From 9933a9046a659a82b4bbed175ec45eafeff6d788 Mon Sep 17 00:00:00 2001 From: Harmen Stoppels Date: Mon, 17 Oct 2022 12:39:16 +0200 Subject: [PATCH] py-tensorflow-hub: zlib, again. (#33359) --- ...VE-use-fossils-url-which-is-more-sta.patch | 29 +++++++++++++++++++ .../packages/py-tensorflow-hub/package.py | 7 ++--- 2 files changed, 31 insertions(+), 5 deletions(-) create mode 100644 var/spack/repos/builtin/packages/py-tensorflow-hub/0001-zlib-bump-over-CVE-use-fossils-url-which-is-more-sta.patch diff --git a/var/spack/repos/builtin/packages/py-tensorflow-hub/0001-zlib-bump-over-CVE-use-fossils-url-which-is-more-sta.patch b/var/spack/repos/builtin/packages/py-tensorflow-hub/0001-zlib-bump-over-CVE-use-fossils-url-which-is-more-sta.patch new file mode 100644 index 0000000000..c552390eaa --- /dev/null +++ b/var/spack/repos/builtin/packages/py-tensorflow-hub/0001-zlib-bump-over-CVE-use-fossils-url-which-is-more-sta.patch @@ -0,0 +1,29 @@ +From e5a889202143ccc5a6d126197e86ee138307cbc4 Mon Sep 17 00:00:00 2001 +From: Harmen Stoppels +Date: Mon, 17 Oct 2022 09:52:27 +0200 +Subject: [PATCH] zlib: bump over CVE, use fossils url which is more stable + +--- + WORKSPACE | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/WORKSPACE b/WORKSPACE +index 495ed63..36d730b 100644 +--- a/WORKSPACE ++++ b/WORKSPACE +@@ -29,9 +29,9 @@ git_repository( + http_archive( + name = "zlib", + build_file = "@com_google_protobuf//:third_party/zlib.BUILD", +- sha256 = "c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1", +- strip_prefix = "zlib-1.2.11", +- urls = ["https://zlib.net/zlib-1.2.11.tar.gz"], ++ sha256 = "b3a24de97a8fdbc835b9833169501030b8977031bcb54b3b3ac13740f846ab30", ++ strip_prefix = "zlib-1.2.13", ++ urls = ["https://zlib.net/fossils/zlib-1.2.13.tar.gz"], + ) + + # Required by protobuf 3.8.0. +-- +2.37.0 + diff --git a/var/spack/repos/builtin/packages/py-tensorflow-hub/package.py b/var/spack/repos/builtin/packages/py-tensorflow-hub/package.py index 2ec9bc6519..58cf70414c 100644 --- a/var/spack/repos/builtin/packages/py-tensorflow-hub/package.py +++ b/var/spack/repos/builtin/packages/py-tensorflow-hub/package.py @@ -30,11 +30,8 @@ class PyTensorflowHub(Package): depends_on("py-numpy@1.12.0:", type=("build", "run")) depends_on("py-protobuf@3.8.0:", type=("build", "run")) - patch( - "https://github.com/tensorflow/hub/commit/049192a7edd3e80eebf1735b93f57c7965381bdb.patch?full_index=1", - sha256="c8b59d17511a8ebd2a58717723b9b77514a12b43bb2e6acec6d0c1062df6e457", - when="@:0.12", - ) + # Deal with vendored zlib. + patch("0001-zlib-bump-over-CVE-use-fossils-url-which-is-more-sta.patch", when="@:0.12") def install(self, spec, prefix): tmp_path = tempfile.mkdtemp(prefix="spack")