Debian Package Tracker
Register | Log in
Subscribe

keras

Choose email to subscribe with

general
  • source: keras (main)
  • version: 2.3.1+dfsg-3
  • maintainer: Debian Science Maintainers (archive) (DMD)
  • uploaders: Stephen Sinclair [DMD]
  • arch: all
  • std-ver: 4.5.0
  • VCS: Git (Browse)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 2.3.1+dfsg-3
versioned links
  • 2.3.1+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • python3-keras
package is gone
This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.
action needed
Debci reports failed tests high
  • unstable: fail (log)
    The tests ran in 0:00:54
    Last run: 2024-11-30T17:30:48.000Z
    Previous status: unknown

  • testing: fail (log)
    The tests ran in 0:00:57
    Last run: 2023-02-26T17:12:49.000Z
    Previous status: unknown

  • stable: pass (log)
    The tests ran in 0:00:54
    Last run: 2023-05-23T07:16:00.000Z
    Previous status: unknown

Created: 2023-01-23 Last update: 2025-10-18 06:02
4 security issues in bullseye high

There are 4 open security issues in bullseye.

1 important issue:
  • CVE-2025-49655: Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a TorchModuleWrapper class to run arbitrary code on an end user’s system when loaded despite safe mode being enabled. The vulnerability can be triggered through both local and remote files.
3 issues postponed or untriaged:
  • CVE-2024-3660: (postponed; to be fixed through a stable update) A arbitrary code injection vulnerability in TensorFlow's Keras framework (<2.13) allows attackers to execute arbitrary code with the same permissions as the application using a model that allow arbitrary code irrespective of the application.
  • CVE-2025-9906: (postponed; to be fixed through a stable update) The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .keras model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special config.json (a file within the .keras archive) that will invoke keras.config.enable_unsafe_deserialization() to disable safe mode. Once safe mode is disable, one can use the Lambda layer feature of keras, which allows arbitrary Python code in the form of pickled code. Both can appear in the same archive. Simply the keras.config.enable_unsafe_deserialization() needs to appear first in the archive and the Lambda with arbitrary code needs to be second.
  • CVE-2024-55459: (postponed; to be fixed through a stable update) An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.
Created: 2025-10-17 Last update: 2025-10-18 06:01
RFP: There is a request to reintroduce this package. normal
The WNPP database contains an RFP (Request For Package). This probably means that somebody would like to see this package reintroduced into unstable by a volunteer. Please see bug number #1096196 for more information.
Created: 2025-02-17 Last update: 2025-02-17 14:31
news
[rss feed]
  • [2024-11-11] Removed 2.3.1+dfsg2-1 from unstable (Debian FTP Masters)
  • [2023-03-06] keras REMOVED from testing (Debian testing watch)
  • [2022-09-25] keras 2.3.1+dfsg2-1 MIGRATED to testing (Debian testing watch)
  • [2022-09-22] Accepted keras 2.3.1+dfsg2-1 (source) into unstable (Stephen Sinclair) (signed by: bage@debian.org)
  • [2022-04-15] keras REMOVED from testing (Debian testing watch)
  • [2020-07-15] keras 2.3.1+dfsg-3 MIGRATED to testing (Debian testing watch)
  • [2020-07-12] Accepted keras 2.3.1+dfsg-3 (source) into unstable (Stephen Sinclair) (signed by: Bart Martens)
  • [2020-07-02] keras 2.3.1+dfsg-2 MIGRATED to testing (Debian testing watch)
  • [2020-06-29] Accepted keras 2.3.1+dfsg-2 (source) into unstable (Stephen Sinclair) (signed by: Bart Martens)
  • [2020-04-17] keras 2.3.1+dfsg-1 MIGRATED to testing (Debian testing watch)
  • [2020-04-14] Accepted keras 2.3.1+dfsg-1 (source) into unstable (Stephen Sinclair) (signed by: Anton Gladky)
  • [2020-04-09] keras REMOVED from testing (Debian testing watch)
  • [2019-01-20] keras 2.2.4-1 MIGRATED to testing (Debian testing watch)
  • [2019-01-18] Accepted keras 2.2.4-1 (source all) into unstable (Daniel Stender)
  • [2018-05-21] keras REMOVED from testing (Debian testing watch)
  • [2018-04-02] keras 2.1.5-2 MIGRATED to testing (Debian testing watch)
  • [2018-03-27] Accepted keras 2.1.5-2 (source all) into unstable (Daniel Stender)
  • [2018-03-25] keras 2.1.5-1 MIGRATED to testing (Debian testing watch)
  • [2018-03-19] Accepted keras 2.1.5-1 (source all) into unstable (Daniel Stender)
  • [2018-01-02] keras 2.1.1-1 MIGRATED to testing (Debian testing watch)
  • [2017-12-27] Accepted keras 2.1.1-1 (source all) into unstable, unstable (Daniel Stender)
  • [2017-11-07] keras 1.0.7-2 MIGRATED to testing (Debian testing watch)
  • [2017-11-01] Accepted keras 1.0.7-2 (source all) into unstable (Daniel Stender)
  • [2016-08-18] Accepted keras 1.0.7-1 (source all) into experimental, experimental (Daniel Stender)
bugs [bug history graph]
  • all: 0
links
  • homepage
  • buildd: logs
  • popcon
  • edit tags
  • security tracker
  • debci

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing