Fix numpy vulnerability: CVE-2021-33430

gigony · gigony · commit 47625db975f7 · 2022-01-25T16:08:05.000-08:00
Signed-off-by: Gigon Bae &lt;gbae@nvidia.com&gt;
diff --git a/docs/requirements.txt b/docs/requirements.txt
@@ -1,7 +1,7 @@
 Sphinx==4.1.2
 sphinx-autobuild==2021.3.14
 myst-parser==0.15.2
-numpy==1.19.5
+numpy==1.21  # CVE-2021-33430
 matplotlib==3.3.4
 ipywidgets==7.6.4
 pandas==1.1.5
diff --git a/examples/apps/ai_livertumor_seg_app/livertumor_seg_operator.py b/examples/apps/ai_livertumor_seg_app/livertumor_seg_operator.py
@@ -34,7 +34,7 @@
 @md.input("image", Image, IOType.IN_MEMORY)
 @md.output("seg_image", Image, IOType.IN_MEMORY)
 @md.output("saved_images_folder", DataPath, IOType.DISK)
-@md.env(pip_packages=["monai==0.6.0", "torch>=1.5", "numpy>=1.20", "nibabel"])
+@md.env(pip_packages=["monai==0.6.0", "torch>=1.5", "numpy>=1.21", "nibabel"])
 class LiverTumorSegOperator(Operator):
     """Performs liver and tumor segmentation using a DL model with an image converted from a DICOM CT series.
 
diff --git a/examples/apps/ai_spleen_seg_app/spleen_seg_operator.py b/examples/apps/ai_spleen_seg_app/spleen_seg_operator.py
@@ -34,7 +34,7 @@
 
 @md.input("image", Image, IOType.IN_MEMORY)
 @md.output("seg_image", Image, IOType.IN_MEMORY)
-@md.env(pip_packages=["monai==0.6.0", "torch>=1.5", "numpy>=1.20", "nibabel"])
+@md.env(pip_packages=["monai==0.6.0", "torch>=1.5", "numpy>=1.21", "nibabel"])
 class SpleenSegOperator(Operator):
     """Performs Spleen segmentation with a 3D image converted from a DICOM CT series.
 
diff --git a/examples/apps/ai_unetr_seg_app/unetr_seg_operator.py b/examples/apps/ai_unetr_seg_app/unetr_seg_operator.py
@@ -35,7 +35,7 @@
 @md.input("image", Image, IOType.IN_MEMORY)
 @md.output("seg_image", Image, IOType.IN_MEMORY)
 @md.output("saved_images_folder", DataPath, IOType.DISK)
-@md.env(pip_packages=["monai==0.6.0", "torch>=1.5", "numpy>=1.20", "nibabel"])
+@md.env(pip_packages=["monai==0.6.0", "torch>=1.5", "numpy>=1.21", "nibabel"])
 class UnetrSegOperator(Operator):
     """Performs multi-organ segmentation using UNETR model with an image converted from a DICOM CT series.
 
diff --git a/examples/apps/deply_app_on_aarch64_interim.md b/examples/apps/deply_app_on_aarch64_interim.md
@@ -31,7 +31,7 @@ Without using the MONAI Deploy App SDK Packager to automatically detect the depe
 monai>=0.6.0
 monai-deploy-app-sdk>=0.1.0
 nibabel
-numpy>=1.20
+numpy>=1.21
 pydicom>=1.4.2
 torch>=1.5
 ```
diff --git a/monai/deploy/operators/monai_seg_inference_operator.py b/monai/deploy/operators/monai_seg_inference_operator.py
@@ -43,7 +43,7 @@
 
 @md.input("image", Image, IOType.IN_MEMORY)
 @md.output("seg_image", Image, IOType.IN_MEMORY)
-@md.env(pip_packages=["monai==0.6.0", "torch>=1.5", "numpy>=1.20"])
+@md.env(pip_packages=["monai==0.6.0", "torch>=1.5", "numpy>=1.21"])
 class MonaiSegInferenceOperator(InferenceOperator):
     """This segmentation operator uses MONAI transforms and Sliding Window Inference.
 
diff --git a/monai/deploy/packager/templates.py b/monai/deploy/packager/templates.py
@@ -12,7 +12,7 @@
 COMMON_FOOTPRINT = """
     USER root
 
-    RUN pip install --no-cache-dir --upgrade setuptools==57.4.0 pip==21.2.4 wheel==0.37.0 monai-deploy-app-sdk==0.2.0
+    RUN pip install --no-cache-dir --upgrade setuptools==57.4.0 pip==21.2.4 wheel==0.37.0 numpy>=1.21
 
     RUN mkdir -p /etc/monai/ \\
      && mkdir -p /opt/monai/ \\
diff --git a/notebooks/tutorials/03_segmentation_app.ipynb b/notebooks/tutorials/03_segmentation_app.ipynb
@@ -99,7 +99,7 @@
     "# Install MONAI and other necessary image processing packages for the application\n",
     "!python -c \"import monai\" || pip install -q \"monai\"\n",
     "!python -c \"import torch\" || pip install -q \"torch>=1.5\"\n",
-    "!python -c \"import numpy\" || pip install -q \"numpy>=1.20\"\n",
+    "!python -c \"import numpy\" || pip install -q \"numpy>=1.21\"\n",
     "!python -c \"import nibabel\" || pip install -q \"nibabel>=3.2.1\"\n",
     "!python -c \"import pydicom\" || pip install -q \"pydicom>=1.4.2\"\n",
     "!python -c \"import SimpleITK\" || pip install -q \"SimpleITK>=2.0.0\"\n",
@@ -747,7 +747,7 @@
    "source": [
     "@md.input(\"image\", Image, IOType.IN_MEMORY)\n",
     "@md.output(\"seg_image\", Image, IOType.IN_MEMORY)\n",
-    "@md.env(pip_packages=[\"monai==0.6.0\", \"torch>=1.5\", \"numpy>=1.20\", \"nibabel\"])\n",
+    "@md.env(pip_packages=[\"monai==0.6.0\", \"torch>=1.5\", \"numpy>=1.21\", \"nibabel\"])\n",
     "class SpleenSegOperator(Operator):\n",
     "    \"\"\"Performs Spleen segmentation with a 3D image converted from a DICOM CT series.\n",
     "    \"\"\"\n",
@@ -1069,7 +1069,7 @@
     "\n",
     "@md.input(\"image\", Image, IOType.IN_MEMORY)\n",
     "@md.output(\"seg_image\", Image, IOType.IN_MEMORY)\n",
-    "@md.env(pip_packages=[\"monai==0.6.0\", \"torch>=1.5\", \"numpy>=1.20\", \"nibabel\", \"typeguard\"])\n",
+    "@md.env(pip_packages=[\"monai==0.6.0\", \"torch>=1.5\", \"numpy>=1.21\", \"nibabel\", \"typeguard\"])\n",
     "class SpleenSegOperator(Operator):\n",
     "    \"\"\"Performs Spleen segmentation with a 3D image converted from a DICOM CT series.\n",
     "    \"\"\"\n",
diff --git a/notebooks/tutorials/05_full_tutorial.ipynb b/notebooks/tutorials/05_full_tutorial.ipynb
@@ -89,7 +89,7 @@
     "# Install MONAI and other necessary image processing packages for the application\n",
     "!python -c \"import monai\" || pip install -q \"monai\"\n",
     "!python -c \"import torch\" || pip install -q \"torch>=1.5\"\n",
-    "!python -c \"import numpy\" || pip install -q \"numpy>=1.20\"\n",
+    "!python -c \"import numpy\" || pip install -q \"numpy>=1.21\"\n",
     "!python -c \"import nibabel\" || pip install -q \"nibabel>=3.2.1\"\n",
     "!python -c \"import pydicom\" || pip install -q \"pydicom>=1.4.2\"\n",
     "!python -c \"import SimpleITK\" || pip install -q \"SimpleITK>=2.0.0\"\n",
@@ -739,7 +739,7 @@
    "source": [
     "@md.input(\"image\", Image, IOType.IN_MEMORY)\n",
     "@md.output(\"seg_image\", Image, IOType.IN_MEMORY)\n",
-    "@md.env(pip_packages=[\"monai==0.6.0\", \"torch>=1.5\", \"numpy>=1.20\", \"nibabel\"])\n",
+    "@md.env(pip_packages=[\"monai==0.6.0\", \"torch>=1.5\", \"numpy>=1.21\", \"nibabel\"])\n",
     "class SpleenSegOperator(Operator):\n",
     "    \"\"\"Performs Spleen segmentation with a 3D image converted from a DICOM CT series.\n",
     "    \"\"\"\n",
@@ -1017,7 +1017,7 @@
     "\n",
     "@md.input(\"image\", Image, IOType.IN_MEMORY)\n",
     "@md.output(\"seg_image\", Image, IOType.IN_MEMORY)\n",
-    "@md.env(pip_packages=[\"monai==0.6.0\", \"torch>=1.5\", \"numpy>=1.20\", \"nibabel\", \"typeguard\"])\n",
+    "@md.env(pip_packages=[\"monai==0.6.0\", \"torch>=1.5\", \"numpy>=1.21\", \"nibabel\", \"typeguard\"])\n",
     "class SpleenSegOperator(Operator):\n",
     "    \"\"\"Performs Spleen segmentation with a 3D image converted from a DICOM CT series.\n",
     "    \"\"\"\n",
diff --git a/requirements.txt b/requirements.txt
@@ -1,4 +1,4 @@
-numpy>=1.17
+numpy>=1.21  # CVE-2021-33430
 networkx>=2.4
 colorama>=0.4.1
 typeguard>=2.12.1
diff --git a/setup.cfg b/setup.cfg
@@ -23,7 +23,7 @@ python_requires = >= 3.7
 # setup_requires =
 #     cucim
 install_requires =
-    numpy>=1.17
+    numpy>=1.21  # CVE-2021-33430
     networkx>=2.4
     colorama>=0.4.1
     typeguard>=2.12.1
