker image name, users will simply update their existing docker pull and docker run commands with this new image, example below:
Original: docker pull vault.habana.ai/gaudi-docker/1.2.0/ubuntu20.05/habanalabs/pytorch-installer-1.10.0:1.2.0-585
New: docker pull vault.habana.ai/gaudi-docker/1.2.0/ubuntu20.05/habanalabs/pytorch-installer-1.10.0:1.2.0-585-20220127 (or :latest)
Please refer to the Setup and Installation guide for proper usage of Docker, including using Docker Runtime and the appropriate Docker Pull and Docker Run commands for the 1.2.0 SynapseAI Software Stack.