Lines Matching +full:- +full:- +full:fixes
27 # Bug Fixes and Other Changes
78 …xperimental/SharpnessAwareMinimization). This class implements the sharpness-aware minimization te…
82 …* Added support for cross-trainer data caching in tf.data service. This saves computation resour…
91 …mptionCheckpointHandler) to handle worker preemption/maintenance and cluster-wise consistent error…
95 … to 100 times depending on the size of k. When running on CPU and GPU, a non-optimized XLA kernel …
109 ## Bug Fixes and Other Changes
117 …inistically (and `tf.errors.UnimplementedError` is no longer thrown) when op-determinism has been …
141 …-Review-Doctor, DEKHTIARJonathan, Deven Desai, Djacon, Duncan Riach, fedotoff, fo40225, Frederic B…
163 …ers should switch to [TensorFlow Decision Forests](https://github.com/tensorflow/decision-forests).
166 …eels now specifically conform to [manylinux2014](https://peps.python.org/pep-0599/), an upgrade fr…
167 … Forum thread](https://discuss.tensorflow.org/t/tensorflow-linux-wheels-are-being-upgraded-to-many…
168 * The `tf.keras.mixed_precision.experimental` API has been removed. The non-experimental symbols …
169 …* The non-experimental API has some minor differences from the experimental API. In most cases, yo…
171 …he experimental symbol `set_policy` was renamed to `set_global_policy` in the non-experimental API.
173 …* In the following rare cases, you need to make more changes when switching to the non-experimenta…
175 … details on the differences, which has examples on how to convert to the non-experimental LossScal…
177 …le, the optimizer would be wrapped with a `LossScaleOptimizer`. With the non-experimental `Policy`…
178 …* If you use the very rarely-used function `tf.keras.mixed_precision.experimental.get_layer_policy…
180 …symbols were very rarely used and were only useful in TF2 for use in the now-removed `tf.keras.mix…
209 optimal in a non-interactive environment, where you don't have access to
225 * Added DTensor-related Keras APIs under `tf.keras.dtensor` namespace. The
237 * Add nominal support for unsigned 16-bit integer tensor types. Note that
240 * Add support for unsigned 16-bit integer tensor types in cast op.
243 * Enabled a new MLIR-based dynamic range quantization backend by default
244 * The new backend is used for post-training int8 dynamic range
245 quantization and post-training float16 quantization.
273 * A roughly 5us per-op overhead may be observed when running many
283 large-scale modeling with minimal changes to user code. You are welcome to
284 try it out, though be aware that the DTensor API is experimental and up-to
285 backward-incompatible changes. DTensor and Keras integration is published
290 …imizations](https://github.com/tensorflow/community/blob/master/rfcs/20210930-enable-onednn-ops.md)
295 neural-network-focused hardware features such as AVX512_VNNI,
297 …Cascade Lake](https://www.intel.com/content/www/us/en/products/platforms/details/cascade-lake.html)
299 …ce speedups.](https://medium.com/intel-analytics-software/leverage-intel-deep-learning-optimizatio…
302 * **Linux aach64 (`--config=mkl_aarch64`) package:**
312 when they are off due to floating-point round-off errors from different
318 ## Bug Fixes and Other Changes
336 * Fixes a code injection in `saved_model_cli` ([CVE-2022-29216](https://cve.mitre.org/cgi-bin/cve…
337 * Fixes a missing validation which causes `TensorSummaryV2` to crash ([CVE-2022-29193](https://cv…
338 * Fixes a missing validation which crashes `QuantizeAndDequantizeV4Grad` ([CVE-2022-29192](https:…
339 …Fixes a missing validation which causes denial of service via `DeleteSessionTensor` ([CVE-2022-291…
340 …Fixes a missing validation which causes denial of service via `GetSessionTensor` ([CVE-2022-29191]…
341 … Fixes a missing validation which causes denial of service via `StagePeek` ([CVE-2022-29195](http…
342 …Fixes a missing validation which causes denial of service via `UnsortedSegmentJoin` ([CVE-2022-291…
343 …Fixes a missing validation which causes denial of service via `LoadAndRemapMatrix` ([CVE-2022-2919…
344 …Fixes a missing validation which causes denial of service via `SparseTensorToCSRSparseMatrix` ([CV…
345 …Fixes a missing validation which causes denial of service via `LSTMBlockCell` ([CVE-2022-29200](ht…
346 …Fixes a missing validation which causes denial of service via `Conv3DBackpropFilterV2` ([CVE-2022-…
347 * Fixes a `CHECK` failure in depthwise ops via overflows ([CVE-2021-41197](https://cve.mitre.org/…
348 …Fixes issues arising from undefined behavior stemming from users supplying invalid resource handle…
349 * Fixes a segfault due to missing support for quantized types ([CVE-2022-29205](https://cve.mitre…
350 …Fixes a missing validation which results in undefined behavior in `SparseTensorDenseAdd` ([CVE-202…
351 …Fixes a missing validation which results in undefined behavior in `QuantizedConv2D` ([CVE-2022-292…
352 * Fixes an integer overflow in `SpaceToBatchND` ([CVE-2022-29203](https://cve.mitre.org/cgi-bin/c…
353 …Fixes a segfault and OOB write due to incomplete validation in `EditDistance` ([CVE-2022-29208](ht…
354 …Fixes a missing validation which causes denial of service via `Conv3DBackpropFilterV2` ([CVE-2022-…
355 … Fixes a denial of service in `tf.ragged.constant` due to lack of validation ([CVE-2022-29202](htt…
356 … Fixes a segfault when `tf.histogram_fixed_width` is called with NaN values ([CVE-2022-29211](htt…
357 * Fixes a core dump when loading TFLite models with quantization ([CVE-2022-29212](https://cve.mi…
358 * Fixes crashes stemming from incomplete validation in signal ops ([CVE-2022-29213](https://cve.m…
359 … Fixes a type confusion leading to `CHECK`-failure based denial of service ([CVE-2022-29209](http…
360 * Fixes a heap buffer overflow due to incorrect hash function ([CVE-2022-29210](https://cve.mitre…
361 …-2022-22576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=VE-2022-22576), ([CVE-2022-27774](http…
362 ….2.11` was pulled due to [security issue](https://www.openwall.com/lists/oss-security/2022/03/28/1)
368 …-Service, DEKHTIARJonathan, Deven Desai, Duncan Riach, Eric Kunze, Everton Constantino, Faruk D, F…
372 This releases introduces several vulnerability fixes:
374 * Fixes a code injection in `saved_model_cli` ([CVE-2022-29216](https://cve.mitre.org/cgi-bin/cve…
375 * Fixes a missing validation which causes `TensorSummaryV2` to crash ([CVE-2022-29193](https://cv…
376 * Fixes a missing validation which crashes `QuantizeAndDequantizeV4Grad` ([CVE-2022-29192](https:…
377 …Fixes a missing validation which causes denial of service via `DeleteSessionTensor` ([CVE-2022-291…
378 …Fixes a missing validation which causes denial of service via `GetSessionTensor` ([CVE-2022-29191]…
379 … Fixes a missing validation which causes denial of service via `StagePeek` ([CVE-2022-29195](http…
380 …Fixes a missing validation which causes denial of service via `UnsortedSegmentJoin` ([CVE-2022-291…
381 …Fixes a missing validation which causes denial of service via `LoadAndRemapMatrix` ([CVE-2022-2919…
382 …Fixes a missing validation which causes denial of service via `SparseTensorToCSRSparseMatrix` ([CV…
383 …Fixes a missing validation which causes denial of service via `LSTMBlockCell` ([CVE-2022-29200](ht…
384 …Fixes a missing validation which causes denial of service via `Conv3DBackpropFilterV2` ([CVE-2022-…
385 * Fixes a `CHECK` failure in depthwise ops via overflows ([CVE-2021-41197](https://cve.mitre.org/…
386 …Fixes issues arising from undefined behavior stemming from users supplying invalid resource handle…
387 * Fixes a segfault due to missing support for quantized types ([CVE-2022-29205](https://cve.mitre…
388 …Fixes a missing validation which results in undefined behavior in `SparseTensorDenseAdd` ([CVE-202…
389 …Fixes a missing validation which results in undefined behavior in `QuantizedConv2D` ([CVE-2022-292…
390 * Fixes an integer overflow in `SpaceToBatchND` ([CVE-2022-29203](https://cve.mitre.org/cgi-bin/c…
391 …Fixes a segfault and OOB write due to incomplete validation in `EditDistance` ([CVE-2022-29208](ht…
392 …Fixes a missing validation which causes denial of service via `Conv3DBackpropFilterV2` ([CVE-2022-…
393 … Fixes a denial of service in `tf.ragged.constant` due to lack of validation ([CVE-2022-29202](htt…
394 … Fixes a segfault when `tf.histogram_fixed_width` is called with NaN values ([CVE-2022-29211](htt…
395 * Fixes a core dump when loading TFLite models with quantization ([CVE-2022-29212](https://cve.mi…
396 * Fixes crashes stemming from incomplete validation in signal ops ([CVE-2022-29213](https://cve.m…
397 … Fixes a type confusion leading to `CHECK`-failure based denial of service ([CVE-2022-29209](http…
398 * Fixes a heap buffer overflow due to incorrect hash function ([CVE-2022-29210](https://cve.mitre…
399 …-2022-22576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=VE-2022-22576), ([CVE-2022-27774](http…
400 ….2.11` was pulled due to [security issue](https://www.openwall.com/lists/oss-security/2022/03/28/1)
403 This releases introduces several vulnerability fixes:
405 * Fixes a code injection in `saved_model_cli` ([CVE-2022-29216](https://cve.mitre.org/cgi-bin/cve…
406 * Fixes a missing validation which causes `TensorSummaryV2` to crash ([CVE-2022-29193](https://cv…
407 * Fixes a missing validation which crashes `QuantizeAndDequantizeV4Grad` ([CVE-2022-29192](https:…
408 …Fixes a missing validation which causes denial of service via `DeleteSessionTensor` ([CVE-2022-291…
409 …Fixes a missing validation which causes denial of service via `GetSessionTensor` ([CVE-2022-29191]…
410 … Fixes a missing validation which causes denial of service via `StagePeek` ([CVE-2022-29195](http…
411 …Fixes a missing validation which causes denial of service via `UnsortedSegmentJoin` ([CVE-2022-291…
412 …Fixes a missing validation which causes denial of service via `LoadAndRemapMatrix` ([CVE-2022-2919…
413 …Fixes a missing validation which causes denial of service via `SparseTensorToCSRSparseMatrix` ([CV…
414 …Fixes a missing validation which causes denial of service via `LSTMBlockCell` ([CVE-2022-29200](ht…
415 …Fixes a missing validation which causes denial of service via `Conv3DBackpropFilterV2` ([CVE-2022-…
416 * Fixes a `CHECK` failure in depthwise ops via overflows ([CVE-2021-41197](https://cve.mitre.org/…
417 …Fixes issues arising from undefined behavior stemming from users supplying invalid resource handle…
418 * Fixes a segfault due to missing support for quantized types ([CVE-2022-29205](https://cve.mitre…
419 …Fixes a missing validation which results in undefined behavior in `SparseTensorDenseAdd` ([CVE-202…
420 …Fixes a missing validation which results in undefined behavior in `QuantizedConv2D` ([CVE-2022-292…
421 * Fixes an integer overflow in `SpaceToBatchND` ([CVE-2022-29203](https://cve.mitre.org/cgi-bin/c…
422 …Fixes a segfault and OOB write due to incomplete validation in `EditDistance` ([CVE-2022-29208](ht…
423 …Fixes a missing validation which causes denial of service via `Conv3DBackpropFilterV2` ([CVE-2022-…
424 … Fixes a denial of service in `tf.ragged.constant` due to lack of validation ([CVE-2022-29202](htt…
425 … Fixes a segfault when `tf.histogram_fixed_width` is called with NaN values ([CVE-2022-29211](htt…
426 * Fixes a core dump when loading TFLite models with quantization ([CVE-2022-29212](https://cve.mi…
427 * Fixes crashes stemming from incomplete validation in signal ops ([CVE-2022-29213](https://cve.m…
428 … Fixes a type confusion leading to `CHECK`-failure based denial of service ([CVE-2022-29209](http…
429 …-2022-22576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=VE-2022-22576), ([CVE-2022-27774](http…
430 ….2.11` was pulled due to [security issue](https://www.openwall.com/lists/oss-security/2022/03/28/1)
434 This releases introduces several vulnerability fixes:
436 * Fixes a code injection in `saved_model_cli` ([CVE-2022-29216](https://cve.mitre.org/cgi-bin/cve…
437 * Fixes a missing validation which causes `TensorSummaryV2` to crash ([CVE-2022-29193](https://cv…
438 * Fixes a missing validation which crashes `QuantizeAndDequantizeV4Grad` ([CVE-2022-29192](https:…
439 …Fixes a missing validation which causes denial of service via `DeleteSessionTensor` ([CVE-2022-291…
440 …Fixes a missing validation which causes denial of service via `GetSessionTensor` ([CVE-2022-29191]…
441 … Fixes a missing validation which causes denial of service via `StagePeek` ([CVE-2022-29195](http…
442 …Fixes a missing validation which causes denial of service via `UnsortedSegmentJoin` ([CVE-2022-291…
443 …Fixes a missing validation which causes denial of service via `LoadAndRemapMatrix` ([CVE-2022-2919…
444 …Fixes a missing validation which causes denial of service via `SparseTensorToCSRSparseMatrix` ([CV…
445 …Fixes a missing validation which causes denial of service via `LSTMBlockCell` ([CVE-2022-29200](ht…
446 …Fixes a missing validation which causes denial of service via `Conv3DBackpropFilterV2` ([CVE-2022-…
447 * Fixes a `CHECK` failure in depthwise ops via overflows ([CVE-2021-41197](https://cve.mitre.org/…
448 …Fixes issues arising from undefined behavior stemming from users supplying invalid resource handle…
449 * Fixes a segfault due to missing support for quantized types ([CVE-2022-29205](https://cve.mitre…
450 …Fixes a missing validation which results in undefined behavior in `SparseTensorDenseAdd` ([CVE-202…
451 …Fixes a missing validation which results in undefined behavior in `QuantizedConv2D` ([CVE-2022-292…
452 * Fixes an integer overflow in `SpaceToBatchND` ([CVE-2022-29203](https://cve.mitre.org/cgi-bin/c…
453 …Fixes a segfault and OOB write due to incomplete validation in `EditDistance` ([CVE-2022-29208](ht…
454 …Fixes a missing validation which causes denial of service via `Conv3DBackpropFilterV2` ([CVE-2022-…
455 … Fixes a denial of service in `tf.ragged.constant` due to lack of validation ([CVE-2022-29202](htt…
456 … Fixes a segfault when `tf.histogram_fixed_width` is called with NaN values ([CVE-2022-29211](htt…
457 * Fixes a core dump when loading TFLite models with quantization ([CVE-2022-29212](https://cve.mi…
458 * Fixes crashes stemming from incomplete validation in signal ops ([CVE-2022-29213](https://cve.m…
459 … Fixes a type confusion leading to `CHECK`-failure based denial of service ([CVE-2022-29209](http…
460 …-2022-22576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=VE-2022-22576), ([CVE-2022-27774](http…
461 ….2.11` was pulled due to [security issue](https://www.openwall.com/lists/oss-security/2022/03/28/1)
488 outputs a summary of the inference converted by TF-TRT. It namely shows
509 deprecated. The "Bug Fixes and Other Changes" section lists more
510 determinism-related changes.
513 …[PluggableDevice](https://blog.tensorflow.org/2021/06/pluggabledevice-device-plugins-for-TensorFlo…
515 …ttps://github.com/tensorflow/community/blob/master/rfcs/20210513-pluggable-profiler-for-tensorflow…
517 ## Bug Fixes and Other Changes
522 modify one transformation to run non-deterministically, leaving other
541 TF2 by enabling tracking of nested keras models created in TF1-style,
583 * `jit_compile` added to `Model.compile()` on an opt-in basis to compile
591 that nondeterministic out-of-memory events while selecting algorithms
615 * Add determinism-unimplemented exception-throwing to the following ops.
616 When op-determinism is expected (i.e. after
642 * (since v2.7) The random-number-generating ops in the `tf.random`
647 * TensorFlow-oneDNN no longer supports
657 [TensorFlow Decision Forests](https://github.com/tensorflow/decision-forests).
663 * Fixes a floating point division by 0 when executing convolution operators
664 ([CVE-2022-21725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21725))
665 * Fixes a heap OOB read in shape inference for `ReverseSequence`
666 ([CVE-2022-21728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21728))
667 * Fixes a heap OOB access in `Dequantize`
668 ([CVE-2022-21726](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21726))
669 * Fixes an integer overflow in shape inference for `Dequantize`
670 ([CVE-2022-21727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21727))
671 * Fixes a heap OOB access in `FractionalAvgPoolGrad`
672 ([CVE-2022-21730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21730))
673 * Fixes an overflow and divide by zero in `UnravelIndex`
674 ([CVE-2022-21729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21729))
675 * Fixes a type confusion in shape inference for `ConcatV2`
676 ([CVE-2022-21731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21731))
677 * Fixes an OOM in `ThreadPoolHandle`
678 ([CVE-2022-21732](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21732))
679 * Fixes an OOM due to integer overflow in `StringNGrams`
680 ([CVE-2022-21733](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21733))
681 * Fixes more issues caused by incomplete validation in boosted trees code
682 ([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
683 * Fixes an integer overflows in most sparse component-wise ops
684 ([CVE-2022-23567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23567))
685 * Fixes an integer overflows in `AddManySparseToTensorsMap`
686 ([CVE-2022-23568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23568))
687 * Fixes a number of `CHECK`-failures in `MapStage`
688 ([CVE-2022-21734](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21734))
689 * Fixes a division by zero in `FractionalMaxPool`
690 ([CVE-2022-21735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21735))
691 * Fixes a number of `CHECK`-fails when building invalid/overflowing tensor
693 ([CVE-2022-23569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23569))
694 * Fixes an undefined behavior in `SparseTensorSliceDataset`
695 ([CVE-2022-21736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21736))
696 * Fixes an assertion failure based denial of service via faulty bin count
698 ([CVE-2022-21737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21737))
699 * Fixes a reference binding to null pointer in `QuantizedMaxPool`
700 ([CVE-2022-21739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21739))
701 * Fixes an integer overflow leading to crash in `SparseCountSparseOutput`
702 ([CVE-2022-21738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21738))
703 * Fixes a heap overflow in `SparseCountSparseOutput`
704 ([CVE-2022-21740](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21740))
705 * Fixes an FPE in `BiasAndClamp` in TFLite
706 ([CVE-2022-23557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23557))
707 * Fixes an FPE in depthwise convolutions in TFLite
708 ([CVE-2022-21741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21741))
709 * Fixes an integer overflow in TFLite array creation
710 ([CVE-2022-23558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23558))
711 * Fixes an integer overflow in TFLite
712 ([CVE-2022-23559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23559))
713 * Fixes a dangerous OOB write in TFLite
714 ([CVE-2022-23561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23561))
715 * Fixes a vulnerability leading to read and write outside of bounds in TFLite
716 ([CVE-2022-23560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23560))
717 * Fixes a set of vulnerabilities caused by using insecure temporary files
718 ([CVE-2022-23563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23563))
719 * Fixes an integer overflow in Range resulting in undefined behavior and OOM
720 ([CVE-2022-23562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23562))
721 * Fixes a vulnerability where missing validation causes `tf.sparse.split` to
723 ([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
724 * Fixes a `CHECK`-fail when decoding resource handles from proto
725 ([CVE-2022-23564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23564))
726 * Fixes a `CHECK`-fail with repeated `AttrDef`
727 ([CVE-2022-23565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23565))
728 * Fixes a heap OOB write in Grappler
729 ([CVE-2022-23566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23566))
730 * Fixes a `CHECK`-fail when decoding invalid tensors from proto
731 ([CVE-2022-23571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23571))
732 * Fixes a null-dereference when specializing tensor type
733 ([CVE-2022-23570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23570))
734 * Fixes a crash when type cannot be specialized
735 ([CVE-2022-23572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23572))
736 * Fixes a heap OOB read/write in `SpecializeType`
737 ([CVE-2022-23574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23574))
738 * Fixes an unitialized variable access in `AssignOp`
739 ([CVE-2022-23573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23573))
740 * Fixes an integer overflow in `OpLevelCostEstimator::CalculateTensorSize`
741 ([CVE-2022-23575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23575))
742 * Fixes an integer overflow in `OpLevelCostEstimator::CalculateOutputSize`
743 ([CVE-2022-23576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23576))
744 * Fixes a null dereference in `GetInitOp`
745 ([CVE-2022-23577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23577))
746 * Fixes a memory leak when a graph node is invalid
747 ([CVE-2022-23578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23578))
748 * Fixes an abort caused by allocating a vector that is too large
749 ([CVE-2022-23580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23580))
750 * Fixes multiple `CHECK`-failures during Grappler's `IsSimplifiableReshape`
751 ([CVE-2022-23581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23581))
752 * Fixes multiple `CHECK`-failures during Grappler's `SafeToRemoveIdentity`
753 ([CVE-2022-23579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23579))
754 * Fixes multiple `CHECK`-failures in `TensorByteSize`
755 ([CVE-2022-23582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23582))
756 * Fixes multiple `CHECK`-failures in binary ops due to type confusion
757 ([CVE-2022-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23583))
758 * Fixes a use after free in `DecodePng` kernel
759 ([CVE-2022-23584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23584))
760 * Fixes a memory leak in decoding PNG images
761 ([CVE-2022-23585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23585))
762 * Fixes multiple `CHECK`-fails in `function.cc`
763 ([CVE-2022-23586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23586))
764 * Fixes multiple `CHECK`-fails due to attempting to build a reference tensor
765 ([CVE-2022-23588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23588))
766 * Fixes an integer overflow in Grappler cost estimation of crop and resize
768 ([CVE-2022-23587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23587))
769 * Fixes a null pointer dereference in Grappler's `IsConstant`
770 ([CVE-2022-23589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23589))
771 * Fixes a `CHECK` failure in constant folding
772 ([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
773 * Fixes a stack overflow due to self-recursive function in `GraphDef`
774 ([CVE-2022-23591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23591))
775 * Fixes a heap OOB access in `RunForwardTypeInference`
776 ([CVE-2022-23592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23592))
777 * Fixes a crash due to erroneous `StatusOr`
778 ([CVE-2022-23590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23590))
779 * Fixes multiple crashes and heap OOB accesses in TFG dialect (MLIR)
780 ([CVE-2022-23594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23594))
781 * Fixes a segfault in `simplifyBroadcast` (MLIR)
782 ([CVE-2022-23593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23593))
783 * Fixes a null pointer dereference in `BuildXlaCompilationCache` (XLA)
784 ([CVE-2022-23595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23595))
786 [CVE-2020-10531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531)
794 dan, Dan F-M, David Korczynski, DEKHTIARJonathan, dengzhiyuan, Deven Desai,
799 Hou, Kanvi Khanna, Kevin Cheng, Koan-Sin Tan, Kruglov-Dmitry, Kun Lu, Lemo,
803 Agarwalla, Oktay Ozturk, Patrice Vignola, Pawel-Polyai, Rama Ketineni, Ramesh
805 Muradi, Saduf2019, Samuel Marks, Shi,Guangyong, Sidong-Wei, Srinivasan
807 Tamas Bela Feher, Tao Xu, Thibaut Goetghebuer-Planchon, Thomas Schmeyer,
814 This releases introduces several vulnerability fixes:
816 * Fixes a floating point division by 0 when executing convolution operators
817 ([CVE-2022-21725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21725))
818 * Fixes a heap OOB read in shape inference for `ReverseSequence`
819 ([CVE-2022-21728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21728))
820 * Fixes a heap OOB access in `Dequantize`
821 ([CVE-2022-21726](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21726))
822 * Fixes an integer overflow in shape inference for `Dequantize`
823 ([CVE-2022-21727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21727))
824 * Fixes a heap OOB access in `FractionalAvgPoolGrad`
825 ([CVE-2022-21730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21730))
826 * Fixes an overflow and divide by zero in `UnravelIndex`
827 ([CVE-2022-21729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21729))
828 * Fixes a type confusion in shape inference for `ConcatV2`
829 ([CVE-2022-21731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21731))
830 * Fixes an OOM in `ThreadPoolHandle`
831 ([CVE-2022-21732](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21732))
832 * Fixes an OOM due to integer overflow in `StringNGrams`
833 ([CVE-2022-21733](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21733))
834 * Fixes more issues caused by incomplete validation in boosted trees code
835 ([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
836 * Fixes an integer overflows in most sparse component-wise ops
837 ([CVE-2022-23567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23567))
838 * Fixes an integer overflows in `AddManySparseToTensorsMap`
839 ([CVE-2022-23568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23568))
840 * Fixes a number of `CHECK`-failures in `MapStage`
841 ([CVE-2022-21734](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21734))
842 * Fixes a division by zero in `FractionalMaxPool`
843 ([CVE-2022-21735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21735))
844 * Fixes a number of `CHECK`-fails when building invalid/overflowing tensor
846 ([CVE-2022-23569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23569))
847 * Fixes an undefined behavior in `SparseTensorSliceDataset`
848 ([CVE-2022-21736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21736))
849 * Fixes an assertion failure based denial of service via faulty bin count
851 ([CVE-2022-21737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21737))
852 * Fixes a reference binding to null pointer in `QuantizedMaxPool`
853 ([CVE-2022-21739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21739))
854 * Fixes an integer overflow leading to crash in `SparseCountSparseOutput`
855 ([CVE-2022-21738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21738))
856 * Fixes a heap overflow in `SparseCountSparseOutput`
857 ([CVE-2022-21740](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21740))
858 * Fixes an FPE in `BiasAndClamp` in TFLite
859 ([CVE-2022-23557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23557))
860 * Fixes an FPE in depthwise convolutions in TFLite
861 ([CVE-2022-21741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21741))
862 * Fixes an integer overflow in TFLite array creation
863 ([CVE-2022-23558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23558))
864 * Fixes an integer overflow in TFLite
865 ([CVE-2022-23559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23559))
866 * Fixes a dangerous OOB write in TFLite
867 ([CVE-2022-23561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23561))
868 * Fixes a vulnerability leading to read and write outside of bounds in TFLite
869 ([CVE-2022-23560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23560))
870 * Fixes a set of vulnerabilities caused by using insecure temporary files
871 ([CVE-2022-23563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23563))
872 * Fixes an integer overflow in Range resulting in undefined behavior and OOM
873 ([CVE-2022-23562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23562))
874 * Fixes a vulnerability where missing validation causes `tf.sparse.split` to
876 ([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
877 * Fixes a `CHECK`-fail when decoding resource handles from proto
878 ([CVE-2022-23564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23564))
879 * Fixes a `CHECK`-fail with repeated `AttrDef`
880 ([CVE-2022-23565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23565))
881 * Fixes a heap OOB write in Grappler
882 ([CVE-2022-23566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23566))
883 * Fixes a `CHECK`-fail when decoding invalid tensors from proto
884 ([CVE-2022-23571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23571))
885 * Fixes a null-dereference when specializing tensor type
886 ([CVE-2022-23570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23570))
887 * Fixes a crash when type cannot be specialized
888 ([CVE-2022-23572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23572))
889 * Fixes a heap OOB read/write in `SpecializeType`
890 ([CVE-2022-23574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23574))
891 * Fixes an uninitialized variable access in `AssignOp`
892 ([CVE-2022-23573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23573))
893 * Fixes an integer overflow in `OpLevelCostEstimator::CalculateTensorSize`
894 ([CVE-2022-23575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23575))
895 * Fixes an integer overflow in `OpLevelCostEstimator::CalculateOutputSize`
896 ([CVE-2022-23576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23576))
897 * Fixes a null dereference in `GetInitOp`
898 ([CVE-2022-23577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23577))
899 * Fixes a memory leak when a graph node is invalid
900 ([CVE-2022-23578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23578))
901 * Fixes an abort caused by allocating a vector that is too large
902 ([CVE-2022-23580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23580))
903 * Fixes multiple `CHECK`-failures during Grappler's `IsSimplifiableReshape`
904 ([CVE-2022-23581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23581))
905 * Fixes multiple `CHECK`-failures during Grappler's `SafeToRemoveIdentity`
906 ([CVE-2022-23579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23579))
907 * Fixes multiple `CHECK`-failures in `TensorByteSize`
908 ([CVE-2022-23582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23582))
909 * Fixes multiple `CHECK`-failures in binary ops due to type confusion
910 ([CVE-2022-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23583))
911 * Fixes a use after free in `DecodePng` kernel
912 ([CVE-2022-23584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23584))
913 * Fixes a memory leak in decoding PNG images
914 ([CVE-2022-23585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23585))
915 * Fixes multiple `CHECK`-fails in `function.cc`
916 ([CVE-2022-23586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23586))
917 * Fixes multiple `CHECK`-fails due to attempting to build a reference tensor
918 ([CVE-2022-23588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23588))
919 * Fixes an integer overflow in Grappler cost estimation of crop and resize
921 ([CVE-2022-23587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23587))
922 * Fixes a null pointer dereference in Grappler's `IsConstant`
923 ([CVE-2022-23589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23589))
924 * Fixes a `CHECK` failure in constant folding
925 ([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
926 * Fixes a stack overflow due to self-recursive function in `GraphDef`
927 ([CVE-2022-23591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23591))
928 * Fixes a crash due to erroneous `StatusOr`
929 ([CVE-2022-23590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23590))
930 * Fixes multiple crashes and heap OOB accesses in TFG dialect (MLIR)
931 ([CVE-2022-23594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23594))
932 * Fixes a null pointer dereference in `BuildXlaCompilationCache` (XLA)
933 ([CVE-2022-23595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23595))
935 [CVE-2020-10531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531)
939 This releases introduces several vulnerability fixes:
941 * Fixes a floating point division by 0 when executing convolution operators
942 ([CVE-2022-21725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21725))
943 * Fixes a heap OOB read in shape inference for `ReverseSequence`
944 ([CVE-2022-21728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21728))
945 * Fixes a heap OOB access in `Dequantize`
946 ([CVE-2022-21726](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21726))
947 * Fixes an integer overflow in shape inference for `Dequantize`
948 ([CVE-2022-21727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21727))
949 * Fixes a heap OOB access in `FractionalAvgPoolGrad`
950 ([CVE-2022-21730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21730))
951 * Fixes an overflow and divide by zero in `UnravelIndex`
952 ([CVE-2022-21729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21729))
953 * Fixes a type confusion in shape inference for `ConcatV2`
954 ([CVE-2022-21731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21731))
955 * Fixes an OOM in `ThreadPoolHandle`
956 ([CVE-2022-21732](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21732))
957 * Fixes an OOM due to integer overflow in `StringNGrams`
958 ([CVE-2022-21733](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21733))
959 * Fixes more issues caused by incomplete validation in boosted trees code
960 ([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
961 * Fixes an integer overflows in most sparse component-wise ops
962 ([CVE-2022-23567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23567))
963 * Fixes an integer overflows in `AddManySparseToTensorsMap`
964 ([CVE-2022-23568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23568))
965 * Fixes a number of `CHECK`-failures in `MapStage`
966 ([CVE-2022-21734](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21734))
967 * Fixes a division by zero in `FractionalMaxPool`
968 ([CVE-2022-21735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21735))
969 * Fixes a number of `CHECK`-fails when building invalid/overflowing tensor
971 ([CVE-2022-23569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23569))
972 * Fixes an undefined behavior in `SparseTensorSliceDataset`
973 ([CVE-2022-21736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21736))
974 * Fixes an assertion failure based denial of service via faulty bin count
976 ([CVE-2022-21737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21737))
977 * Fixes a reference binding to null pointer in `QuantizedMaxPool`
978 ([CVE-2022-21739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21739))
979 * Fixes an integer overflow leading to crash in `SparseCountSparseOutput`
980 ([CVE-2022-21738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21738))
981 * Fixes a heap overflow in `SparseCountSparseOutput`
982 ([CVE-2022-21740](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21740))
983 * Fixes an FPE in `BiasAndClamp` in TFLite
984 ([CVE-2022-23557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23557))
985 * Fixes an FPE in depthwise convolutions in TFLite
986 ([CVE-2022-21741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21741))
987 * Fixes an integer overflow in TFLite array creation
988 ([CVE-2022-23558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23558))
989 * Fixes an integer overflow in TFLite
990 ([CVE-2022-23559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23559))
991 * Fixes a dangerous OOB write in TFLite
992 ([CVE-2022-23561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23561))
993 * Fixes a vulnerability leading to read and write outside of bounds in TFLite
994 ([CVE-2022-23560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23560))
995 * Fixes a set of vulnerabilities caused by using insecure temporary files
996 ([CVE-2022-23563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23563))
997 * Fixes an integer overflow in Range resulting in undefined behavior and OOM
998 ([CVE-2022-23562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23562))
999 * Fixes a vulnerability where missing validation causes `tf.sparse.split` to
1001 ([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
1002 * Fixes a `CHECK`-fail when decoding resource handles from proto
1003 ([CVE-2022-23564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23564))
1004 * Fixes a `CHECK`-fail with repeated `AttrDef`
1005 ([CVE-2022-23565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23565))
1006 * Fixes a heap OOB write in Grappler
1007 ([CVE-2022-23566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23566))
1008 * Fixes a `CHECK`-fail when decoding invalid tensors from proto
1009 ([CVE-2022-23571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23571))
1010 * Fixes a null-dereference when specializing tensor type
1011 ([CVE-2022-23570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23570))
1012 * Fixes a crash when type cannot be specialized
1013 ([CVE-2022-23572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23572))
1014 * Fixes a heap OOB read/write in `SpecializeType`
1015 ([CVE-2022-23574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23574))
1016 * Fixes an unitialized variable access in `AssignOp`
1017 ([CVE-2022-23573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23573))
1018 * Fixes an integer overflow in `OpLevelCostEstimator::CalculateTensorSize`
1019 ([CVE-2022-23575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23575))
1020 * Fixes an integer overflow in `OpLevelCostEstimator::CalculateOutputSize`
1021 ([CVE-2022-23576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23576))
1022 * Fixes a null dereference in `GetInitOp`
1023 ([CVE-2022-23577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23577))
1024 * Fixes a memory leak when a graph node is invalid
1025 ([CVE-2022-23578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23578))
1026 * Fixes an abort caused by allocating a vector that is too large
1027 ([CVE-2022-23580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23580))
1028 * Fixes multiple `CHECK`-failures during Grappler's `IsSimplifiableReshape`
1029 ([CVE-2022-23581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23581))
1030 * Fixes multiple `CHECK`-failures during Grappler's `SafeToRemoveIdentity`
1031 ([CVE-2022-23579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23579))
1032 * Fixes multiple `CHECK`-failures in `TensorByteSize`
1033 ([CVE-2022-23582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23582))
1034 * Fixes multiple `CHECK`-failures in binary ops due to type confusion
1035 ([CVE-2022-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23583))
1036 * Fixes a use after free in `DecodePng` kernel
1037 ([CVE-2022-23584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23584))
1038 * Fixes a memory leak in decoding PNG images
1039 ([CVE-2022-23585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23585))
1040 * Fixes multiple `CHECK`-fails in `function.cc`
1041 ([CVE-2022-23586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23586))
1042 * Fixes multiple `CHECK`-fails due to attempting to build a reference tensor
1043 ([CVE-2022-23588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23588))
1044 * Fixes an integer overflow in Grappler cost estimation of crop and resize
1046 ([CVE-2022-23587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23587))
1047 * Fixes a null pointer dereference in Grappler's `IsConstant`
1048 ([CVE-2022-23589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23589))
1049 * Fixes a `CHECK` failure in constant folding
1050 ([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
1051 * Fixes a stack overflow due to self-recursive function in `GraphDef`
1052 ([CVE-2022-23591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23591))
1053 * Fixes a null pointer dereference in `BuildXlaCompilationCache` (XLA)
1054 ([CVE-2022-23595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23595))
1056 [CVE-2020-10531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531)
1060 This releases introduces several vulnerability fixes:
1062 * Fixes a floating point division by 0 when executing convolution operators
1063 ([CVE-2022-21725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21725))
1064 * Fixes a heap OOB read in shape inference for `ReverseSequence`
1065 ([CVE-2022-21728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21728))
1066 * Fixes a heap OOB access in `Dequantize`
1067 ([CVE-2022-21726](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21726))
1068 * Fixes an integer overflow in shape inference for `Dequantize`
1069 ([CVE-2022-21727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21727))
1070 * Fixes a heap OOB access in `FractionalAvgPoolGrad`
1071 ([CVE-2022-21730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21730))
1072 * Fixes an overflow and divide by zero in `UnravelIndex`
1073 ([CVE-2022-21729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21729))
1074 * Fixes a type confusion in shape inference for `ConcatV2`
1075 ([CVE-2022-21731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21731))
1076 * Fixes an OOM in `ThreadPoolHandle`
1077 ([CVE-2022-21732](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21732))
1078 * Fixes an OOM due to integer overflow in `StringNGrams`
1079 ([CVE-2022-21733](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21733))
1080 * Fixes more issues caused by incomplete validation in boosted trees code
1081 ([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
1082 * Fixes an integer overflows in most sparse component-wise ops
1083 ([CVE-2022-23567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23567))
1084 * Fixes an integer overflows in `AddManySparseToTensorsMap`
1085 ([CVE-2022-23568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23568))
1086 * Fixes a number of `CHECK`-failures in `MapStage`
1087 ([CVE-2022-21734](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21734))
1088 * Fixes a division by zero in `FractionalMaxPool`
1089 ([CVE-2022-21735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21735))
1090 * Fixes a number of `CHECK`-fails when building invalid/overflowing tensor
1092 ([CVE-2022-23569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23569))
1093 * Fixes an undefined behavior in `SparseTensorSliceDataset`
1094 ([CVE-2022-21736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21736))
1095 * Fixes an assertion failure based denial of service via faulty bin count
1097 ([CVE-2022-21737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21737))
1098 * Fixes a reference binding to null pointer in `QuantizedMaxPool`
1099 ([CVE-2022-21739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21739))
1100 * Fixes an integer overflow leading to crash in `SparseCountSparseOutput`
1101 ([CVE-2022-21738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21738))
1102 * Fixes a heap overflow in `SparseCountSparseOutput`
1103 ([CVE-2022-21740](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21740))
1104 * Fixes an FPE in `BiasAndClamp` in TFLite
1105 ([CVE-2022-23557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23557))
1106 * Fixes an FPE in depthwise convolutions in TFLite
1107 ([CVE-2022-21741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21741))
1108 * Fixes an integer overflow in TFLite array creation
1109 ([CVE-2022-23558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23558))
1110 * Fixes an integer overflow in TFLite
1111 ([CVE-2022-23559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23559))
1112 * Fixes a dangerous OOB write in TFLite
1113 ([CVE-2022-23561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23561))
1114 * Fixes a vulnerability leading to read and write outside of bounds in TFLite
1115 ([CVE-2022-23560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23560))
1116 * Fixes a set of vulnerabilities caused by using insecure temporary files
1117 ([CVE-2022-23563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23563))
1118 * Fixes an integer overflow in Range resulting in undefined behavior and OOM
1119 ([CVE-2022-23562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23562))
1120 * Fixes a vulnerability where missing validation causes `tf.sparse.split` to
1122 ([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
1123 * Fixes a `CHECK`-fail when decoding resource handles from proto
1124 ([CVE-2022-23564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23564))
1125 * Fixes a `CHECK`-fail with repeated `AttrDef`
1126 ([CVE-2022-23565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23565))
1127 * Fixes a heap OOB write in Grappler
1128 ([CVE-2022-23566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23566))
1129 * Fixes a `CHECK`-fail when decoding invalid tensors from proto
1130 ([CVE-2022-23571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23571))
1131 * Fixes an unitialized variable access in `AssignOp`
1132 ([CVE-2022-23573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23573))
1133 * Fixes an integer overflow in `OpLevelCostEstimator::CalculateTensorSize`
1134 ([CVE-2022-23575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23575))
1135 * Fixes an integer overflow in `OpLevelCostEstimator::CalculateOutputSize`
1136 ([CVE-2022-23576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23576))
1137 * Fixes a null dereference in `GetInitOp`
1138 ([CVE-2022-23577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23577))
1139 * Fixes a memory leak when a graph node is invalid
1140 ([CVE-2022-23578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23578))
1141 * Fixes an abort caused by allocating a vector that is too large
1142 ([CVE-2022-23580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23580))
1143 * Fixes multiple `CHECK`-failures during Grappler's `IsSimplifiableReshape`
1144 ([CVE-2022-23581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23581))
1145 * Fixes multiple `CHECK`-failures during Grappler's `SafeToRemoveIdentity`
1146 ([CVE-2022-23579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23579))
1147 * Fixes multiple `CHECK`-failures in `TensorByteSize`
1148 ([CVE-2022-23582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23582))
1149 * Fixes multiple `CHECK`-failures in binary ops due to type confusion
1150 ([CVE-2022-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23583))
1151 * Fixes a use after free in `DecodePng` kernel
1152 ([CVE-2022-23584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23584))
1153 * Fixes a memory leak in decoding PNG images
1154 ([CVE-2022-23585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23585))
1155 * Fixes multiple `CHECK`-fails in `function.cc`
1156 ([CVE-2022-23586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23586))
1157 * Fixes multiple `CHECK`-fails due to attempting to build a reference tensor
1158 ([CVE-2022-23588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23588))
1159 * Fixes an integer overflow in Grappler cost estimation of crop and resize
1161 ([CVE-2022-23587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23587))
1162 * Fixes a null pointer dereference in Grappler's `IsConstant`
1163 ([CVE-2022-23589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23589))
1164 * Fixes a `CHECK` failure in constant folding
1165 ([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
1166 * Fixes a stack overflow due to self-recursive function in `GraphDef`
1167 ([CVE-2022-23591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23591))
1169 [CVE-2020-10531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531)
1184 x.shape.rank == 1: x = tf.expand_dims(x, axis=-1)`. Functional models as
1223 * `tensorflow/core/ir/` contains a new MLIR-based Graph dialect that is
1224 isomorphic to GraphDef and will be used to replace GraphDef-based (e.g.,
1251 https://github.com/tensorflow/io. The `tensorflow-io` python package
1265 `tf.debugging.disable_traceback_filtering()`, and can be re-enabled via
1267 TensorFlow-internal issue (e.g. to prepare a TensorFlow PR), make sure to
1278 decorator, which enables using large classes of tf1-style variable_scope,
1279 `get_variable`, and `compat.v1.layer`-based components from within TF2
1284 * tf.data service now supports auto-sharding. Users specify the sharding
1291 Static sharding (auto-sharding) requires the number of tf.data service
1306 return self.convolution_op(inputs, (self.kernel - mean) / tf.sqrt(var +
1307 1e-10))` Alternatively, you can override `convolution_op`: `python class
1310 keepdims=True) # Author code uses std + 1e-5 return
1311 super().convolution_op(inputs, (kernel - mean) / tf.sqrt(var + 1e-10))`
1322 remote registered methods. RPC APIs are intended for multi-client setups
1368 * Extension types are supported by Keras, tf.data, TF-hub, SavedModel,
1379 ## Bug Fixes and Other Changes
1414 * Add support for user-defined names of tf.data core Python API, which can
1424 * The saved_model_cli's `--input_examples` inputs are now restricted to
1458 * Add determinism-unimplemented exception-throwing to the following ops.
1459 When op-determinism is expected (i.e. when the environment variable
1470 * `tf.math.bincount` - TODO: confirm exception added
1479 * The random-number-generating ops in the `tf.random` module when the
1488 * Fixes a code injection issue in `saved_model_cli`
1489 ([CVE-2021-41228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41228))
1490 * Fixes a vulnerability due to use of uninitialized value in Tensorflow
1491 ([CVE-2021-41225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41225))
1492 * Fixes a heap OOB in `FusedBatchNorm` kernels
1493 ([CVE-2021-41223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41223))
1494 * Fixes an arbitrary memory read in `ImmutableConst`
1495 ([CVE-2021-41227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41227))
1496 * Fixes a heap OOB in `SparseBinCount`
1497 ([CVE-2021-41226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41226))
1498 * Fixes a heap OOB in `SparseFillEmptyRows`
1499 ([CVE-2021-41224](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41224))
1500 * Fixes a segfault due to negative splits in `SplitV`
1501 ([CVE-2021-41222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41222))
1502 * Fixes segfaults and vulnerabilities caused by accesses to invalid memory
1504 ([CVE-2021-41221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41221))
1505 * Fixes a null pointer exception when `Exit` node is not preceded by `Enter`
1507 ([CVE-2021-41217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41217))
1508 * Fixes an integer division by 0 in `tf.raw_ops.AllToAll`
1509 ([CVE-2021-41218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41218))
1510 * Fixes a use after free and a memory leak in `CollectiveReduceV2`
1511 ([CVE-2021-41220](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41220))
1512 * Fixes an undefined behavior via `nullptr` reference binding in sparse matrix
1514 ([CVE-2021-41219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41219))
1515 * Fixes a heap buffer overflow in `Transpose`
1516 ([CVE-2021-41216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41216))
1518 ([CVE-2021-41213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41213))
1519 * Fixes a null pointer exception in `DeserializeSparse`
1520 ([CVE-2021-41215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41215))
1521 * Fixes an undefined behavior arising from reference binding to `nullptr` in
1523 ([CVE-2021-41214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41214))
1524 * Fixes a heap OOB read in `tf.ragged.cross`
1525 ([CVE-2021-41212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41212))
1526 * Fixes a heap OOB in shape inference for `QuantizeV2`
1527 ([CVE-2021-41211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41211))
1528 * Fixes a heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
1529 ([CVE-2021-41205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41205))
1530 * Fixes an FPE in `ParallelConcat`
1531 ([CVE-2021-41207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41207))
1532 * Fixes FPE issues in convolutions with zero size filters
1533 ([CVE-2021-41209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41209))
1534 * Fixes a heap OOB read in `tf.raw_ops.SparseCountSparseOutput`
1535 ([CVE-2021-41210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41210))
1536 * Fixes vulnerabilities caused by incomplete validation in boosted trees code
1537 ([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
1538 * Fixes vulnerabilities caused by incomplete validation of shapes in multiple
1540 ([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
1541 * Fixes a segfault produced while copying constant resource tensor
1542 ([CVE-2021-41204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41204))
1543 * Fixes a vulnerability caused by unitialized access in
1545 ([CVE-2021-41201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41201))
1546 * Fixes several vulnerabilities and segfaults caused by missing validation
1548 ([CVE-2021-41203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41203))
1549 * Fixes an overflow producing a crash in `tf.range`
1550 ([CVE-2021-41202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41202))
1551 * Fixes an overflow producing a crash in `tf.image.resize` when size is large
1552 ([CVE-2021-41199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41199))
1553 * Fixes an overflow producing a crash in `tf.tile` when tiling tensor is large
1554 ([CVE-2021-41198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41198))
1555 * Fixes a vulnerability produced due to incomplete validation in
1557 ([CVE-2021-41200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41200))
1558 * Fixes multiple crashes due to overflow and `CHECK`-fail in ops with large
1560 ([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
1561 * Fixes a crash in `max_pool3d` when size argument is 0 or negative
1562 ([CVE-2021-41196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41196))
1563 * Fixes a crash in `tf.math.segment_*` operations
1564 ([CVE-2021-41195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41195))
1566 [CVE-2021-22922](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922),
1567 [CVE-2021-22923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923),
1568 [CVE-2021-22924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924),
1569 [CVE-2021-22925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925),
1571 [CVE-2021-22926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926).
1580 Balint Cristian, Bas Aarts, Ben Barsdell, bhack, cfRod, Cheney-Wang, Cheng Ren,
1585 Kanvi Khanna, Koan-Sin Tan, Koki Ibukuro, Kulin Seth, KumaTea, Kun-Lu, Lemo,
1588 Panpaliya, Nyadla-Sys, Patrice Vignola, Peter Kasting, Philipp Hack, PINTO0309,
1591 Sergii Khomenko, Sheng, Yang, Sidong-Wei, slowy07, Srinivasan Narayanamoorthy,
1594 Goetghebuer-Planchon, Trent Lo, Twice, Varghese, Jojimon, Vishnuvardhan
1601 Fixes an issue where `keras`, `tensorflow_estimator` and `tensorboard` were
1606 This release introduces several vulnerability fixes:
1608 * Fixes a code injection issue in `saved_model_cli`
1609 ([CVE-2021-41228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41228))
1610 * Fixes a vulnerability due to use of uninitialized value in Tensorflow
1611 ([CVE-2021-41225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41225))
1612 * Fixes a heap OOB in `FusedBatchNorm` kernels
1613 ([CVE-2021-41223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41223))
1614 * Fixes an arbitrary memory read in `ImmutableConst`
1615 ([CVE-2021-41227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41227))
1616 * Fixes a heap OOB in `SparseBinCount`
1617 ([CVE-2021-41226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41226))
1618 * Fixes a heap OOB in `SparseFillEmptyRows`
1619 ([CVE-2021-41224](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41224))
1620 * Fixes a segfault due to negative splits in `SplitV`
1621 ([CVE-2021-41222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41222))
1622 * Fixes segfaults and vulnerabilities caused by accesses to invalid memory
1624 ([CVE-2021-41221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41221))
1625 * Fixes a null pointer exception when `Exit` node is not preceded by `Enter`
1627 ([CVE-2021-41217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41217))
1628 * Fixes an integer division by 0 in `tf.raw_ops.AllToAll`
1629 ([CVE-2021-41218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41218))
1630 * Fixes a use after free and a memory leak in `CollectiveReduceV2`
1631 ([CVE-2021-41220](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41220))
1632 * Fixes an undefined behavior via `nullptr` reference binding in sparse matrix
1634 ([CVE-2021-41219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41219))
1635 * Fixes a heap buffer overflow in `Transpose`
1636 ([CVE-2021-41216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41216))
1638 ([CVE-2021-41213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41213))
1639 * Fixes a null pointer exception in `DeserializeSparse`
1640 ([CVE-2021-41215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41215))
1641 * Fixes an undefined behavior arising from reference binding to `nullptr` in
1643 ([CVE-2021-41214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41214))
1644 * Fixes a heap OOB read in `tf.ragged.cross`
1645 ([CVE-2021-41212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41212))
1646 * Fixes a heap OOB in shape inference for `QuantizeV2`
1647 ([CVE-2021-41211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41211))
1648 * Fixes a heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
1649 ([CVE-2021-41205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41205))
1650 * Fixes an FPE in `ParallelConcat`
1651 ([CVE-2021-41207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41207))
1652 * Fixes FPE issues in convolutions with zero size filters
1653 ([CVE-2021-41209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41209))
1654 * Fixes a heap OOB read in `tf.raw_ops.SparseCountSparseOutput`
1655 ([CVE-2021-41210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41210))
1656 * Fixes vulnerabilities caused by incomplete validation in boosted trees code
1657 ([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
1658 * Fixes vulnerabilities caused by incomplete validation of shapes in multiple
1660 ([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
1661 * Fixes a segfault produced while copying constant resource tensor
1662 ([CVE-2021-41204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41204))
1663 * Fixes a vulnerability caused by unitialized access in
1665 ([CVE-2021-41201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41201))
1666 * Fixes several vulnerabilities and segfaults caused by missing validation
1668 ([CVE-2021-41203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41203))
1669 * Fixes an overflow producing a crash in `tf.range`
1670 ([CVE-2021-41202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41202))
1671 * Fixes an overflow producing a crash in `tf.image.resize` when size is large
1672 ([CVE-2021-41199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41199))
1673 * Fixes an overflow producing a crash in `tf.tile` when tiling tensor is large
1674 ([CVE-2021-41198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41198))
1675 * Fixes a vulnerability produced due to incomplete validation in
1677 ([CVE-2021-41200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41200))
1678 * Fixes multiple crashes due to overflow and `CHECK`-fail in ops with large
1680 ([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
1681 * Fixes a crash in `max_pool3d` when size argument is 0 or negative
1682 ([CVE-2021-41196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41196))
1683 * Fixes a crash in `tf.math.segment_*` operations
1684 ([CVE-2021-41195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41195))
1686 [CVE-2021-22922](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922),
1687 [CVE-2021-22923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923),
1688 [CVE-2021-22924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924),
1689 [CVE-2021-22925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925),
1691 [CVE-2021-22926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926).
1717 repository[keras-team/keras](http://github.com/keras-team/keras). The
1744 [keras-team/keras](http://github.com/keras-team/keras). The API
1746 `keras` PIP package. All Keras-related PRs and issues should now be
1748 [keras-team/keras](http://github.com/keras-team/keras).
1757 It can also be used with single-worker training or other strategies. See
1769 `TextVectorization`. Multi-hot encoding will no longer automatically
1770 uprank rank 1 inputs, so these layers can now multi-hot encode
1771 unbatched multi-dimensional samples.
1776 `"binary"` behavior of one-hot encoding a batch of scalars.
1778 allowing normalization of unbatched multi-dimensional samples.
1785 * Supports native variable builtin ops - ReadVariable, AssignVariable.
1818 local in-processs tf.data service workers. `"AUTO"` works well for most
1825 ## Bug Fixes and Other Changes
1917 non-experimental TF Lite APIs.
1919 * `modifyGraphWithDelegate` - Use `Interpreter.Options.addDelegate`
1920 * `setNumThreads` - Use `Interpreter.Options.setNumThreads`
1938 * Add determinism-unimplemented exception-throwing to the following ops.
1939 When op-determinism is expected, an attempt to use the specified paths
1954 * Fixes a heap out of bounds access in sparse reduction operations
1955 ([CVE-2021-37635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37635))
1956 * Fixes a floating point exception in `SparseDenseCwiseDiv`
1957 ([CVE-2021-37636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37636))
1958 * Fixes a null pointer dereference in `CompressElement`
1959 ([CVE-2021-37637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37637))
1960 * Fixes a null pointer dereference in `RaggedTensorToTensor`
1961 ([CVE-2021-37638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37638))
1962 * Fixes a null pointer dereference and a heap OOB read arising from operations
1964 ([CVE-2021-37639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37639))
1965 * Fixes an integer division by 0 in sparse reshaping
1966 ([CVE-2021-37640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37640))
1967 * Fixes a division by 0 in `ResourceScatterDiv`
1968 ([CVE-2021-37642](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37642))
1969 * Fixes a heap OOB in `RaggedGather`
1970 ([CVE-2021-37641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37641))
1971 * Fixes a `std::abort` raised from `TensorListReserve`
1972 ([CVE-2021-37644](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37644))
1973 * Fixes a null pointer dereference in `MatrixDiagPartOp`
1974 ([CVE-2021-37643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37643))
1975 * Fixes an integer overflow due to conversion to unsigned
1976 ([CVE-2021-37645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37645))
1977 * Fixes a bad allocation error in `StringNGrams` caused by integer conversion
1978 ([CVE-2021-37646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37646))
1979 * Fixes a null pointer dereference in `SparseTensorSliceDataset`
1980 ([CVE-2021-37647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37647))
1981 * Fixes an incorrect validation of `SaveV2` inputs
1982 ([CVE-2021-37648](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37648))
1983 * Fixes a null pointer dereference in `UncompressElement`
1984 ([CVE-2021-37649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37649))
1985 * Fixes a segfault and a heap buffer overflow in
1987 ([CVE-2021-37650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37650))
1988 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
1989 ([CVE-2021-37651](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37651))
1990 * Fixes a use after free in boosted trees creation
1991 ([CVE-2021-37652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37652))
1992 * Fixes a division by 0 in `ResourceGather`
1993 ([CVE-2021-37653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37653))
1994 * Fixes a heap OOB and a `CHECK` fail in `ResourceGather`
1995 ([CVE-2021-37654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37654))
1996 * Fixes a heap OOB in `ResourceScatterUpdate`
1997 ([CVE-2021-37655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37655))
1998 * Fixes an undefined behavior arising from reference binding to nullptr in
2000 ([CVE-2021-37656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37656))
2001 * Fixes an undefined behavior arising from reference binding to nullptr in
2003 ([CVE-2021-37657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37657))
2004 * Fixes an undefined behavior arising from reference binding to nullptr in
2006 ([CVE-2021-37658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37658))
2007 * Fixes an undefined behavior arising from reference binding to nullptr and
2009 ([CVE-2021-37659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37659))
2010 * Fixes a division by 0 in inplace operations
2011 ([CVE-2021-37660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37660))
2012 * Fixes a crash caused by integer conversion to unsigned
2013 ([CVE-2021-37661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37661))
2014 * Fixes an undefined behavior arising from reference binding to nullptr in
2016 ([CVE-2021-37662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37662))
2017 * Fixes a heap OOB in boosted trees
2018 ([CVE-2021-37664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37664))
2019 * Fixes vulnerabilities arising from incomplete validation in `QuantizeV2`
2020 ([CVE-2021-37663](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37663))
2021 * Fixes vulnerabilities arising from incomplete validation in MKL
2023 ([CVE-2021-37665](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37665))
2024 * Fixes an undefined behavior arising from reference binding to nullptr in
2026 ([CVE-2021-37666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37666))
2027 * Fixes an undefined behavior arising from reference binding to nullptr in
2029 ([CVE-2021-37667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37667))
2030 * Fixes an FPE in `tf.raw_ops.UnravelIndex`
2031 ([CVE-2021-37668](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37668))
2032 * Fixes a crash in NMS ops caused by integer conversion to unsigned
2033 ([CVE-2021-37669](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37669))
2034 * Fixes a heap OOB in `UpperBound` and `LowerBound`
2035 ([CVE-2021-37670](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37670))
2036 * Fixes an undefined behavior arising from reference binding to nullptr in map
2038 ([CVE-2021-37671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37671))
2039 * Fixes a heap OOB in `SdcaOptimizerV2`
2040 ([CVE-2021-37672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37672))
2041 * Fixes a `CHECK`-fail in `MapStage`
2042 ([CVE-2021-37673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37673))
2043 * Fixes a vulnerability arising from incomplete validation in `MaxPoolGrad`
2044 ([CVE-2021-37674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37674))
2045 * Fixes an undefined behavior arising from reference binding to nullptr in
2047 ([CVE-2021-37676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37676))
2048 * Fixes a division by 0 in most convolution operators
2049 ([CVE-2021-37675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37675))
2050 * Fixes vulnerabilities arising from missing validation in shape inference for
2052 ([CVE-2021-37677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37677))
2053 * Fixes an arbitrary code execution due to YAML deserialization
2054 ([CVE-2021-37678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37678))
2055 * Fixes a heap OOB in nested `tf.map_fn` with `RaggedTensor`s
2056 ([CVE-2021-37679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37679))
2057 * Fixes a division by zero in TFLite
2058 ([CVE-2021-37680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37680))
2059 * Fixes an NPE in TFLite
2060 ([CVE-2021-37681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37681))
2061 * Fixes a vulnerability arising from use of unitialized value in TFLite
2062 ([CVE-2021-37682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37682))
2063 * Fixes an FPE in TFLite division operations
2064 ([CVE-2021-37683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37683))
2065 * Fixes an FPE in TFLite pooling operations
2066 ([CVE-2021-37684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37684))
2067 * Fixes an infinite loop in TFLite
2068 ([CVE-2021-37686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37686))
2069 * Fixes a heap OOB in TFLite
2070 ([CVE-2021-37685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37685))
2071 * Fixes a heap OOB in TFLite's `Gather*` implementations
2072 ([CVE-2021-37687](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37687))
2073 * Fixes an undefined behavior arising from null pointer dereference in TFLite
2074 ([CVE-2021-37688](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37688))
2075 * Fixes an undefined behavior arising from null pointer dereference in TFLite
2077 ([CVE-2021-37689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37689))
2078 * Fixes a FPE in LSH in TFLite
2079 ([CVE-2021-37691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37691))
2080 * Fixes a segfault on strings tensors with mismatched dimensions, arising in
2082 ([CVE-2021-37692](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37692))
2083 * Fixes a use after free and a potential segfault in shape inference functions
2084 ([CVE-2021-37690](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37690))
2086 [CVE-2021-22876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876),
2087 [CVE-2021-22897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22897),
2088 [CVE-2021-22898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898),
2090 [CVE-2021-22901](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22901).
2100 CyanXu, Daniel Situnayake, David Pal, Ddavis-2015, DEKHTIARJonathan, Deven
2108 Dekhtiar, Julian Gross, Kaixi Hou, Kevin Cheng, Koan-Sin Tan, Kulin Seth,
2116 Shaochen Shi, Sheng, Yang, Shu Wang, Shuai Zhang, Soojeong, Stanley-Nod, Steven
2118 tashuang.zk, tcervi, Teng Lu, Thales Elero Cervi, Thibaut Goetghebuer-Planchon,
2126 This release introduces several vulnerability fixes:
2128 * Fixes a code injection issue in `saved_model_cli`
2129 ([CVE-2021-41228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41228))
2130 * Fixes a vulnerability due to use of uninitialized value in Tensorflow
2131 ([CVE-2021-41225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41225))
2132 * Fixes a heap OOB in `FusedBatchNorm` kernels
2133 ([CVE-2021-41223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41223))
2134 * Fixes an arbitrary memory read in `ImmutableConst`
2135 ([CVE-2021-41227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41227))
2136 * Fixes a heap OOB in `SparseBinCount`
2137 ([CVE-2021-41226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41226))
2138 * Fixes a heap OOB in `SparseFillEmptyRows`
2139 ([CVE-2021-41224](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41224))
2140 * Fixes a segfault due to negative splits in `SplitV`
2141 ([CVE-2021-41222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41222))
2142 * Fixes segfaults and vulnerabilities caused by accesses to invalid memory
2144 ([CVE-2021-41221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41221))
2145 * Fixes a null pointer exception when `Exit` node is not preceded by `Enter`
2147 ([CVE-2021-41217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41217))
2148 * Fixes an integer division by 0 in `tf.raw_ops.AllToAll`
2149 ([CVE-2021-41218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41218))
2150 * Fixes an undefined behavior via `nullptr` reference binding in sparse matrix
2152 ([CVE-2021-41219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41219))
2153 * Fixes a heap buffer overflow in `Transpose`
2154 ([CVE-2021-41216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41216))
2156 ([CVE-2021-41213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41213))
2157 * Fixes a null pointer exception in `DeserializeSparse`
2158 ([CVE-2021-41215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41215))
2159 * Fixes an undefined behavior arising from reference binding to `nullptr` in
2161 ([CVE-2021-41214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41214))
2162 * Fixes a heap OOB read in `tf.ragged.cross`
2163 ([CVE-2021-41212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41212))
2164 * Fixes a heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
2165 ([CVE-2021-41205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41205))
2166 * Fixes an FPE in `ParallelConcat`
2167 ([CVE-2021-41207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41207))
2168 * Fixes FPE issues in convolutions with zero size filters
2169 ([CVE-2021-41209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41209))
2170 * Fixes a heap OOB read in `tf.raw_ops.SparseCountSparseOutput`
2171 ([CVE-2021-41210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41210))
2172 * Fixes vulnerabilities caused by incomplete validation in boosted trees code
2173 ([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
2174 * Fixes vulnerabilities caused by incomplete validation of shapes in multiple
2176 ([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
2177 * Fixes a segfault produced while copying constant resource tensor
2178 ([CVE-2021-41204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41204))
2179 * Fixes a vulnerability caused by unitialized access in
2181 ([CVE-2021-41201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41201))
2182 * Fixes several vulnerabilities and segfaults caused by missing validation
2184 ([CVE-2021-41203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41203))
2185 * Fixes an overflow producing a crash in `tf.range`
2186 ([CVE-2021-41202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41202))
2187 * Fixes an overflow producing a crash in `tf.image.resize` when size is large
2188 ([CVE-2021-41199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41199))
2189 * Fixes an overflow producing a crash in `tf.tile` when tiling tensor is large
2190 ([CVE-2021-41198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41198))
2191 * Fixes a vulnerability produced due to incomplete validation in
2193 ([CVE-2021-41200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41200))
2194 * Fixes multiple crashes due to overflow and `CHECK`-fail in ops with large
2196 ([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
2197 * Fixes a crash in `max_pool3d` when size argument is 0 or negative
2198 ([CVE-2021-41196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41196))
2199 * Fixes a crash in `tf.math.segment_*` operations
2200 ([CVE-2021-41195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41195))
2202 [CVE-2021-22922](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922),
2203 [CVE-2021-22923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923),
2204 [CVE-2021-22924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924),
2205 [CVE-2021-22925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925),
2207 [CVE-2021-22926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926).
2211 This release introduces several vulnerability fixes:
2213 * Fixes a heap out of bounds access in sparse reduction operations
2214 ([CVE-2021-37635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37635))
2215 * Fixes a floating point exception in `SparseDenseCwiseDiv`
2216 ([CVE-2021-37636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37636))
2217 * Fixes a null pointer dereference in `CompressElement`
2218 ([CVE-2021-37637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37637))
2219 * Fixes a null pointer dereference in `RaggedTensorToTensor`
2220 ([CVE-2021-37638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37638))
2221 * Fixes a null pointer dereference and a heap OOB read arising from operations
2223 ([CVE-2021-37639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37639))
2224 * Fixes an integer division by 0 in sparse reshaping
2225 ([CVE-2021-37640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37640))
2226 * Fixes a division by 0 in `ResourceScatterDiv`
2227 ([CVE-2021-37642](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37642))
2228 * Fixes a heap OOB in `RaggedGather`
2229 ([CVE-2021-37641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37641))
2230 * Fixes a `std::abort` raised from `TensorListReserve`
2231 ([CVE-2021-37644](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37644))
2232 * Fixes a null pointer dereference in `MatrixDiagPartOp`
2233 ([CVE-2021-37643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37643))
2234 * Fixes an integer overflow due to conversion to unsigned
2235 ([CVE-2021-37645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37645))
2236 * Fixes a bad allocation error in `StringNGrams` caused by integer conversion
2237 ([CVE-2021-37646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37646))
2238 * Fixes a null pointer dereference in `SparseTensorSliceDataset`
2239 ([CVE-2021-37647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37647))
2240 * Fixes an incorrect validation of `SaveV2` inputs
2241 ([CVE-2021-37648](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37648))
2242 * Fixes a null pointer dereference in `UncompressElement`
2243 ([CVE-2021-37649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37649))
2244 * Fixes a segfault and a heap buffer overflow in
2246 ([CVE-2021-37650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37650))
2247 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
2248 ([CVE-2021-37651](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37651))
2249 * Fixes a use after free in boosted trees creation
2250 ([CVE-2021-37652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37652))
2251 * Fixes a division by 0 in `ResourceGather`
2252 ([CVE-2021-37653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37653))
2253 * Fixes a heap OOB and a `CHECK` fail in `ResourceGather`
2254 ([CVE-2021-37654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37654))
2255 * Fixes a heap OOB in `ResourceScatterUpdate`
2256 ([CVE-2021-37655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37655))
2257 * Fixes an undefined behavior arising from reference binding to nullptr in
2259 ([CVE-2021-37656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37656))
2260 * Fixes an undefined behavior arising from reference binding to nullptr in
2262 ([CVE-2021-37657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37657))
2263 * Fixes an undefined behavior arising from reference binding to nullptr in
2265 ([CVE-2021-37658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37658))
2266 * Fixes an undefined behavior arising from reference binding to nullptr and
2268 ([CVE-2021-37659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37659))
2269 * Fixes a division by 0 in inplace operations
2270 ([CVE-2021-37660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37660))
2271 * Fixes a crash caused by integer conversion to unsigned
2272 ([CVE-2021-37661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37661))
2273 * Fixes an undefined behavior arising from reference binding to nullptr in
2275 ([CVE-2021-37662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37662))
2276 * Fixes a heap OOB in boosted trees
2277 ([CVE-2021-37664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37664))
2278 * Fixes vulnerabilities arising from incomplete validation in `QuantizeV2`
2279 ([CVE-2021-37663](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37663))
2280 * Fixes vulnerabilities arising from incomplete validation in MKL
2282 ([CVE-2021-37665](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37665))
2283 * Fixes an undefined behavior arising from reference binding to nullptr in
2285 ([CVE-2021-37666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37666))
2286 * Fixes an undefined behavior arising from reference binding to nullptr in
2288 ([CVE-2021-37667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37667))
2289 * Fixes an FPE in `tf.raw_ops.UnravelIndex`
2290 ([CVE-2021-37668](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37668))
2291 * Fixes a crash in NMS ops caused by integer conversion to unsigned
2292 ([CVE-2021-37669](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37669))
2293 * Fixes a heap OOB in `UpperBound` and `LowerBound`
2294 ([CVE-2021-37670](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37670))
2295 * Fixes an undefined behavior arising from reference binding to nullptr in map
2297 ([CVE-2021-37671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37671))
2298 * Fixes a heap OOB in `SdcaOptimizerV2`
2299 ([CVE-2021-37672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37672))
2300 * Fixes a `CHECK`-fail in `MapStage`
2301 ([CVE-2021-37673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37673))
2302 * Fixes a vulnerability arising from incomplete validation in `MaxPoolGrad`
2303 ([CVE-2021-37674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37674))
2304 * Fixes an undefined behavior arising from reference binding to nullptr in
2306 ([CVE-2021-37676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37676))
2307 * Fixes a division by 0 in most convolution operators
2308 ([CVE-2021-37675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37675))
2309 * Fixes vulnerabilities arising from missing validation in shape inference for
2311 ([CVE-2021-37677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37677))
2312 * Fixes an arbitrary code execution due to YAML deserialization
2313 ([CVE-2021-37678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37678))
2314 * Fixes a heap OOB in nested `tf.map_fn` with `RaggedTensor`s
2315 ([CVE-2021-37679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37679))
2316 * Fixes a division by zero in TFLite
2317 ([CVE-2021-37680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37680))
2318 * Fixes an NPE in TFLite
2319 ([CVE-2021-37681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37681))
2320 * Fixes a vulnerability arising from use of unitialized value in TFLite
2321 ([CVE-2021-37682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37682))
2322 * Fixes an FPE in TFLite division operations
2323 ([CVE-2021-37683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37683))
2324 * Fixes an FPE in TFLite pooling operations
2325 ([CVE-2021-37684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37684))
2326 * Fixes an infinite loop in TFLite
2327 ([CVE-2021-37686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37686))
2328 * Fixes a heap OOB in TFLite
2329 ([CVE-2021-37685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37685))
2330 * Fixes a heap OOB in TFLite's `Gather*` implementations
2331 ([CVE-2021-37687](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37687))
2332 * Fixes an undefined behavior arising from null pointer dereference in TFLite
2333 ([CVE-2021-37688](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37688))
2334 * Fixes an undefined behavior arising from null pointer dereference in TFLite
2336 ([CVE-2021-37689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37689))
2337 * Fixes a FPE in LSH in TFLite
2338 ([CVE-2021-37691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37691))
2339 * Fixes a segfault on strings tensors with mismatched dimensions, arising in
2341 ([CVE-2021-37692](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37692))
2342 * Fixes a use after free and a potential segfault in shape inference functions
2343 ([CVE-2021-37690](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37690))
2345 [CVE-2021-22876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876),
2346 [CVE-2021-22897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22897),
2347 [CVE-2021-22898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898),
2349 [CVE-2021-22901](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22901).
2353 This release introduces several vulnerability fixes:
2355 * Fixes a code injection issue in `saved_model_cli`
2356 ([CVE-2021-41228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41228))
2357 * Fixes a vulnerability due to use of uninitialized value in Tensorflow
2358 ([CVE-2021-41225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41225))
2359 * Fixes a heap OOB in `FusedBatchNorm` kernels
2360 ([CVE-2021-41223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41223))
2361 * Fixes an arbitrary memory read in `ImmutableConst`
2362 ([CVE-2021-41227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41227))
2363 * Fixes a heap OOB in `SparseBinCount`
2364 ([CVE-2021-41226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41226))
2365 * Fixes a heap OOB in `SparseFillEmptyRows`
2366 ([CVE-2021-41224](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41224))
2367 * Fixes a segfault due to negative splits in `SplitV`
2368 ([CVE-2021-41222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41222))
2369 * Fixes segfaults and vulnerabilities caused by accesses to invalid memory
2371 ([CVE-2021-41221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41221))
2372 * Fixes a null pointer exception when `Exit` node is not preceded by `Enter`
2374 ([CVE-2021-41217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41217))
2375 * Fixes an integer division by 0 in `tf.raw_ops.AllToAll`
2376 ([CVE-2021-41218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41218))
2377 * Fixes an undefined behavior via `nullptr` reference binding in sparse matrix
2379 ([CVE-2021-41219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41219))
2380 * Fixes a heap buffer overflow in `Transpose`
2381 ([CVE-2021-41216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41216))
2383 ([CVE-2021-41213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41213))
2384 * Fixes a null pointer exception in `DeserializeSparse`
2385 ([CVE-2021-41215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41215))
2386 * Fixes an undefined behavior arising from reference binding to `nullptr` in
2388 ([CVE-2021-41214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41214))
2389 * Fixes a heap OOB read in `tf.ragged.cross`
2390 ([CVE-2021-41212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41212))
2391 * Fixes a heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
2392 ([CVE-2021-41205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41205))
2393 * Fixes an FPE in `ParallelConcat`
2394 ([CVE-2021-41207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41207))
2395 * Fixes FPE issues in convolutions with zero size filters
2396 ([CVE-2021-41209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41209))
2397 * Fixes a heap OOB read in `tf.raw_ops.SparseCountSparseOutput`
2398 ([CVE-2021-41210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41210))
2399 * Fixes vulnerabilities caused by incomplete validation in boosted trees code
2400 ([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
2401 * Fixes vulnerabilities caused by incomplete validation of shapes in multiple
2403 ([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
2404 * Fixes a segfault produced while copying constant resource tensor
2405 ([CVE-2021-41204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41204))
2406 * Fixes a vulnerability caused by unitialized access in
2408 ([CVE-2021-41201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41201))
2409 * Fixes several vulnerabilities and segfaults caused by missing validation
2411 ([CVE-2021-41203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41203))
2412 * Fixes an overflow producing a crash in `tf.range`
2413 ([CVE-2021-41202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41202))
2414 * Fixes an overflow producing a crash in `tf.image.resize` when size is large
2415 ([CVE-2021-41199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41199))
2416 * Fixes an overflow producing a crash in `tf.tile` when tiling tensor is large
2417 ([CVE-2021-41198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41198))
2418 * Fixes a vulnerability produced due to incomplete validation in
2420 ([CVE-2021-41200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41200))
2421 * Fixes multiple crashes due to overflow and `CHECK`-fail in ops with large
2423 ([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
2424 * Fixes a crash in `max_pool3d` when size argument is 0 or negative
2425 ([CVE-2021-41196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41196))
2426 * Fixes a crash in `tf.math.segment_*` operations
2427 ([CVE-2021-41195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41195))
2429 [CVE-2021-22922](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922),
2430 [CVE-2021-22923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923),
2431 [CVE-2021-22924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924),
2432 [CVE-2021-22925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925),
2434 [CVE-2021-22926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926).
2438 This release introduces several vulnerability fixes:
2440 * Fixes a heap out of bounds access in sparse reduction operations
2441 ([CVE-2021-37635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37635))
2442 * Fixes a floating point exception in `SparseDenseCwiseDiv`
2443 ([CVE-2021-37636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37636))
2444 * Fixes a null pointer dereference in `CompressElement`
2445 ([CVE-2021-37637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37637))
2446 * Fixes a null pointer dereference in `RaggedTensorToTensor`
2447 ([CVE-2021-37638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37638))
2448 * Fixes a null pointer dereference and a heap OOB read arising from operations
2450 ([CVE-2021-37639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37639))
2451 * Fixes an integer division by 0 in sparse reshaping
2452 ([CVE-2021-37640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37640))
2453 * Fixes a division by 0 in `ResourceScatterDiv`
2454 ([CVE-2021-37642](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37642))
2455 * Fixes a heap OOB in `RaggedGather`
2456 ([CVE-2021-37641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37641))
2457 * Fixes a `std::abort` raised from `TensorListReserve`
2458 ([CVE-2021-37644](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37644))
2459 * Fixes a null pointer dereference in `MatrixDiagPartOp`
2460 ([CVE-2021-37643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37643))
2461 * Fixes an integer overflow due to conversion to unsigned
2462 ([CVE-2021-37645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37645))
2463 * Fixes a bad allocation error in `StringNGrams` caused by integer conversion
2464 ([CVE-2021-37646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37646))
2465 * Fixes a null pointer dereference in `SparseTensorSliceDataset`
2466 ([CVE-2021-37647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37647))
2467 * Fixes an incorrect validation of `SaveV2` inputs
2468 ([CVE-2021-37648](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37648))
2469 * Fixes a null pointer dereference in `UncompressElement`
2470 ([CVE-2021-37649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37649))
2471 * Fixes a segfault and a heap buffer overflow in
2473 ([CVE-2021-37650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37650))
2474 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
2475 ([CVE-2021-37651](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37651))
2476 * Fixes a use after free in boosted trees creation
2477 ([CVE-2021-37652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37652))
2478 * Fixes a division by 0 in `ResourceGather`
2479 ([CVE-2021-37653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37653))
2480 * Fixes a heap OOB and a `CHECK` fail in `ResourceGather`
2481 ([CVE-2021-37654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37654))
2482 * Fixes a heap OOB in `ResourceScatterUpdate`
2483 ([CVE-2021-37655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37655))
2484 * Fixes an undefined behavior arising from reference binding to nullptr in
2486 ([CVE-2021-37656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37656))
2487 * Fixes an undefined behavior arising from reference binding to nullptr in
2489 ([CVE-2021-37657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37657))
2490 * Fixes an undefined behavior arising from reference binding to nullptr in
2492 ([CVE-2021-37658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37658))
2493 * Fixes an undefined behavior arising from reference binding to nullptr and
2495 ([CVE-2021-37659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37659))
2496 * Fixes a division by 0 in inplace operations
2497 ([CVE-2021-37660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37660))
2498 * Fixes a crash caused by integer conversion to unsigned
2499 ([CVE-2021-37661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37661))
2500 * Fixes an undefined behavior arising from reference binding to nullptr in
2502 ([CVE-2021-37662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37662))
2503 * Fixes a heap OOB in boosted trees
2504 ([CVE-2021-37664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37664))
2505 * Fixes vulnerabilities arising from incomplete validation in `QuantizeV2`
2506 ([CVE-2021-37663](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37663))
2507 * Fixes vulnerabilities arising from incomplete validation in MKL
2509 ([CVE-2021-37665](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37665))
2510 * Fixes an undefined behavior arising from reference binding to nullptr in
2512 ([CVE-2021-37666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37666))
2513 * Fixes an undefined behavior arising from reference binding to nullptr in
2515 ([CVE-2021-37667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37667))
2516 * Fixes an FPE in `tf.raw_ops.UnravelIndex`
2517 ([CVE-2021-37668](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37668))
2518 * Fixes a crash in NMS ops caused by integer conversion to unsigned
2519 ([CVE-2021-37669](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37669))
2520 * Fixes a heap OOB in `UpperBound` and `LowerBound`
2521 ([CVE-2021-37670](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37670))
2522 * Fixes an undefined behavior arising from reference binding to nullptr in map
2524 ([CVE-2021-37671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37671))
2525 * Fixes a heap OOB in `SdcaOptimizerV2`
2526 ([CVE-2021-37672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37672))
2527 * Fixes a `CHECK`-fail in `MapStage`
2528 ([CVE-2021-37673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37673))
2529 * Fixes a vulnerability arising from incomplete validation in `MaxPoolGrad`
2530 ([CVE-2021-37674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37674))
2531 * Fixes an undefined behavior arising from reference binding to nullptr in
2533 ([CVE-2021-37676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37676))
2534 * Fixes a division by 0 in most convolution operators
2535 ([CVE-2021-37675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37675))
2536 * Fixes vulnerabilities arising from missing validation in shape inference for
2538 ([CVE-2021-37677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37677))
2539 * Fixes an arbitrary code execution due to YAML deserialization
2540 ([CVE-2021-37678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37678))
2541 * Fixes a heap OOB in nested `tf.map_fn` with `RaggedTensor`s
2542 ([CVE-2021-37679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37679))
2543 * Fixes a division by zero in TFLite
2544 ([CVE-2021-37680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37680))
2545 * Fixes an NPE in TFLite
2546 ([CVE-2021-37681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37681))
2547 * Fixes a vulnerability arising from use of unitialized value in TFLite
2548 ([CVE-2021-37682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37682))
2549 * Fixes an FPE in TFLite division operations
2550 ([CVE-2021-37683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37683))
2551 * Fixes an FPE in TFLite pooling operations
2552 ([CVE-2021-37684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37684))
2553 * Fixes an infinite loop in TFLite
2554 ([CVE-2021-37686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37686))
2555 * Fixes a heap OOB in TFLite
2556 ([CVE-2021-37685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37685))
2557 * Fixes a heap OOB in TFLite's `Gather*` implementations
2558 ([CVE-2021-37687](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37687))
2559 * Fixes an undefined behavior arising from null pointer dereference in TFLite
2560 ([CVE-2021-37688](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37688))
2561 * Fixes an undefined behavior arising from null pointer dereference in TFLite
2563 ([CVE-2021-37689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37689))
2564 * Fixes a FPE in LSH in TFLite
2565 ([CVE-2021-37691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37691))
2566 * Fixes a segfault on strings tensors with mismatched dimensions, arising in
2568 ([CVE-2021-37692](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37692))
2569 * Fixes a use after free and a potential segfault in shape inference functions
2570 ([CVE-2021-37690](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37690))
2572 [CVE-2021-22876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876),
2573 [CVE-2021-22897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22897),
2574 [CVE-2021-22898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898),
2576 [CVE-2021-22901](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22901).
2580 This release introduces several vulnerability fixes:
2582 * Fixes a heap out of bounds access in sparse reduction operations
2583 ([CVE-2021-37635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37635))
2584 * Fixes a floating point exception in `SparseDenseCwiseDiv`
2585 ([CVE-2021-37636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37636))
2586 * Fixes a null pointer dereference in `CompressElement`
2587 ([CVE-2021-37637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37637))
2588 * Fixes a null pointer dereference in `RaggedTensorToTensor`
2589 ([CVE-2021-37638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37638))
2590 * Fixes a null pointer dereference and a heap OOB read arising from operations
2592 ([CVE-2021-37639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37639))
2593 * Fixes an integer division by 0 in sparse reshaping
2594 ([CVE-2021-37640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37640))
2595 * Fixes a division by 0 in `ResourceScatterDiv`
2596 ([CVE-2021-37642](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37642))
2597 * Fixes a heap OOB in `RaggedGather`
2598 ([CVE-2021-37641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37641))
2599 * Fixes a `std::abort` raised from `TensorListReserve`
2600 ([CVE-2021-37644](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37644))
2601 * Fixes a null pointer dereference in `MatrixDiagPartOp`
2602 ([CVE-2021-37643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37643))
2603 * Fixes an integer overflow due to conversion to unsigned
2604 ([CVE-2021-37645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37645))
2605 * Fixes a bad allocation error in `StringNGrams` caused by integer conversion
2606 ([CVE-2021-37646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37646))
2607 * Fixes a null pointer dereference in `SparseTensorSliceDataset`
2608 ([CVE-2021-37647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37647))
2609 * Fixes an incorrect validation of `SaveV2` inputs
2610 ([CVE-2021-37648](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37648))
2611 * Fixes a null pointer dereference in `UncompressElement`
2612 ([CVE-2021-37649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37649))
2613 * Fixes a segfault and a heap buffer overflow in
2615 ([CVE-2021-37650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37650))
2616 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
2617 ([CVE-2021-37651](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37651))
2618 * Fixes a use after free in boosted trees creation
2619 ([CVE-2021-37652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37652))
2620 * Fixes a division by 0 in `ResourceGather`
2621 ([CVE-2021-37653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37653))
2622 * Fixes a heap OOB and a `CHECK` fail in `ResourceGather`
2623 ([CVE-2021-37654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37654))
2624 * Fixes a heap OOB in `ResourceScatterUpdate`
2625 ([CVE-2021-37655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37655))
2626 * Fixes an undefined behavior arising from reference binding to nullptr in
2628 ([CVE-2021-37656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37656))
2629 * Fixes an undefined behavior arising from reference binding to nullptr in
2631 ([CVE-2021-37657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37657))
2632 * Fixes an undefined behavior arising from reference binding to nullptr in
2634 ([CVE-2021-37658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37658))
2635 * Fixes an undefined behavior arising from reference binding to nullptr and
2637 ([CVE-2021-37659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37659))
2638 * Fixes a division by 0 in inplace operations
2639 ([CVE-2021-37660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37660))
2640 * Fixes a crash caused by integer conversion to unsigned
2641 ([CVE-2021-37661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37661))
2642 * Fixes an undefined behavior arising from reference binding to nullptr in
2644 ([CVE-2021-37662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37662))
2645 * Fixes a heap OOB in boosted trees
2646 ([CVE-2021-37664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37664))
2647 * Fixes vulnerabilities arising from incomplete validation in `QuantizeV2`
2648 ([CVE-2021-37663](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37663))
2649 * Fixes vulnerabilities arising from incomplete validation in MKL
2651 ([CVE-2021-37665](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37665))
2652 * Fixes an undefined behavior arising from reference binding to nullptr in
2654 ([CVE-2021-37666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37666))
2655 * Fixes an undefined behavior arising from reference binding to nullptr in
2657 ([CVE-2021-37667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37667))
2658 * Fixes an FPE in `tf.raw_ops.UnravelIndex`
2659 ([CVE-2021-37668](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37668))
2660 * Fixes a crash in NMS ops caused by integer conversion to unsigned
2661 ([CVE-2021-37669](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37669))
2662 * Fixes a heap OOB in `UpperBound` and `LowerBound`
2663 ([CVE-2021-37670](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37670))
2664 * Fixes an undefined behavior arising from reference binding to nullptr in map
2666 ([CVE-2021-37671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37671))
2667 * Fixes a heap OOB in `SdcaOptimizerV2`
2668 ([CVE-2021-37672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37672))
2669 * Fixes a `CHECK`-fail in `MapStage`
2670 ([CVE-2021-37673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37673))
2671 * Fixes a vulnerability arising from incomplete validation in `MaxPoolGrad`
2672 ([CVE-2021-37674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37674))
2673 * Fixes an undefined behavior arising from reference binding to nullptr in
2675 ([CVE-2021-37676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37676))
2676 * Fixes a division by 0 in most convolution operators
2677 ([CVE-2021-37675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37675))
2678 * Fixes vulnerabilities arising from missing validation in shape inference for
2680 ([CVE-2021-37677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37677))
2681 * Fixes an arbitrary code execution due to YAML deserialization
2682 ([CVE-2021-37678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37678))
2683 * Fixes a heap OOB in nested `tf.map_fn` with `RaggedTensor`s
2684 ([CVE-2021-37679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37679))
2685 * Fixes a division by zero in TFLite
2686 ([CVE-2021-37680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37680))
2687 * Fixes an NPE in TFLite
2688 ([CVE-2021-37681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37681))
2689 * Fixes a vulnerability arising from use of unitialized value in TFLite
2690 ([CVE-2021-37682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37682))
2691 * Fixes an FPE in TFLite division operations
2692 ([CVE-2021-37683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37683))
2693 * Fixes an FPE in TFLite pooling operations
2694 ([CVE-2021-37684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37684))
2695 * Fixes an infinite loop in TFLite
2696 ([CVE-2021-37686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37686))
2697 * Fixes a heap OOB in TFLite
2698 ([CVE-2021-37685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37685))
2699 * Fixes a heap OOB in TFLite's `Gather*` implementations
2700 ([CVE-2021-37687](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37687))
2701 * Fixes an undefined behavior arising from null pointer dereference in TFLite
2702 ([CVE-2021-37688](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37688))
2703 * Fixes an undefined behavior arising from null pointer dereference in TFLite
2705 ([CVE-2021-37689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37689))
2706 * Fixes a FPE in LSH in TFLite
2707 ([CVE-2021-37691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37691))
2708 * Fixes a segfault on strings tensors with mismatched dimensions, arising in
2710 ([CVE-2021-37692](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37692))
2711 * Fixes a use after free and a potential segfault in shape inference functions
2712 ([CVE-2021-37690](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37690))
2714 [CVE-2021-22876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876),
2715 [CVE-2021-22897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22897),
2716 [CVE-2021-22898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898),
2718 [CVE-2021-22901](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22901).
2722 This release introduces several vulnerability fixes:
2724 * Fixes a heap buffer overflow in `RaggedBinCount`
2725 ([CVE-2021-29512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29512))
2726 * Fixes a heap out of bounds write in `RaggedBinCount`
2727 ([CVE-2021-29514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29514))
2728 * Fixes a type confusion during tensor casts which leads to dereferencing null
2730 ([CVE-2021-29513](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29513))
2731 * Fixes a reference binding to null pointer in `MatrixDiag*` ops
2732 ([CVE-2021-29515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29515))
2733 * Fixes a null pointer dereference via invalid Ragged Tensors
2734 ([CVE-2021-29516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29516))
2735 * Fixes a division by zero in `Conv3D`
2736 ([CVE-2021-29517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29517))
2737 * Fixes vulnerabilities where session operations in eager mode lead to null
2739 ([CVE-2021-29518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29518))
2740 * Fixes a `CHECK`-fail in `SparseCross` caused by type confusion
2741 ([CVE-2021-29519](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29519))
2742 * Fixes a segfault in `SparseCountSparseOutput`
2743 ([CVE-2021-29521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29521))
2744 * Fixes a heap buffer overflow in `Conv3DBackprop*`
2745 ([CVE-2021-29520](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29520))
2746 * Fixes a division by 0 in `Conv3DBackprop*`
2747 ([CVE-2021-29522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29522))
2748 * Fixes a `CHECK`-fail in `AddManySparseToTensorsMap`
2749 ([CVE-2021-29523](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29523))
2750 * Fixes a division by 0 in `Conv2DBackpropFilter`
2751 ([CVE-2021-29524](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29524))
2752 * Fixes a division by 0 in `Conv2DBackpropInput`
2753 ([CVE-2021-29525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29525))
2754 * Fixes a division by 0 in `Conv2D`
2755 ([CVE-2021-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29526))
2756 * Fixes a division by 0 in `QuantizedConv2D`
2757 ([CVE-2021-29527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29527))
2758 * Fixes a division by 0 in `QuantizedMul`
2759 ([CVE-2021-29528](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29528))
2760 * Fixes vulnerabilities caused by invalid validation in
2762 ([CVE-2021-29530](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29530))
2763 * Fixes a heap buffer overflow caused by rounding
2764 ([CVE-2021-29529](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29529))
2765 * Fixes a `CHECK`-fail in `tf.raw_ops.EncodePng`
2766 ([CVE-2021-29531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29531))
2767 * Fixes a heap out of bounds read in `RaggedCross`
2768 ([CVE-2021-29532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29532))
2769 * Fixes a `CHECK`-fail in `DrawBoundingBoxes`
2770 ([CVE-2021-29533](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29533))
2771 * Fixes a heap buffer overflow in `QuantizedMul`
2772 ([CVE-2021-29535](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29535))
2773 * Fixes a `CHECK`-fail in `SparseConcat`
2774 ([CVE-2021-29534](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29534))
2775 * Fixes a heap buffer overflow in `QuantizedResizeBilinear`
2776 ([CVE-2021-29537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29537))
2777 * Fixes a heap buffer overflow in `QuantizedReshape`
2778 ([CVE-2021-29536](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29536))
2779 * Fixes a division by zero in `Conv2DBackpropFilter`
2780 ([CVE-2021-29538](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29538))
2781 * Fixes a heap buffer overflow in `Conv2DBackpropFilter`
2782 ([CVE-2021-29540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29540))
2783 * Fixes a heap buffer overflow in `StringNGrams`
2784 ([CVE-2021-29542](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29542))
2785 * Fixes a null pointer dereference in `StringNGrams`
2786 ([CVE-2021-29541](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29541))
2787 * Fixes a `CHECK`-fail in `QuantizeAndDequantizeV4Grad`
2788 ([CVE-2021-29544](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29544))
2789 * Fixes a `CHECK`-fail in `CTCGreedyDecoder`
2790 ([CVE-2021-29543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29543))
2791 * Fixes a heap buffer overflow in `SparseTensorToCSRSparseMatrix`
2792 ([CVE-2021-29545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29545))
2793 * Fixes a division by 0 in `QuantizedBiasAdd`
2794 ([CVE-2021-29546](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29546))
2795 * Fixes a heap out of bounds in `QuantizedBatchNormWithGlobalNormalization`
2796 ([CVE-2021-29547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29547))
2797 * Fixes a division by 0 in `QuantizedBatchNormWithGlobalNormalization`
2798 ([CVE-2021-29548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29548))
2799 * Fixes a division by 0 in `QuantizedAdd`
2800 ([CVE-2021-29549](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29549))
2801 * Fixes a division by 0 in `FractionalAvgPool`
2802 ([CVE-2021-29550](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29550))
2803 * Fixes an OOB read in `MatrixTriangularSolve`
2804 ([CVE-2021-29551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29551))
2805 * Fixes a heap OOB in `QuantizeAndDequantizeV3`
2806 ([CVE-2021-29553](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29553))
2807 * Fixes a `CHECK`-failure in `UnsortedSegmentJoin`
2808 ([CVE-2021-29552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29552))
2809 * Fixes a division by 0 in `DenseCountSparseOutput`
2810 ([CVE-2021-29554](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29554))
2811 * Fixes a division by 0 in `FusedBatchNorm`
2812 ([CVE-2021-29555](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29555))
2813 * Fixes a division by 0 in `SparseMatMul`
2814 ([CVE-2021-29557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29557))
2815 * Fixes a division by 0 in `Reverse`
2816 ([CVE-2021-29556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29556))
2817 * Fixes a heap buffer overflow in `SparseSplit`
2818 ([CVE-2021-29558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29558))
2819 * Fixes a heap OOB access in unicode ops
2820 ([CVE-2021-29559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29559))
2821 * Fixes a heap buffer overflow in `RaggedTensorToTensor`
2822 ([CVE-2021-29560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29560))
2823 * Fixes a `CHECK`-fail in `LoadAndRemapMatrix`
2824 ([CVE-2021-29561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29561))
2825 * Fixes a `CHECK`-fail in `tf.raw_ops.IRFFT`
2826 ([CVE-2021-29562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29562))
2827 * Fixes a `CHECK`-fail in `tf.raw_ops.RFFT`
2828 ([CVE-2021-29563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29563))
2829 * Fixes a null pointer dereference in `EditDistance`
2830 ([CVE-2021-29564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29564))
2831 * Fixes a null pointer dereference in `SparseFillEmptyRows`
2832 ([CVE-2021-29565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29565))
2833 * Fixes a heap OOB access in `Dilation2DBackpropInput`
2834 ([CVE-2021-29566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29566))
2835 * Fixes a reference binding to null in `ParameterizedTruncatedNormal`
2836 ([CVE-2021-29568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29568))
2837 * Fixes a set of vulnerabilities caused by lack of validation in
2839 ([CVE-2021-29567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29567))
2840 * Fixes a heap out of bounds read in `MaxPoolGradWithArgmax`
2841 ([CVE-2021-29570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29570))
2842 * Fixes a heap out of bounds read in `RequantizationRange`
2843 ([CVE-2021-29569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29569))
2844 * Fixes a memory corruption in `DrawBoundingBoxesV2`
2845 ([CVE-2021-29571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29571))
2846 * Fixes a reference binding to nullptr in `SdcaOptimizer`
2847 ([CVE-2021-29572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29572))
2848 * Fixes an overflow and a denial of service in `tf.raw_ops.ReverseSequence`
2849 ([CVE-2021-29575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29575))
2850 * Fixes a division by 0 in `MaxPoolGradWithArgmax`
2851 ([CVE-2021-29573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29573))
2852 * Fixes an undefined behavior in `MaxPool3DGradGrad`
2853 ([CVE-2021-29574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29574))
2854 * Fixes a heap buffer overflow in `MaxPool3DGradGrad`
2855 ([CVE-2021-29576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29576))
2856 * Fixes a heap buffer overflow in `AvgPool3DGrad`
2857 ([CVE-2021-29577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29577))
2858 * Fixes an undefined behavior and a `CHECK`-fail in `FractionalMaxPoolGrad`
2859 ([CVE-2021-29580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29580))
2860 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
2861 ([CVE-2021-29578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29578))
2862 * Fixes a heap buffer overflow in `MaxPoolGrad`
2863 ([CVE-2021-29579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29579))
2864 * Fixes a segfault in `CTCBeamSearchDecoder`
2865 ([CVE-2021-29581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29581))
2866 * Fixes a heap OOB read in `tf.raw_ops.Dequantize`
2867 ([CVE-2021-29582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29582))
2868 * Fixes a `CHECK`-fail due to integer overflow
2869 ([CVE-2021-29584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29584))
2870 * Fixes a heap buffer overflow and undefined behavior in `FusedBatchNorm`
2871 ([CVE-2021-29583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29583))
2872 * Fixes a division by zero in padding computation in TFLite
2873 ([CVE-2021-29585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29585))
2874 * Fixes a division by zero in optimized pooling implementations in TFLite
2875 ([CVE-2021-29586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29586))
2876 * Fixes a division by zero in TFLite's implementation of `SpaceToDepth`
2877 ([CVE-2021-29587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29587))
2878 * Fixes a division by zero in TFLite's implementation of `GatherNd`
2879 ([CVE-2021-29589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29589))
2880 * Fixes a division by zero in TFLite's implementation of `TransposeConv`
2881 ([CVE-2021-29588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29588))
2882 * Fixes a heap OOB read in TFLite's implementation of `Minimum` or `Maximum`
2883 ([CVE-2021-29590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29590))
2884 * Fixes a null pointer dereference in TFLite's `Reshape` operator
2885 ([CVE-2021-29592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29592))
2886 * Fixes a stack overflow due to looping TFLite subgraph
2887 ([CVE-2021-29591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29591))
2888 * Fixes a division by zero in TFLite's implementation of `DepthToSpace`
2889 ([CVE-2021-29595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29595))
2890 * Fixes a division by zero in TFLite's convolution code
2891 ([CVE-2021-29594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29594))
2892 * Fixes a division by zero in TFLite's implementation of `EmbeddingLookup`
2893 ([CVE-2021-29596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29596))
2894 * Fixes a division by zero in TFLite's implementation of `BatchToSpaceNd`
2895 ([CVE-2021-29593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29593))
2896 * Fixes a division by zero in TFLite's implementation of `SpaceToBatchNd`
2897 ([CVE-2021-29597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29597))
2898 * Fixes a division by zero in TFLite's implementation of `SVDF`
2899 ([CVE-2021-29598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29598))
2900 * Fixes a division by zero in TFLite's implementation of `Split`
2901 ([CVE-2021-29599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29599))
2902 * Fixes a division by zero in TFLite's implementation of `OneHot`
2903 ([CVE-2021-29600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29600))
2904 * Fixes a division by zero in TFLite's implementation of `DepthwiseConv`
2905 ([CVE-2021-29602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29602))
2906 * Fixes a division by zero in TFLite's implementation of hashtable lookup
2907 ([CVE-2021-29604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29604))
2908 * Fixes a integer overflow in TFLite concatentation
2909 ([CVE-2021-29601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29601))
2910 * Fixes a integer overflow in TFLite memory allocation
2911 ([CVE-2021-29605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29605))
2912 * Fixes a heap OOB write in TFLite
2913 ([CVE-2021-29603](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29603))
2914 * Fixes a heap OOB read in TFLite
2915 ([CVE-2021-29606](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29606))
2916 * Fixes a heap OOB and null pointer dereference in `RaggedTensorToTensor`
2917 ([CVE-2021-29608](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29608))
2918 * Fixes vulnerabilities caused by incomplete validation in `SparseAdd`
2919 ([CVE-2021-29609](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29609))
2920 * Fixes vulnerabilities caused by incomplete validation in
2922 ([CVE-2021-29607](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29607))
2923 * Fixes vulnerabilities caused by incomplete validation in `SparseReshape`
2924 ([CVE-2021-29611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29611))
2925 * Fixes vulnerabilities caused by invalid validation in
2927 ([CVE-2021-29610](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29610))
2928 * Fixes a heap buffer overflow in `BandedTriangularSolve`
2929 ([CVE-2021-29612](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29612))
2930 * Fixes vulnerabilities caused by incomplete validation in
2932 ([CVE-2021-29613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29613))
2933 * Fixes an interpreter crash from vulnerabilities in `tf.io.decode_raw`
2934 ([CVE-2021-29614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29614))
2935 * Fixes a stack overflow in `ParseAttrValue` with nested tensors
2936 ([CVE-2021-29615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29615))
2937 * Fixes a null dereference in Grappler's `TrySimplify`
2938 ([CVE-2021-29616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29616))
2939 * Fixes a crash in `tf.transpose` with complex inputs
2940 ([CVE-2021-29618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29618))
2941 * Fixes a crash in `tf.strings.substr` due to `CHECK`-fail
2942 ([CVE-2021-29617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29617))
2943 * Fixes a segfault in `tf.raw_ops.SparseCountSparseOutput`
2944 ([CVE-2021-29619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29619))
2945 * Fixes a segfault in `tf.raw_ops.ImmutableConst`
2946 ([CVE-2021-29539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29539))
2948 [CVE-2020-8169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169),
2949 [CVE-2020-8177](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177),
2950 [CVE-2020-8231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231),
2951 [CVE-2020-8284](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284),
2952 [CVE-2020-8285](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285)
2954 [CVE-2020-8286](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286).
2958 This release introduces several vulnerability fixes:
2960 * Fixes a heap buffer overflow in `RaggedBinCount`
2961 ([CVE-2021-29512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29512))
2962 * Fixes a heap out of bounds write in `RaggedBinCount`
2963 ([CVE-2021-29514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29514))
2964 * Fixes a type confusion during tensor casts which leads to dereferencing null
2966 ([CVE-2021-29513](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29513))
2967 * Fixes a reference binding to null pointer in `MatrixDiag*` ops
2968 ([CVE-2021-29515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29515))
2969 * Fixes a null pointer dereference via invalid Ragged Tensors
2970 ([CVE-2021-29516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29516))
2971 * Fixes a division by zero in `Conv3D`
2972 ([CVE-2021-29517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29517))
2973 * Fixes vulnerabilities where session operations in eager mode lead to null
2975 ([CVE-2021-29518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29518))
2976 * Fixes a `CHECK`-fail in `SparseCross` caused by type confusion
2977 ([CVE-2021-29519](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29519))
2978 * Fixes a segfault in `SparseCountSparseOutput`
2979 ([CVE-2021-29521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29521))
2980 * Fixes a heap buffer overflow in `Conv3DBackprop*`
2981 ([CVE-2021-29520](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29520))
2982 * Fixes a division by 0 in `Conv3DBackprop*`
2983 ([CVE-2021-29522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29522))
2984 * Fixes a `CHECK`-fail in `AddManySparseToTensorsMap`
2985 ([CVE-2021-29523](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29523))
2986 * Fixes a division by 0 in `Conv2DBackpropFilter`
2987 ([CVE-2021-29524](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29524))
2988 * Fixes a division by 0 in `Conv2DBackpropInput`
2989 ([CVE-2021-29525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29525))
2990 * Fixes a division by 0 in `Conv2D`
2991 ([CVE-2021-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29526))
2992 * Fixes a division by 0 in `QuantizedConv2D`
2993 ([CVE-2021-29527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29527))
2994 * Fixes a division by 0 in `QuantizedMul`
2995 ([CVE-2021-29528](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29528))
2996 * Fixes vulnerabilities caused by invalid validation in
2998 ([CVE-2021-29530](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29530))
2999 * Fixes a heap buffer overflow caused by rounding
3000 ([CVE-2021-29529](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29529))
3001 * Fixes a `CHECK`-fail in `tf.raw_ops.EncodePng`
3002 ([CVE-2021-29531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29531))
3003 * Fixes a heap out of bounds read in `RaggedCross`
3004 ([CVE-2021-29532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29532))
3005 * Fixes a `CHECK`-fail in `DrawBoundingBoxes`
3006 ([CVE-2021-29533](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29533))
3007 * Fixes a heap buffer overflow in `QuantizedMul`
3008 ([CVE-2021-29535](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29535))
3009 * Fixes a `CHECK`-fail in `SparseConcat`
3010 ([CVE-2021-29534](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29534))
3011 * Fixes a heap buffer overflow in `QuantizedResizeBilinear`
3012 ([CVE-2021-29537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29537))
3013 * Fixes a heap buffer overflow in `QuantizedReshape`
3014 ([CVE-2021-29536](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29536))
3015 * Fixes a division by zero in `Conv2DBackpropFilter`
3016 ([CVE-2021-29538](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29538))
3017 * Fixes a heap buffer overflow in `Conv2DBackpropFilter`
3018 ([CVE-2021-29540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29540))
3019 * Fixes a heap buffer overflow in `StringNGrams`
3020 ([CVE-2021-29542](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29542))
3021 * Fixes a null pointer dereference in `StringNGrams`
3022 ([CVE-2021-29541](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29541))
3023 * Fixes a `CHECK`-fail in `QuantizeAndDequantizeV4Grad`
3024 ([CVE-2021-29544](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29544))
3025 * Fixes a `CHECK`-fail in `CTCGreedyDecoder`
3026 ([CVE-2021-29543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29543))
3027 * Fixes a heap buffer overflow in `SparseTensorToCSRSparseMatrix`
3028 ([CVE-2021-29545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29545))
3029 * Fixes a division by 0 in `QuantizedBiasAdd`
3030 ([CVE-2021-29546](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29546))
3031 * Fixes a heap out of bounds in `QuantizedBatchNormWithGlobalNormalization`
3032 ([CVE-2021-29547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29547))
3033 * Fixes a division by 0 in `QuantizedBatchNormWithGlobalNormalization`
3034 ([CVE-2021-29548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29548))
3035 * Fixes a division by 0 in `QuantizedAdd`
3036 ([CVE-2021-29549](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29549))
3037 * Fixes a division by 0 in `FractionalAvgPool`
3038 ([CVE-2021-29550](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29550))
3039 * Fixes an OOB read in `MatrixTriangularSolve`
3040 ([CVE-2021-29551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29551))
3041 * Fixes a heap OOB in `QuantizeAndDequantizeV3`
3042 ([CVE-2021-29553](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29553))
3043 * Fixes a `CHECK`-failure in `UnsortedSegmentJoin`
3044 ([CVE-2021-29552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29552))
3045 * Fixes a division by 0 in `DenseCountSparseOutput`
3046 ([CVE-2021-29554](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29554))
3047 * Fixes a division by 0 in `FusedBatchNorm`
3048 ([CVE-2021-29555](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29555))
3049 * Fixes a division by 0 in `SparseMatMul`
3050 ([CVE-2021-29557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29557))
3051 * Fixes a division by 0 in `Reverse`
3052 ([CVE-2021-29556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29556))
3053 * Fixes a heap buffer overflow in `SparseSplit`
3054 ([CVE-2021-29558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29558))
3055 * Fixes a heap OOB access in unicode ops
3056 ([CVE-2021-29559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29559))
3057 * Fixes a heap buffer overflow in `RaggedTensorToTensor`
3058 ([CVE-2021-29560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29560))
3059 * Fixes a `CHECK`-fail in `LoadAndRemapMatrix`
3060 ([CVE-2021-29561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29561))
3061 * Fixes a `CHECK`-fail in `tf.raw_ops.IRFFT`
3062 ([CVE-2021-29562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29562))
3063 * Fixes a `CHECK`-fail in `tf.raw_ops.RFFT`
3064 ([CVE-2021-29563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29563))
3065 * Fixes a null pointer dereference in `EditDistance`
3066 ([CVE-2021-29564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29564))
3067 * Fixes a null pointer dereference in `SparseFillEmptyRows`
3068 ([CVE-2021-29565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29565))
3069 * Fixes a heap OOB access in `Dilation2DBackpropInput`
3070 ([CVE-2021-29566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29566))
3071 * Fixes a reference binding to null in `ParameterizedTruncatedNormal`
3072 ([CVE-2021-29568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29568))
3073 * Fixes a set of vulnerabilities caused by lack of validation in
3075 ([CVE-2021-29567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29567))
3076 * Fixes a heap out of bounds read in `MaxPoolGradWithArgmax`
3077 ([CVE-2021-29570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29570))
3078 * Fixes a heap out of bounds read in `RequantizationRange`
3079 ([CVE-2021-29569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29569))
3080 * Fixes a memory corruption in `DrawBoundingBoxesV2`
3081 ([CVE-2021-29571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29571))
3082 * Fixes a reference binding to nullptr in `SdcaOptimizer`
3083 ([CVE-2021-29572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29572))
3084 * Fixes an overflow and a denial of service in `tf.raw_ops.ReverseSequence`
3085 ([CVE-2021-29575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29575))
3086 * Fixes a division by 0 in `MaxPoolGradWithArgmax`
3087 ([CVE-2021-29573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29573))
3088 * Fixes an undefined behavior in `MaxPool3DGradGrad`
3089 ([CVE-2021-29574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29574))
3090 * Fixes a heap buffer overflow in `MaxPool3DGradGrad`
3091 ([CVE-2021-29576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29576))
3092 * Fixes a heap buffer overflow in `AvgPool3DGrad`
3093 ([CVE-2021-29577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29577))
3094 * Fixes an undefined behavior and a `CHECK`-fail in `FractionalMaxPoolGrad`
3095 ([CVE-2021-29580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29580))
3096 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
3097 ([CVE-2021-29578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29578))
3098 * Fixes a heap buffer overflow in `MaxPoolGrad`
3099 ([CVE-2021-29579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29579))
3100 * Fixes a segfault in `CTCBeamSearchDecoder`
3101 ([CVE-2021-29581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29581))
3102 * Fixes a heap OOB read in `tf.raw_ops.Dequantize`
3103 ([CVE-2021-29582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29582))
3104 * Fixes a `CHECK`-fail due to integer overflow
3105 ([CVE-2021-29584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29584))
3106 * Fixes a heap buffer overflow and undefined behavior in `FusedBatchNorm`
3107 ([CVE-2021-29583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29583))
3108 * Fixes a division by zero in padding computation in TFLite
3109 ([CVE-2021-29585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29585))
3110 * Fixes a division by zero in optimized pooling implementations in TFLite
3111 ([CVE-2021-29586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29586))
3112 * Fixes a division by zero in TFLite's implementation of `SpaceToDepth`
3113 ([CVE-2021-29587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29587))
3114 * Fixes a division by zero in TFLite's implementation of `GatherNd`
3115 ([CVE-2021-29589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29589))
3116 * Fixes a division by zero in TFLite's implementation of `TransposeConv`
3117 ([CVE-2021-29588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29588))
3118 * Fixes a heap OOB read in TFLite's implementation of `Minimum` or `Maximum`
3119 ([CVE-2021-29590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29590))
3120 * Fixes a null pointer dereference in TFLite's `Reshape` operator
3121 ([CVE-2021-29592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29592))
3122 * Fixes a stack overflow due to looping TFLite subgraph
3123 ([CVE-2021-29591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29591))
3124 * Fixes a division by zero in TFLite's implementation of `DepthToSpace`
3125 ([CVE-2021-29595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29595))
3126 * Fixes a division by zero in TFLite's convolution code
3127 ([CVE-2021-29594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29594))
3128 * Fixes a division by zero in TFLite's implementation of `EmbeddingLookup`
3129 ([CVE-2021-29596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29596))
3130 * Fixes a division by zero in TFLite's implementation of `BatchToSpaceNd`
3131 ([CVE-2021-29593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29593))
3132 * Fixes a division by zero in TFLite's implementation of `SpaceToBatchNd`
3133 ([CVE-2021-29597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29597))
3134 * Fixes a division by zero in TFLite's implementation of `SVDF`
3135 ([CVE-2021-29598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29598))
3136 * Fixes a division by zero in TFLite's implementation of `Split`
3137 ([CVE-2021-29599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29599))
3138 * Fixes a division by zero in TFLite's implementation of `OneHot`
3139 ([CVE-2021-29600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29600))
3140 * Fixes a division by zero in TFLite's implementation of `DepthwiseConv`
3141 ([CVE-2021-29602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29602))
3142 * Fixes a division by zero in TFLite's implementation of hashtable lookup
3143 ([CVE-2021-29604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29604))
3144 * Fixes a integer overflow in TFLite concatentation
3145 ([CVE-2021-29601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29601))
3146 * Fixes a integer overflow in TFLite memory allocation
3147 ([CVE-2021-29605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29605))
3148 * Fixes a heap OOB write in TFLite
3149 ([CVE-2021-29603](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29603))
3150 * Fixes a heap OOB read in TFLite
3151 ([CVE-2021-29606](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29606))
3152 * Fixes a heap OOB and null pointer dereference in `RaggedTensorToTensor`
3153 ([CVE-2021-29608](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29608))
3154 * Fixes vulnerabilities caused by incomplete validation in `SparseAdd`
3155 ([CVE-2021-29609](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29609))
3156 * Fixes vulnerabilities caused by incomplete validation in
3158 ([CVE-2021-29607](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29607))
3159 * Fixes vulnerabilities caused by incomplete validation in `SparseReshape`
3160 ([CVE-2021-29611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29611))
3161 * Fixes vulnerabilities caused by invalid validation in
3163 ([CVE-2021-29610](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29610))
3164 * Fixes a heap buffer overflow in `BandedTriangularSolve`
3165 ([CVE-2021-29612](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29612))
3166 * Fixes vulnerabilities caused by incomplete validation in
3168 ([CVE-2021-29613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29613))
3169 * Fixes an interpreter crash from vulnerabilities in `tf.io.decode_raw`
3170 ([CVE-2021-29614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29614))
3171 * Fixes a stack overflow in `ParseAttrValue` with nested tensors
3172 ([CVE-2021-29615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29615))
3173 * Fixes a null dereference in Grappler's `TrySimplify`
3174 ([CVE-2021-29616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29616))
3175 * Fixes a crash in `tf.transpose` with complex inputs
3176 ([CVE-2021-29618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29618))
3177 * Fixes a crash in `tf.strings.substr` due to `CHECK`-fail
3178 ([CVE-2021-29617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29617))
3179 * Fixes a segfault in `tf.raw_ops.SparseCountSparseOutput`
3180 ([CVE-2021-29619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29619))
3181 * Fixes a segfault in `tf.raw_ops.ImmutableConst`
3182 ([CVE-2021-29539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29539))
3184 [CVE-2020-8169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169),
3185 [CVE-2020-8177](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177),
3186 [CVE-2020-8231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231),
3187 [CVE-2020-8284](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284),
3188 [CVE-2020-8285](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285)
3190 [CVE-2020-8286](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286).
3194 This release introduces several vulnerability fixes:
3196 * Fixes a heap buffer overflow in `RaggedBinCount`
3197 ([CVE-2021-29512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29512))
3198 * Fixes a heap out of bounds write in `RaggedBinCount`
3199 ([CVE-2021-29514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29514))
3200 * Fixes a type confusion during tensor casts which leads to dereferencing null
3202 ([CVE-2021-29513](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29513))
3203 * Fixes a reference binding to null pointer in `MatrixDiag*` ops
3204 ([CVE-2021-29515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29515))
3205 * Fixes a null pointer dereference via invalid Ragged Tensors
3206 ([CVE-2021-29516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29516))
3207 * Fixes a division by zero in `Conv3D`
3208 ([CVE-2021-29517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29517))
3209 * Fixes vulnerabilities where session operations in eager mode lead to null
3211 ([CVE-2021-29518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29518))
3212 * Fixes a `CHECK`-fail in `SparseCross` caused by type confusion
3213 ([CVE-2021-29519](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29519))
3214 * Fixes a segfault in `SparseCountSparseOutput`
3215 ([CVE-2021-29521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29521))
3216 * Fixes a heap buffer overflow in `Conv3DBackprop*`
3217 ([CVE-2021-29520](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29520))
3218 * Fixes a division by 0 in `Conv3DBackprop*`
3219 ([CVE-2021-29522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29522))
3220 * Fixes a `CHECK`-fail in `AddManySparseToTensorsMap`
3221 ([CVE-2021-29523](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29523))
3222 * Fixes a division by 0 in `Conv2DBackpropFilter`
3223 ([CVE-2021-29524](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29524))
3224 * Fixes a division by 0 in `Conv2DBackpropInput`
3225 ([CVE-2021-29525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29525))
3226 * Fixes a division by 0 in `Conv2D`
3227 ([CVE-2021-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29526))
3228 * Fixes a division by 0 in `QuantizedConv2D`
3229 ([CVE-2021-29527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29527))
3230 * Fixes a division by 0 in `QuantizedMul`
3231 ([CVE-2021-29528](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29528))
3232 * Fixes vulnerabilities caused by invalid validation in
3234 ([CVE-2021-29530](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29530))
3235 * Fixes a heap buffer overflow caused by rounding
3236 ([CVE-2021-29529](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29529))
3237 * Fixes a `CHECK`-fail in `tf.raw_ops.EncodePng`
3238 ([CVE-2021-29531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29531))
3239 * Fixes a heap out of bounds read in `RaggedCross`
3240 ([CVE-2021-29532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29532))
3241 * Fixes a `CHECK`-fail in `DrawBoundingBoxes`
3242 ([CVE-2021-29533](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29533))
3243 * Fixes a heap buffer overflow in `QuantizedMul`
3244 ([CVE-2021-29535](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29535))
3245 * Fixes a `CHECK`-fail in `SparseConcat`
3246 ([CVE-2021-29534](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29534))
3247 * Fixes a heap buffer overflow in `QuantizedResizeBilinear`
3248 ([CVE-2021-29537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29537))
3249 * Fixes a heap buffer overflow in `QuantizedReshape`
3250 ([CVE-2021-29536](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29536))
3251 * Fixes a division by zero in `Conv2DBackpropFilter`
3252 ([CVE-2021-29538](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29538))
3253 * Fixes a heap buffer overflow in `Conv2DBackpropFilter`
3254 ([CVE-2021-29540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29540))
3255 * Fixes a heap buffer overflow in `StringNGrams`
3256 ([CVE-2021-29542](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29542))
3257 * Fixes a null pointer dereference in `StringNGrams`
3258 ([CVE-2021-29541](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29541))
3259 * Fixes a `CHECK`-fail in `QuantizeAndDequantizeV4Grad`
3260 ([CVE-2021-29544](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29544))
3261 * Fixes a `CHECK`-fail in `CTCGreedyDecoder`
3262 ([CVE-2021-29543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29543))
3263 * Fixes a heap buffer overflow in `SparseTensorToCSRSparseMatrix`
3264 ([CVE-2021-29545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29545))
3265 * Fixes a division by 0 in `QuantizedBiasAdd`
3266 ([CVE-2021-29546](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29546))
3267 * Fixes a heap out of bounds in `QuantizedBatchNormWithGlobalNormalization`
3268 ([CVE-2021-29547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29547))
3269 * Fixes a division by 0 in `QuantizedBatchNormWithGlobalNormalization`
3270 ([CVE-2021-29548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29548))
3271 * Fixes a division by 0 in `QuantizedAdd`
3272 ([CVE-2021-29549](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29549))
3273 * Fixes a division by 0 in `FractionalAvgPool`
3274 ([CVE-2021-29550](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29550))
3275 * Fixes an OOB read in `MatrixTriangularSolve`
3276 ([CVE-2021-29551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29551))
3277 * Fixes a heap OOB in `QuantizeAndDequantizeV3`
3278 ([CVE-2021-29553](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29553))
3279 * Fixes a `CHECK`-failure in `UnsortedSegmentJoin`
3280 ([CVE-2021-29552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29552))
3281 * Fixes a division by 0 in `DenseCountSparseOutput`
3282 ([CVE-2021-29554](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29554))
3283 * Fixes a division by 0 in `FusedBatchNorm`
3284 ([CVE-2021-29555](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29555))
3285 * Fixes a division by 0 in `SparseMatMul`
3286 ([CVE-2021-29557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29557))
3287 * Fixes a division by 0 in `Reverse`
3288 ([CVE-2021-29556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29556))
3289 * Fixes a heap buffer overflow in `SparseSplit`
3290 ([CVE-2021-29558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29558))
3291 * Fixes a heap OOB access in unicode ops
3292 ([CVE-2021-29559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29559))
3293 * Fixes a heap buffer overflow in `RaggedTensorToTensor`
3294 ([CVE-2021-29560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29560))
3295 * Fixes a `CHECK`-fail in `LoadAndRemapMatrix`
3296 ([CVE-2021-29561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29561))
3297 * Fixes a `CHECK`-fail in `tf.raw_ops.IRFFT`
3298 ([CVE-2021-29562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29562))
3299 * Fixes a `CHECK`-fail in `tf.raw_ops.RFFT`
3300 ([CVE-2021-29563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29563))
3301 * Fixes a null pointer dereference in `EditDistance`
3302 ([CVE-2021-29564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29564))
3303 * Fixes a null pointer dereference in `SparseFillEmptyRows`
3304 ([CVE-2021-29565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29565))
3305 * Fixes a heap OOB access in `Dilation2DBackpropInput`
3306 ([CVE-2021-29566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29566))
3307 * Fixes a reference binding to null in `ParameterizedTruncatedNormal`
3308 ([CVE-2021-29568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29568))
3309 * Fixes a set of vulnerabilities caused by lack of validation in
3311 ([CVE-2021-29567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29567))
3312 * Fixes a heap out of bounds read in `MaxPoolGradWithArgmax`
3313 ([CVE-2021-29570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29570))
3314 * Fixes a heap out of bounds read in `RequantizationRange`
3315 ([CVE-2021-29569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29569))
3316 * Fixes a memory corruption in `DrawBoundingBoxesV2`
3317 ([CVE-2021-29571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29571))
3318 * Fixes a reference binding to nullptr in `SdcaOptimizer`
3319 ([CVE-2021-29572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29572))
3320 * Fixes an overflow and a denial of service in `tf.raw_ops.ReverseSequence`
3321 ([CVE-2021-29575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29575))
3322 * Fixes a division by 0 in `MaxPoolGradWithArgmax`
3323 ([CVE-2021-29573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29573))
3324 * Fixes an undefined behavior in `MaxPool3DGradGrad`
3325 ([CVE-2021-29574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29574))
3326 * Fixes a heap buffer overflow in `MaxPool3DGradGrad`
3327 ([CVE-2021-29576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29576))
3328 * Fixes a heap buffer overflow in `AvgPool3DGrad`
3329 ([CVE-2021-29577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29577))
3330 * Fixes an undefined behavior and a `CHECK`-fail in `FractionalMaxPoolGrad`
3331 ([CVE-2021-29580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29580))
3332 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
3333 ([CVE-2021-29578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29578))
3334 * Fixes a heap buffer overflow in `MaxPoolGrad`
3335 ([CVE-2021-29579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29579))
3336 * Fixes a segfault in `CTCBeamSearchDecoder`
3337 ([CVE-2021-29581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29581))
3338 * Fixes a heap OOB read in `tf.raw_ops.Dequantize`
3339 ([CVE-2021-29582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29582))
3340 * Fixes a `CHECK`-fail due to integer overflow
3341 ([CVE-2021-29584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29584))
3342 * Fixes a heap buffer overflow and undefined behavior in `FusedBatchNorm`
3343 ([CVE-2021-29583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29583))
3344 * Fixes a division by zero in padding computation in TFLite
3345 ([CVE-2021-29585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29585))
3346 * Fixes a division by zero in optimized pooling implementations in TFLite
3347 ([CVE-2021-29586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29586))
3348 * Fixes a division by zero in TFLite's implementation of `SpaceToDepth`
3349 ([CVE-2021-29587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29587))
3350 * Fixes a division by zero in TFLite's implementation of `GatherNd`
3351 ([CVE-2021-29589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29589))
3352 * Fixes a division by zero in TFLite's implementation of `TransposeConv`
3353 ([CVE-2021-29588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29588))
3354 * Fixes a heap OOB read in TFLite's implementation of `Minimum` or `Maximum`
3355 ([CVE-2021-29590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29590))
3356 * Fixes a null pointer dereference in TFLite's `Reshape` operator
3357 ([CVE-2021-29592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29592))
3358 * Fixes a stack overflow due to looping TFLite subgraph
3359 ([CVE-2021-29591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29591))
3360 * Fixes a division by zero in TFLite's implementation of `DepthToSpace`
3361 ([CVE-2021-29595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29595))
3362 * Fixes a division by zero in TFLite's convolution code
3363 ([CVE-2021-29594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29594))
3364 * Fixes a division by zero in TFLite's implementation of `EmbeddingLookup`
3365 ([CVE-2021-29596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29596))
3366 * Fixes a division by zero in TFLite's implementation of `BatchToSpaceNd`
3367 ([CVE-2021-29593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29593))
3368 * Fixes a division by zero in TFLite's implementation of `SpaceToBatchNd`
3369 ([CVE-2021-29597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29597))
3370 * Fixes a division by zero in TFLite's implementation of `SVDF`
3371 ([CVE-2021-29598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29598))
3372 * Fixes a division by zero in TFLite's implementation of `Split`
3373 ([CVE-2021-29599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29599))
3374 * Fixes a division by zero in TFLite's implementation of `OneHot`
3375 ([CVE-2021-29600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29600))
3376 * Fixes a division by zero in TFLite's implementation of `DepthwiseConv`
3377 ([CVE-2021-29602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29602))
3378 * Fixes a division by zero in TFLite's implementation of hashtable lookup
3379 ([CVE-2021-29604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29604))
3380 * Fixes a integer overflow in TFLite concatentation
3381 ([CVE-2021-29601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29601))
3382 * Fixes a integer overflow in TFLite memory allocation
3383 ([CVE-2021-29605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29605))
3384 * Fixes a heap OOB write in TFLite
3385 ([CVE-2021-29603](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29603))
3386 * Fixes a heap OOB read in TFLite
3387 ([CVE-2021-29606](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29606))
3388 * Fixes a heap OOB and null pointer dereference in `RaggedTensorToTensor`
3389 ([CVE-2021-29608](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29608))
3390 * Fixes vulnerabilities caused by incomplete validation in `SparseAdd`
3391 ([CVE-2021-29609](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29609))
3392 * Fixes vulnerabilities caused by incomplete validation in
3394 ([CVE-2021-29607](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29607))
3395 * Fixes vulnerabilities caused by incomplete validation in `SparseReshape`
3396 ([CVE-2021-29611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29611))
3397 * Fixes vulnerabilities caused by invalid validation in
3399 ([CVE-2021-29610](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29610))
3400 * Fixes a heap buffer overflow in `BandedTriangularSolve`
3401 ([CVE-2021-29612](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29612))
3402 * Fixes vulnerabilities caused by incomplete validation in
3404 ([CVE-2021-29613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29613))
3405 * Fixes an interpreter crash from vulnerabilities in `tf.io.decode_raw`
3406 ([CVE-2021-29614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29614))
3407 * Fixes a stack overflow in `ParseAttrValue` with nested tensors
3408 ([CVE-2021-29615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29615))
3409 * Fixes a null dereference in Grappler's `TrySimplify`
3410 ([CVE-2021-29616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29616))
3411 * Fixes a crash in `tf.transpose` with complex inputs
3412 ([CVE-2021-29618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29618))
3413 * Fixes a crash in `tf.strings.substr` due to `CHECK`-fail
3414 ([CVE-2021-29617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29617))
3415 * Fixes a segfault in `tf.raw_ops.SparseCountSparseOutput`
3416 ([CVE-2021-29619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29619))
3417 * Fixes a segfault in `tf.raw_ops.ImmutableConst`
3418 ([CVE-2021-29539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29539))
3420 [CVE-2020-8169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169),
3421 [CVE-2020-8177](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177),
3422 [CVE-2020-8231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231),
3423 [CVE-2020-8284](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284),
3424 [CVE-2020-8285](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285)
3426 [CVE-2020-8286](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286).
3430 This release introduces several vulnerability fixes:
3432 * Fixes a heap buffer overflow in `RaggedBinCount`
3433 ([CVE-2021-29512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29512))
3434 * Fixes a heap out of bounds write in `RaggedBinCount`
3435 ([CVE-2021-29514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29514))
3436 * Fixes a type confusion during tensor casts which leads to dereferencing null
3438 ([CVE-2021-29513](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29513))
3439 * Fixes a reference binding to null pointer in `MatrixDiag*` ops
3440 ([CVE-2021-29515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29515))
3441 * Fixes a null pointer dereference via invalid Ragged Tensors
3442 ([CVE-2021-29516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29516))
3443 * Fixes a division by zero in `Conv3D`
3444 ([CVE-2021-29517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29517))
3445 * Fixes vulnerabilities where session operations in eager mode lead to null
3447 ([CVE-2021-29518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29518))
3448 * Fixes a `CHECK`-fail in `SparseCross` caused by type confusion
3449 ([CVE-2021-29519](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29519))
3450 * Fixes a segfault in `SparseCountSparseOutput`
3451 ([CVE-2021-29521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29521))
3452 * Fixes a heap buffer overflow in `Conv3DBackprop*`
3453 ([CVE-2021-29520](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29520))
3454 * Fixes a division by 0 in `Conv3DBackprop*`
3455 ([CVE-2021-29522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29522))
3456 * Fixes a `CHECK`-fail in `AddManySparseToTensorsMap`
3457 ([CVE-2021-29523](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29523))
3458 * Fixes a division by 0 in `Conv2DBackpropFilter`
3459 ([CVE-2021-29524](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29524))
3460 * Fixes a division by 0 in `Conv2DBackpropInput`
3461 ([CVE-2021-29525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29525))
3462 * Fixes a division by 0 in `Conv2D`
3463 ([CVE-2021-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29526))
3464 * Fixes a division by 0 in `QuantizedConv2D`
3465 ([CVE-2021-29527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29527))
3466 * Fixes a division by 0 in `QuantizedMul`
3467 ([CVE-2021-29528](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29528))
3468 * Fixes vulnerabilities caused by invalid validation in
3470 ([CVE-2021-29530](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29530))
3471 * Fixes a heap buffer overflow caused by rounding
3472 ([CVE-2021-29529](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29529))
3473 * Fixes a `CHECK`-fail in `tf.raw_ops.EncodePng`
3474 ([CVE-2021-29531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29531))
3475 * Fixes a heap out of bounds read in `RaggedCross`
3476 ([CVE-2021-29532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29532))
3477 * Fixes a `CHECK`-fail in `DrawBoundingBoxes`
3478 ([CVE-2021-29533](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29533))
3479 * Fixes a heap buffer overflow in `QuantizedMul`
3480 ([CVE-2021-29535](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29535))
3481 * Fixes a `CHECK`-fail in `SparseConcat`
3482 ([CVE-2021-29534](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29534))
3483 * Fixes a heap buffer overflow in `QuantizedResizeBilinear`
3484 ([CVE-2021-29537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29537))
3485 * Fixes a heap buffer overflow in `QuantizedReshape`
3486 ([CVE-2021-29536](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29536))
3487 * Fixes a division by zero in `Conv2DBackpropFilter`
3488 ([CVE-2021-29538](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29538))
3489 * Fixes a heap buffer overflow in `Conv2DBackpropFilter`
3490 ([CVE-2021-29540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29540))
3491 * Fixes a heap buffer overflow in `StringNGrams`
3492 ([CVE-2021-29542](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29542))
3493 * Fixes a null pointer dereference in `StringNGrams`
3494 ([CVE-2021-29541](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29541))
3495 * Fixes a `CHECK`-fail in `QuantizeAndDequantizeV4Grad`
3496 ([CVE-2021-29544](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29544))
3497 * Fixes a `CHECK`-fail in `CTCGreedyDecoder`
3498 ([CVE-2021-29543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29543))
3499 * Fixes a heap buffer overflow in `SparseTensorToCSRSparseMatrix`
3500 ([CVE-2021-29545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29545))
3501 * Fixes a division by 0 in `QuantizedBiasAdd`
3502 ([CVE-2021-29546](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29546))
3503 * Fixes a heap out of bounds in `QuantizedBatchNormWithGlobalNormalization`
3504 ([CVE-2021-29547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29547))
3505 * Fixes a division by 0 in `QuantizedBatchNormWithGlobalNormalization`
3506 ([CVE-2021-29548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29548))
3507 * Fixes a division by 0 in `QuantizedAdd`
3508 ([CVE-2021-29549](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29549))
3509 * Fixes a division by 0 in `FractionalAvgPool`
3510 ([CVE-2021-29550](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29550))
3511 * Fixes an OOB read in `MatrixTriangularSolve`
3512 ([CVE-2021-29551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29551))
3513 * Fixes a heap OOB in `QuantizeAndDequantizeV3`
3514 ([CVE-2021-29553](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29553))
3515 * Fixes a `CHECK`-failure in `UnsortedSegmentJoin`
3516 ([CVE-2021-29552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29552))
3517 * Fixes a division by 0 in `DenseCountSparseOutput`
3518 ([CVE-2021-29554](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29554))
3519 * Fixes a division by 0 in `FusedBatchNorm`
3520 ([CVE-2021-29555](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29555))
3521 * Fixes a division by 0 in `SparseMatMul`
3522 ([CVE-2021-29557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29557))
3523 * Fixes a division by 0 in `Reverse`
3524 ([CVE-2021-29556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29556))
3525 * Fixes a heap buffer overflow in `SparseSplit`
3526 ([CVE-2021-29558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29558))
3527 * Fixes a heap OOB access in unicode ops
3528 ([CVE-2021-29559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29559))
3529 * Fixes a heap buffer overflow in `RaggedTensorToTensor`
3530 ([CVE-2021-29560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29560))
3531 * Fixes a `CHECK`-fail in `LoadAndRemapMatrix`
3532 ([CVE-2021-29561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29561))
3533 * Fixes a `CHECK`-fail in `tf.raw_ops.IRFFT`
3534 ([CVE-2021-29562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29562))
3535 * Fixes a `CHECK`-fail in `tf.raw_ops.RFFT`
3536 ([CVE-2021-29563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29563))
3537 * Fixes a null pointer dereference in `EditDistance`
3538 ([CVE-2021-29564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29564))
3539 * Fixes a null pointer dereference in `SparseFillEmptyRows`
3540 ([CVE-2021-29565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29565))
3541 * Fixes a heap OOB access in `Dilation2DBackpropInput`
3542 ([CVE-2021-29566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29566))
3543 * Fixes a reference binding to null in `ParameterizedTruncatedNormal`
3544 ([CVE-2021-29568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29568))
3545 * Fixes a set of vulnerabilities caused by lack of validation in
3547 ([CVE-2021-29567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29567))
3548 * Fixes a heap out of bounds read in `MaxPoolGradWithArgmax`
3549 ([CVE-2021-29570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29570))
3550 * Fixes a heap out of bounds read in `RequantizationRange`
3551 ([CVE-2021-29569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29569))
3552 * Fixes a memory corruption in `DrawBoundingBoxesV2`
3553 ([CVE-2021-29571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29571))
3554 * Fixes a reference binding to nullptr in `SdcaOptimizer`
3555 ([CVE-2021-29572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29572))
3556 * Fixes an overflow and a denial of service in `tf.raw_ops.ReverseSequence`
3557 ([CVE-2021-29575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29575))
3558 * Fixes a division by 0 in `MaxPoolGradWithArgmax`
3559 ([CVE-2021-29573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29573))
3560 * Fixes an undefined behavior in `MaxPool3DGradGrad`
3561 ([CVE-2021-29574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29574))
3562 * Fixes a heap buffer overflow in `MaxPool3DGradGrad`
3563 ([CVE-2021-29576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29576))
3564 * Fixes a heap buffer overflow in `AvgPool3DGrad`
3565 ([CVE-2021-29577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29577))
3566 * Fixes an undefined behavior and a `CHECK`-fail in `FractionalMaxPoolGrad`
3567 ([CVE-2021-29580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29580))
3568 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
3569 ([CVE-2021-29578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29578))
3570 * Fixes a heap buffer overflow in `MaxPoolGrad`
3571 ([CVE-2021-29579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29579))
3572 * Fixes a segfault in `CTCBeamSearchDecoder`
3573 ([CVE-2021-29581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29581))
3574 * Fixes a heap OOB read in `tf.raw_ops.Dequantize`
3575 ([CVE-2021-29582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29582))
3576 * Fixes a `CHECK`-fail due to integer overflow
3577 ([CVE-2021-29584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29584))
3578 * Fixes a heap buffer overflow and undefined behavior in `FusedBatchNorm`
3579 ([CVE-2021-29583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29583))
3580 * Fixes a division by zero in padding computation in TFLite
3581 ([CVE-2021-29585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29585))
3582 * Fixes a division by zero in optimized pooling implementations in TFLite
3583 ([CVE-2021-29586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29586))
3584 * Fixes a division by zero in TFLite's implementation of `SpaceToDepth`
3585 ([CVE-2021-29587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29587))
3586 * Fixes a division by zero in TFLite's implementation of `GatherNd`
3587 ([CVE-2021-29589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29589))
3588 * Fixes a division by zero in TFLite's implementation of `TransposeConv`
3589 ([CVE-2021-29588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29588))
3590 * Fixes a heap OOB read in TFLite's implementation of `Minimum` or `Maximum`
3591 ([CVE-2021-29590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29590))
3592 * Fixes a null pointer dereference in TFLite's `Reshape` operator
3593 ([CVE-2021-29592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29592))
3594 * Fixes a stack overflow due to looping TFLite subgraph
3595 ([CVE-2021-29591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29591))
3596 * Fixes a division by zero in TFLite's implementation of `DepthToSpace`
3597 ([CVE-2021-29595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29595))
3598 * Fixes a division by zero in TFLite's convolution code
3599 ([CVE-2021-29594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29594))
3600 * Fixes a division by zero in TFLite's implementation of `EmbeddingLookup`
3601 ([CVE-2021-29596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29596))
3602 * Fixes a division by zero in TFLite's implementation of `BatchToSpaceNd`
3603 ([CVE-2021-29593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29593))
3604 * Fixes a division by zero in TFLite's implementation of `SpaceToBatchNd`
3605 ([CVE-2021-29597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29597))
3606 * Fixes a division by zero in TFLite's implementation of `SVDF`
3607 ([CVE-2021-29598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29598))
3608 * Fixes a division by zero in TFLite's implementation of `Split`
3609 ([CVE-2021-29599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29599))
3610 * Fixes a division by zero in TFLite's implementation of `OneHot`
3611 ([CVE-2021-29600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29600))
3612 * Fixes a division by zero in TFLite's implementation of `DepthwiseConv`
3613 ([CVE-2021-29602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29602))
3614 * Fixes a division by zero in TFLite's implementation of hashtable lookup
3615 ([CVE-2021-29604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29604))
3616 * Fixes a integer overflow in TFLite concatentation
3617 ([CVE-2021-29601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29601))
3618 * Fixes a integer overflow in TFLite memory allocation
3619 ([CVE-2021-29605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29605))
3620 * Fixes a heap OOB write in TFLite
3621 ([CVE-2021-29603](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29603))
3622 * Fixes a heap OOB read in TFLite
3623 ([CVE-2021-29606](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29606))
3624 * Fixes a heap OOB and null pointer dereference in `RaggedTensorToTensor`
3625 ([CVE-2021-29608](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29608))
3626 * Fixes vulnerabilities caused by incomplete validation in `SparseAdd`
3627 ([CVE-2021-29609](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29609))
3628 * Fixes vulnerabilities caused by incomplete validation in
3630 ([CVE-2021-29607](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29607))
3631 * Fixes vulnerabilities caused by incomplete validation in `SparseReshape`
3632 ([CVE-2021-29611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29611))
3633 * Fixes vulnerabilities caused by invalid validation in
3635 ([CVE-2021-29610](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29610))
3636 * Fixes a heap buffer overflow in `BandedTriangularSolve`
3637 ([CVE-2021-29612](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29612))
3638 * Fixes vulnerabilities caused by incomplete validation in
3640 ([CVE-2021-29613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29613))
3641 * Fixes an interpreter crash from vulnerabilities in `tf.io.decode_raw`
3642 ([CVE-2021-29614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29614))
3643 * Fixes a stack overflow in `ParseAttrValue` with nested tensors
3644 ([CVE-2021-29615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29615))
3645 * Fixes a null dereference in Grappler's `TrySimplify`
3646 ([CVE-2021-29616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29616))
3647 * Fixes a crash in `tf.transpose` with complex inputs
3648 ([CVE-2021-29618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29618))
3649 * Fixes a crash in `tf.strings.substr` due to `CHECK`-fail
3650 ([CVE-2021-29617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29617))
3651 * Fixes a segfault in `tf.raw_ops.SparseCountSparseOutput`
3652 ([CVE-2021-29619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29619))
3653 * Fixes a segfault in `tf.raw_ops.ImmutableConst`
3654 ([CVE-2021-29539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29539))
3656 [CVE-2020-8169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169),
3657 [CVE-2020-8177](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177),
3658 [CVE-2020-8231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231),
3659 [CVE-2020-8284](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284),
3660 [CVE-2020-8285](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285)
3662 [CVE-2020-8286](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286).
3670 * `tf.data` service now supports strict round-robin reads, which is useful
3672 round robin reads, users can guarantee that consumers get similar-sized
3681 outputs can be obtained in the non-deterministic order.
3684 disables any asynchrony, parallelism, or non-determinism and forces
3685 Python execution (as opposed to trace-compiled graph execution) of
3686 user-defined functions passed into transformations such as `map`. The
3690 * Enabled the new MLIR-based quantization backend by default
3691 * The new backend is used for 8 bits full integer post-training
3693 * The new backend removes the redundant rescales and fixes some bugs
3711 replicas will get different random-number streams.
3718 * Third-party devices can now connect to TensorFlow as plug-ins through
3719 …C API](https://github.com/tensorflow/community/blob/master/rfcs/20200612-stream-executor-c-api.md).
3721 …https://github.com/tensorflow/community/blob/master/rfcs/20200624-pluggable-device-for-tensorflow.…
3724 …PI](https://github.com/tensorflow/community/blob/master/rfcs/20190814-kernel-and-op-registration.m…
3726 …tps://github.com/tensorflow/community/blob/master/rfcs/20201027-modular-tensorflow-graph-c-api.md).
3727 * [oneAPI Deep Neural Network Library (oneDNN)](https://github.com/oneapi-src/oneDNN)
3729 …[Intel-optimized TensorFlow](https://software.intel.com/content/www/us/en/develop/articles/intel-o…
3730 are now available in the official x86-64 Linux and Windows builds.
3742 ## Bug Fixes and Other Changes
3783 provide hints to tf.distribute-based auto-sharding as to where in the
3803 * Removed the `tensors()` method and the non-const overload of the
3808 * Uses of the non-const overload of `nodes_and_registration` can
3820 * Additional tests and fixes for ADD and SUB operators.
3835 * Add nominal support for unsigned 32-bit integer tensor types. Note that
3848 * Add support to select one of three different built-in op resolvers
3856 * Corrected higher-order gradients of control flow constructs (`tf.cond`,
3867 control Tensor-Float-32 evaluation in RNNs.
3871 https://github.com/abseil/abseil-cpp/blob/master/absl/status/status.h
3877 replacement for the trace-based API.
3880 provides a big compile-time speedup, and effectively raises the minimum
3888 * Removed the deprecated `session_config` parameter for the TF1-TRT
3891 * The TF2-TRT converter `TrtGraphConverterV2` takes an object of class
3918 * Add determinism-unimplemented exception-throwing to the segment-sum ops.
3920 or `"1"` (when op-determinism is expected), an attempt to run the
3922 an understandable message) when `data` is a floating-point type,
3930 which this change addresses, but does not solve. This exception-throwing
3940 current release, GPU support for other floating-point types
3949 * Fixes a heap buffer overflow in `RaggedBinCount`
3950 ([CVE-2021-29512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29512))
3951 * Fixes a heap out of bounds write in `RaggedBinCount`
3952 ([CVE-2021-29514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29514))
3953 * Fixes a type confusion during tensor casts which leads to dereferencing
3955 ([CVE-2021-29513](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29513))
3956 * Fixes a reference binding to null pointer in `MatrixDiag*` ops
3957 ([CVE-2021-29515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29515))
3958 * Fixes a null pointer dereference via invalid Ragged Tensors
3959 ([CVE-2021-29516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29516))
3960 * Fixes a division by zero in `Conv3D`
3961 ([CVE-2021-29517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29517))
3962 * Fixes vulnerabilities where session operations in eager mode lead to
3964 ([CVE-2021-29518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29518))
3965 * Fixes a `CHECK`-fail in `SparseCross` caused by type confusion
3966 ([CVE-2021-29519](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29519))
3967 * Fixes a segfault in `SparseCountSparseOutput`
3968 ([CVE-2021-29521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29521))
3969 * Fixes a heap buffer overflow in `Conv3DBackprop*`
3970 ([CVE-2021-29520](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29520))
3971 * Fixes a division by 0 in `Conv3DBackprop*`
3972 ([CVE-2021-29522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29522))
3973 * Fixes a `CHECK`-fail in `AddManySparseToTensorsMap`
3974 ([CVE-2021-29523](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29523))
3975 * Fixes a division by 0 in `Conv2DBackpropFilter`
3976 ([CVE-2021-29524](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29524))
3977 * Fixes a division by 0 in `Conv2DBackpropInput`
3978 ([CVE-2021-29525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29525))
3979 * Fixes a division by 0 in `Conv2D`
3980 ([CVE-2021-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29526))
3981 * Fixes a division by 0 in `QuantizedConv2D`
3982 ([CVE-2021-29527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29527))
3983 * Fixes a division by 0 in `QuantizedMul`
3984 ([CVE-2021-29528](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29528))
3985 * Fixes vulnerabilities caused by invalid validation in
3987 ([CVE-2021-29530](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29530))
3988 * Fixes a heap buffer overflow caused by rounding
3989 ([CVE-2021-29529](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29529))
3990 * Fixes a `CHECK`-fail in `tf.raw_ops.EncodePng`
3991 ([CVE-2021-29531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29531))
3992 * Fixes a heap out of bounds read in `RaggedCross`
3993 ([CVE-2021-29532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29532))
3994 * Fixes a `CHECK`-fail in `DrawBoundingBoxes`
3995 ([CVE-2021-29533](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29533))
3996 * Fixes a heap buffer overflow in `QuantizedMul`
3997 ([CVE-2021-29535](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29535))
3998 * Fixes a `CHECK`-fail in `SparseConcat`
3999 ([CVE-2021-29534](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29534))
4000 * Fixes a heap buffer overflow in `QuantizedResizeBilinear`
4001 ([CVE-2021-29537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29537))
4002 * Fixes a heap buffer overflow in `QuantizedReshape`
4003 ([CVE-2021-29536](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29536))
4004 * Fixes a division by zero in `Conv2DBackpropFilter`
4005 ([CVE-2021-29538](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29538))
4006 * Fixes a heap buffer overflow in `Conv2DBackpropFilter`
4007 ([CVE-2021-29540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29540))
4008 * Fixes a heap buffer overflow in `StringNGrams`
4009 ([CVE-2021-29542](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29542))
4010 * Fixes a null pointer dereference in `StringNGrams`
4011 ([CVE-2021-29541](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29541))
4012 * Fixes a `CHECK`-fail in `QuantizeAndDequantizeV4Grad`
4013 ([CVE-2021-29544](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29544))
4014 * Fixes a `CHECK`-fail in `CTCGreedyDecoder`
4015 ([CVE-2021-29543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29543))
4016 * Fixes a heap buffer overflow in `SparseTensorToCSRSparseMatrix`
4017 ([CVE-2021-29545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29545))
4018 * Fixes a division by 0 in `QuantizedBiasAdd`
4019 ([CVE-2021-29546](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29546))
4020 * Fixes a heap out of bounds in
4022 ([CVE-2021-29547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29547))
4023 * Fixes a division by 0 in `QuantizedBatchNormWithGlobalNormalization`
4024 ([CVE-2021-29548](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29548))
4025 * Fixes a division by 0 in `QuantizedAdd`
4026 ([CVE-2021-29549](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29549))
4027 * Fixes a division by 0 in `FractionalAvgPool`
4028 ([CVE-2021-29550](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29550))
4029 * Fixes an OOB read in `MatrixTriangularSolve`
4030 ([CVE-2021-29551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29551))
4031 * Fixes a heap OOB in `QuantizeAndDequantizeV3`
4032 ([CVE-2021-29553](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29553))
4033 * Fixes a `CHECK`-failure in `UnsortedSegmentJoin`
4034 ([CVE-2021-29552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29552))
4035 * Fixes a division by 0 in `DenseCountSparseOutput`
4036 ([CVE-2021-29554](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29554))
4037 * Fixes a division by 0 in `FusedBatchNorm`
4038 ([CVE-2021-29555](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29555))
4039 * Fixes a division by 0 in `SparseMatMul`
4040 ([CVE-2021-29557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29557))
4041 * Fixes a division by 0 in `Reverse`
4042 ([CVE-2021-29556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29556))
4043 * Fixes a heap buffer overflow in `SparseSplit`
4044 ([CVE-2021-29558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29558))
4045 * Fixes a heap OOB access in unicode ops
4046 ([CVE-2021-29559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29559))
4047 * Fixes a heap buffer overflow in `RaggedTensorToTensor`
4048 ([CVE-2021-29560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29560))
4049 * Fixes a `CHECK`-fail in `LoadAndRemapMatrix`
4050 ([CVE-2021-29561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29561))
4051 * Fixes a `CHECK`-fail in `tf.raw_ops.IRFFT`
4052 ([CVE-2021-29562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29562))
4053 * Fixes a `CHECK`-fail in `tf.raw_ops.RFFT`
4054 ([CVE-2021-29563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29563))
4055 * Fixes a null pointer dereference in `EditDistance`
4056 ([CVE-2021-29564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29564))
4057 * Fixes a null pointer dereference in `SparseFillEmptyRows`
4058 ([CVE-2021-29565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29565))
4059 * Fixes a heap OOB access in `Dilation2DBackpropInput`
4060 ([CVE-2021-29566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29566))
4061 * Fixes a reference binding to null in `ParameterizedTruncatedNormal`
4062 ([CVE-2021-29568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29568))
4063 * Fixes a set of vulnerabilities caused by lack of validation in
4065 ([CVE-2021-29567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29567))
4066 * Fixes a heap out of bounds read in `MaxPoolGradWithArgmax`
4067 ([CVE-2021-29570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29570))
4068 * Fixes a heap out of bounds read in `RequantizationRange`
4069 ([CVE-2021-29569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29569))
4070 * Fixes a memory corruption in `DrawBoundingBoxesV2`
4071 ([CVE-2021-29571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29571))
4072 * Fixes a reference binding to nullptr in `SdcaOptimizer`
4073 ([CVE-2021-29572](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29572))
4074 * Fixes an overflow and a denial of service in
4076 ([CVE-2021-29575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29575))
4077 * Fixes a division by 0 in `MaxPoolGradWithArgmax`
4078 ([CVE-2021-29573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29573))
4079 * Fixes an undefined behavior in `MaxPool3DGradGrad`
4080 ([CVE-2021-29574](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29574))
4081 * Fixes a heap buffer overflow in `MaxPool3DGradGrad`
4082 ([CVE-2021-29576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29576))
4083 * Fixes a heap buffer overflow in `AvgPool3DGrad`
4084 ([CVE-2021-29577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29577))
4085 * Fixes an undefined behavior and a `CHECK`-fail in
4087 ([CVE-2021-29580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29580))
4088 * Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
4089 ([CVE-2021-29578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29578))
4090 * Fixes a heap buffer overflow in `MaxPoolGrad`
4091 ([CVE-2021-29579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29579))
4092 * Fixes a segfault in `CTCBeamSearchDecoder`
4093 ([CVE-2021-29581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29581))
4094 * Fixes a heap OOB read in `tf.raw_ops.Dequantize`
4095 ([CVE-2021-29582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29582))
4096 * Fixes a `CHECK`-fail due to integer overflow
4097 ([CVE-2021-29584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29584))
4098 * Fixes a heap buffer overflow and undefined behavior in `FusedBatchNorm`
4099 ([CVE-2021-29583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29583))
4100 * Fixes a division by zero in padding computation in TFLite
4101 ([CVE-2021-29585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29585))
4102 * Fixes a division by zero in optimized pooling implementations in TFLite
4103 ([CVE-2021-29586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29586))
4104 * Fixes a division by zero in TFLite's implementation of `SpaceToDepth`
4105 ([CVE-2021-29587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29587))
4106 * Fixes a division by zero in TFLite's implementation of `GatherNd`
4107 ([CVE-2021-29589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29589))
4108 * Fixes a division by zero in TFLite's implementation of `TransposeConv`
4109 ([CVE-2021-29588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29588))
4110 * Fixes a heap OOB read in TFLite's implementation of `Minimum` or
4112 ([CVE-2021-29590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29590))
4113 * Fixes a null pointer dereference in TFLite's `Reshape` operator
4114 ([CVE-2021-29592](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29592))
4115 * Fixes a stack overflow due to looping TFLite subgraph
4116 ([CVE-2021-29591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29591))
4117 * Fixes a division by zero in TFLite's implementation of `DepthToSpace`
4118 ([CVE-2021-29595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29595))
4119 * Fixes a division by zero in TFLite's convolution code
4120 ([CVE-2021-29594](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29594))
4121 * Fixes a division by zero in TFLite's implementation of `EmbeddingLookup`
4122 ([CVE-2021-29596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29596))
4123 * Fixes a division by zero in TFLite's implementation of `BatchToSpaceNd`
4124 ([CVE-2021-29593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29593))
4125 * Fixes a division by zero in TFLite's implementation of `SpaceToBatchNd`
4126 ([CVE-2021-29597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29597))
4127 * Fixes a division by zero in TFLite's implementation of `SVDF`
4128 ([CVE-2021-29598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29598))
4129 * Fixes a division by zero in TFLite's implementation of `Split`
4130 ([CVE-2021-29599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29599))
4131 * Fixes a division by zero in TFLite's implementation of `OneHot`
4132 ([CVE-2021-29600](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29600))
4133 * Fixes a division by zero in TFLite's implementation of `DepthwiseConv`
4134 ([CVE-2021-29602](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29602))
4135 * Fixes a division by zero in TFLite's implementation of hashtable lookup
4136 ([CVE-2021-29604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29604))
4137 * Fixes a integer overflow in TFLite concatentation
4138 ([CVE-2021-29601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29601))
4139 * Fixes a integer overflow in TFLite memory allocation
4140 ([CVE-2021-29605](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29605))
4141 * Fixes a heap OOB write in TFLite
4142 ([CVE-2021-29603](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29603))
4143 * Fixes a heap OOB read in TFLite
4144 ([CVE-2021-29606](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29606))
4145 * Fixes a heap OOB and null pointer dereference in `RaggedTensorToTensor`
4146 ([CVE-2021-29608](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29608))
4147 * Fixes vulnerabilities caused by incomplete validation in `SparseAdd`
4148 ([CVE-2021-29609](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29609))
4149 * Fixes vulnerabilities caused by incomplete validation in
4151 ([CVE-2021-29607](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29607))
4152 * Fixes vulnerabilities caused by incomplete validation in `SparseReshape`
4153 ([CVE-2021-29611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29611))
4154 * Fixes vulnerabilities caused by invalid validation in
4156 ([CVE-2021-29610](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29610))
4157 * Fixes a heap buffer overflow in `BandedTriangularSolve`
4158 ([CVE-2021-29612](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29612))
4159 * Fixes vulnerabilities caused by incomplete validation in
4161 ([CVE-2021-29613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29613))
4162 * Fixes an interpreter crash from vulnerabilities in `tf.io.decode_raw`
4163 ([CVE-2021-29614](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29614))
4164 * Fixes a stack overflow in `ParseAttrValue` with nested tensors
4165 ([CVE-2021-29615](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29615))
4166 * Fixes a null dereference in Grappler's `TrySimplify`
4167 ([CVE-2021-29616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29616))
4168 * Fixes a crash in `tf.transpose` with complex inputs
4169 ([CVE-2021-29618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29618))
4170 * Fixes a crash in `tf.strings.substr` due to `CHECK`-fail
4171 ([CVE-2021-29617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29617))
4172 * Fixes a segfault in `tf.raw_ops.SparseCountSparseOutput`
4173 ([CVE-2021-29619](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29619))
4174 * Fixes a segfault in `tf.raw_ops.ImmutableConst`
4175 ([CVE-2021-29539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29539))
4177 [CVE-2020-8169](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169),
4178 [CVE-2020-8177](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177),
4179 [CVE-2020-8231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231),
4180 [CVE-2020-8284](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8284),
4181 [CVE-2020-8285](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285)
4183 [CVE-2020-8286](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286).
4190 [Arm Compute Library (ACL)](https://github.com/ARM-software/ComputeLibrary)
4191 support to `--config=mkl_aarch64` build.
4205 Dawid Wojciechowski, Ddavis-2015, Dean Wyatte, Denisa Roberts, dependabot[bot],
4208 Frederic Bastien, Freedom" Koan-Sin Tan, fsx950223, ganand1, gbaned, Georgiy
4217 Leslie-Fang, Long M. Lưu, Lukas Geiger, machineko, Mahmoud Abuzaina, Manish, Mao
4226 Phat Tran, Piotr Zierhoffer, piyushdatta, Pnikam-Cad, Prashant Kumar, Prateek
4229 Rsanthanam-Amd, rsun, Rsun-Bdti, Ryan Kuester, ryanking13, Saduf2019, Sami Kama,
4231 Yang, shwetaoj, Sidong-Wei, Simon Maurer, Simrit Kaur, Srini511, Srinivasan
4234 Thibaut Goetghebuer-Planchon, Tomwildenhain-Microsoft, Tony, Traun Leyden, Trent
4235 Lo, TVLIgnacy, Tzu-Wei Sung, vaibhav, Vignesh Kothapalli, Vikram Dattu,
4241 Fukasawa, Zachary Deane-Mayer, Zeno Gantner, Zhoulong Jiang, zhuyie, zilinzhu,
4250 ## Bug Fixes and Other Changes
4252 * Fixes an access to unitialized memory in Eigen code
4253 ([CVE-2020-26266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26266))
4254 * Fixes a security vulnerability caused by lack of validation in
4256 ([CVE-2020-26267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26267))
4257 * Fixes a vulnerability caused by attempting to write to immutable memory
4259 ([CVE-2020-26268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26268)
4260 * Fixes a `CHECK`-fail in LSTM with zero-length input
4261 ([CVE-2020-26270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26270))
4262 * Fixes a security vulnerability caused by accessing heap data outside of
4264 ([CVE-2020-26271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26271))
4266 * Updates `libjpeg-turbo` to `2.0.5` to handle
4267 [CVE-2020-13790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790).
4269 [CVE-2020-15250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250).
4271 [CVE-2019-20838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838)
4273 [CVE-2020-14155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155).
4278 ## Bug Fixes and Other Changes
4280 * Fixes an access to unitialized memory in Eigen code
4281 ([CVE-2020-26266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26266))
4282 * Fixes a security vulnerability caused by lack of validation in
4284 ([CVE-2020-26267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26267))
4285 * Fixes a vulnerability caused by attempting to write to immutable memory
4287 ([CVE-2020-26268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26268)
4288 * Fixes a `CHECK`-fail in LSTM with zero-length input
4289 ([CVE-2020-26270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26270))
4290 * Fixes a security vulnerability caused by accessing heap data outside of
4292 ([CVE-2020-26271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26271))
4294 * Updates `libjpeg-turbo` to `2.0.5` to handle
4295 [CVE-2020-13790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790).
4297 [CVE-2020-15250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250).
4299 [CVE-2019-20838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838)
4301 [CVE-2020-14155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155).
4306 ## Bug Fixes and Other Changes
4308 * Fixes an access to unitialized memory in Eigen code
4309 ([CVE-2020-26266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26266))
4310 * Fixes a security vulnerability caused by lack of validation in
4312 ([CVE-2020-26267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26267))
4313 * Fixes a vulnerability caused by attempting to write to immutable memory
4315 ([CVE-2020-26268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26268)
4316 * Fixes a `CHECK`-fail in LSTM with zero-length input
4317 ([CVE-2020-26270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26270))
4318 * Fixes a security vulnerability caused by accessing heap data outside of
4320 ([CVE-2020-26271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26271))
4321 * Updates `libjpeg-turbo` to `2.0.5` to handle
4322 [CVE-2020-13790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790).
4324 [CVE-2020-15250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250).
4326 [CVE-2019-20838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838)
4328 [CVE-2020-14155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155).
4336 ## Bug Fixes and Other Changes
4338 * Fixes an access to unitialized memory in Eigen code
4339 ([CVE-2020-26266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26266))
4340 * Fixes a security vulnerability caused by lack of validation in
4342 ([CVE-2020-26267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26267))
4343 * Fixes a vulnerability caused by attempting to write to immutable memory
4345 ([CVE-2020-26268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26268)
4346 * Fixes a `CHECK`-fail in LSTM with zero-length input
4347 ([CVE-2020-26270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26270))
4348 * Fixes a security vulnerability caused by accessing heap data outside of
4350 ([CVE-2020-26271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26271))
4351 * Updates `libjpeg-turbo` to `2.0.5` to handle
4352 [CVE-2020-13790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790).
4354 [CVE-2020-15250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250).
4356 [CVE-2019-20838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838)
4358 [CVE-2020-14155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155).
4365 ## Bug Fixes and Other Changes
4367 * Fixes an access to unitialized memory in Eigen code
4368 ([CVE-2020-26266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26266))
4369 * Fixes a security vulnerability caused by lack of validation in
4371 ([CVE-2020-26267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26267))
4372 * Fixes a vulnerability caused by attempting to write to immutable memory
4374 ([CVE-2020-26268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26268)
4375 * Fixes a `CHECK`-fail in LSTM with zero-length input
4376 ([CVE-2020-26270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26270))
4377 * Fixes a security vulnerability caused by accessing heap data outside of
4379 ([CVE-2020-26271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26271))
4380 * Updates `libjpeg-turbo` to `2.0.5` to handle
4381 [CVE-2020-13790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790).
4383 [CVE-2020-15250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250).
4385 [CVE-2019-20838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838)
4387 [CVE-2020-14155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155).
4403 major improvements involve handling peer failure and many bug fixes. Please
4405 …[Multi-worker training with Keras](https://www.tensorflow.org/tutorials/distribute/multi_worker_wi…
4409 which is a NumPy-compatible API for writing TF programs. See the
4414 [TensorFloat-32](https://blogs.nvidia.com/blog/2020/05/14/tensorfloat-32-precision-format/)
4415 on Ampere based GPUs. TensorFloat-32, or TF32 for short, is a math mode for
4424 is no longer experimental and allows the use of 16-bit floating point
4444 [TensorFloat-32](https://blogs.nvidia.com/blog/2020/05/14/tensorfloat-32-precision-format/).
4447 for deep learning models. In some cases, TensorFloat-32 is also used for
4448 complex64 ops. TensorFloat-32 can be disabled by running
4450 * The byte layout for string tensors across the C-API has been updated to
4453 * C-API functions `TF_StringDecode`, `TF_StringEncode`, and
4462 `TF_XLA_FLAGS=--tf_xla_enable_xla_devices` if you really need them, but
4501 the already-constructed model instead.
4515 can fix this mismatch by either calling the model with correctly-shaped
4522 to use the non-experimental `tf.keras.mixed_precision` API.
4543 * The global policy can no longer be set to a non-floating point policy in
4591 with `--copt=/experimental:preprocessor
4592 --host_copt=/experimental:preprocessor` (see `.bazelrc` for more
4607 ## Bug Fixes and Other Changes
4613 which is a NumPy-compatible API for writing TF programs. This module
4616 (e.g. `numpy.add`) are provided. Their inter-operation with TF facilities is
4630 and `__invert__` now support non-`bool` arguments and apply the
4646 * `tf.debugging.assert_shapes()` now works on `SparseTensor`s (Fixes
4650 [TensorFloat-32](https://blogs.nvidia.com/blog/2020/05/14/tensorfloat-32-precision-format/)
4651 on Ampere based GPUs.TensorFloat-32, or TF32 for short, is a math mode
4656 TensorFloat-32 is enabled by default, but can be disabled with
4709 * We have implemented an optimization which reorders data-discarding
4734 major improvements involve handling peer failure and many bug fixes. Please
4736 …[Multi-worer training with Keras](https://www.tensorflow.org/tutorials/distribute/multi_worker_wit…
4740 * Fixes various issues with saving a distributed model.
4748 * Functional model construction should be ~8-10% faster on average.
4749 * Functional models can now contain non-symbolic values in their call
4784 * The `tf.keras.mixed_precision` API is now non-experimental. The
4785 non-experimental API differs from the experimental API in several ways.
4798 `LossScaleOptimizer` and the new non-experimental `LossScaleOptimizer`.
4813 the operation into a dequantize-quantize pair.
4850 * Fixes an undefined behavior causing a segfault in `tf.raw_ops.Switch`,
4851 ([CVE-2020-15190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190))
4852 * Fixes three vulnerabilities in conversion to DLPack format
4853 * [CVE-2020-15191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191),
4854 * [CVE-2020-15192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192),
4855 * [CVE-2020-15193](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193)
4856 * Fixes two vulnerabilities in `SparseFillEmptyRowsGrad`
4857 * [CVE-2020-15194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194),
4858 * [CVE-2020-15195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195)
4859 * Fixes several vulnerabilities in `RaggedCountSparseOutput` and
4861 * [CVE-2020-15196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15196),
4862 * [CVE-2020-15197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15197),
4863 * [CVE-2020-15198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15198),
4864 * [CVE-2020-15199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15199),
4865 * [CVE-2020-15200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15200),
4866 * [CVE-2020-15201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15201)
4867 * Fixes an integer truncation vulnerability in code using the work sharder
4869 ([CVE-2020-15202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202))
4870 * Fixes a format string vulnerability in `tf.strings.as_string`,
4871 ([CVE-2020-15203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203))
4872 * Fixes segfault raised by calling session-only ops in eager mode,
4873 ([CVE-2020-15204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204))
4874 * Fixes data leak and potential ASLR violation from `tf.raw_ops.StringNGrams`,
4875 ([CVE-2020-15205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205))
4876 * Fixes segfaults caused by incomplete `SavedModel` validation,
4877 ([CVE-2020-15206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206))
4878 * Fixes a data corruption due to a bug in negative indexing support in TFLite,
4879 ([CVE-2020-15207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207))
4880 * Fixes a data corruption due to dimension mismatch in TFLite,
4881 ([CVE-2020-15208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208))
4882 * Fixes several vulnerabilities in TFLite saved model format
4883 * [CVE-2020-15209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209),
4884 * [CVE-2020-15210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210),
4885 * [CVE-2020-15211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211)
4886 * Fixes several vulnerabilities in TFLite implementation of segment sum
4887 * [CVE-2020-15212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15212),
4888 * [CVE-2020-15213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15213),
4889 * [CVE-2020-15214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15214)
4890 * Fixes a segfault in `tf.quantization.quantize_and_dequantize`,
4891 ([CVE-2020-15265](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15265))
4892 * Fixes an undefined behavior float cast causing a crash,
4893 ([CVE-2020-15266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15266))
4894 * Fixes a lack of validation in `tf.raw_ops.DataFormatVecPermute` and
4897 ([CVE-2020-26267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26267))
4898 * Fixes a crash caused by writing to read only memory region
4899 ([CVE-2020-26268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26268))
4900 * Fixes a heap out of bounds access in filesystem globbing implementation
4901 ([CVE-2020-26269](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26269))
4907 [this list](https://developers.google.com/style/word-list#blacklist) for
4929 Zhelezina, emlaprise2358, Eugene Kuznetsov, Evaderan-Lab, Evgeniy Polyakov,
4938 Kedar Sovani, Koan-Sin Tan, Koki Ibukuro, Krzysztof Laskowski, Kushagra Sharma,
4942 Mikhail Startsev, Milan Straka, Ml-0, Myung-Hyun Kim, Måns Nilsson, Nathan
4945 PlusPlusUltra, Poedator, Prasad Nikam, Rahul-Kamat, Rajeshwar Reddy T,
4948 Shawn Presser, ShengYang1, Shi,Guangyong, Shuxiang Gao, Sicong Li, Sidong-Wei,
4951 Goetghebuer-Planchon, Tim Bradley, Tomasz Strejczek, Tongzhou Wang, Torsten
4952 Rudolf, Trent Lo, Ty Mick, Tzu-Wei Sung, Varghese, Jojimon, Vignesh Kothapalli,
4961 ## Bug Fixes and Other Changes
4963 * Fixes an undefined behavior causing a segfault in `tf.raw_ops.Switch`
4964 ([CVE-2020-15190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190))
4965 * Fixes three vulnerabilities in conversion to DLPack format
4966 ([CVE-2020-15191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191),
4967 [CVE-2020-15192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192),
4968 [CVE-2020-15193](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193))
4969 * Fixes two vulnerabilities in `SparseFillEmptyRowsGrad`
4970 ([CVE-2020-15194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194),
4971 [CVE-2020-15195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195))
4972 * Fixes several vulnerabilities in `RaggedCountSparseOutput` and
4974 ([CVE-2020-15196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15196),
4975 [CVE-2020-15197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15197),
4976 [CVE-2020-15198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15198),
4977 [CVE-2020-15199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15199),
4978 [CVE-2020-15200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15200),
4979 [CVE-2020-15201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15201))
4980 * Fixes an integer truncation vulnerability in code using the work sharder API
4981 ([CVE-2020-15202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202))
4982 * Fixes a format string vulnerability in `tf.strings.as_string`
4983 ([CVE-2020-15203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203))
4984 * Fixes segfault raised by calling session-only ops in eager mode
4985 ([CVE-2020-15204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204))
4986 * Fixes data leak and potential ASLR violation from `tf.raw_ops.StringNGrams`
4987 ([CVE-2020-15205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205))
4988 * Fixes segfaults caused by incomplete `SavedModel` validation
4989 ([CVE-2020-15206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206))
4990 * Fixes a data corruption due to a bug in negative indexing support in TFLite
4991 ([CVE-2020-15207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207))
4992 * Fixes a data corruption due to dimension mismatch in TFLite
4993 ([CVE-2020-15208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208))
4994 * Fixes several vulnerabilities in TFLite saved model format
4995 ([CVE-2020-15209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209),
4996 [CVE-2020-15210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210),
4997 [CVE-2020-15211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211))
4998 * Fixes several vulnerabilities in TFLite implementation of segment sum
4999 ([CVE-2020-15212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15212),
5000 [CVE-2020-15213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15213),
5001 [CVE-2020-15214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15214))
5003 [CVE-2020-15358](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358).
5004 * Fixes deprecated usage of `collections` API
5010 ## Bug Fixes and Other Changes
5012 * Fixes an undefined behavior causing a segfault in `tf.raw_ops.Switch`
5013 ([CVE-2020-15190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190))
5014 * Fixes three vulnerabilities in conversion to DLPack format
5015 ([CVE-2020-15191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191),
5016 [CVE-2020-15192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192),
5017 [CVE-2020-15193](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193))
5018 * Fixes two vulnerabilities in `SparseFillEmptyRowsGrad`
5019 ([CVE-2020-15194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194),
5020 [CVE-2020-15195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195))
5021 * Fixes an integer truncation vulnerability in code using the work sharder API
5022 ([CVE-2020-15202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202))
5023 * Fixes a format string vulnerability in `tf.strings.as_string`
5024 ([CVE-2020-15203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203))
5025 * Fixes segfault raised by calling session-only ops in eager mode
5026 ([CVE-2020-15204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204))
5027 * Fixes data leak and potential ASLR violation from `tf.raw_ops.StringNGrams`
5028 ([CVE-2020-15205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205))
5029 * Fixes segfaults caused by incomplete `SavedModel` validation
5030 ([CVE-2020-15206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206))
5031 * Fixes a data corruption due to a bug in negative indexing support in TFLite
5032 ([CVE-2020-15207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207))
5033 * Fixes a data corruption due to dimension mismatch in TFLite
5034 ([CVE-2020-15208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208))
5035 * Fixes several vulnerabilities in TFLite saved model format
5036 ([CVE-2020-15209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209),
5037 [CVE-2020-15210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210),
5038 [CVE-2020-15211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211))
5039 * Fixes several vulnerabilities in TFLite implementation of segment sum
5040 ([CVE-2020-15212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15212),
5041 [CVE-2020-15213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15213),
5042 [CVE-2020-15214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15214))
5044 [CVE-2020-9327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327),
5045 [CVE-2020-11655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655),
5046 [CVE-2020-11656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11656),
5047 [CVE-2020-13434](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13434),
5048 [CVE-2020-13435](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435),
5049 [CVE-2020-13630](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630),
5050 [CVE-2020-13631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631),
5051 [CVE-2020-13871](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13871),
5053 [CVE-2020-15358](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358).
5054 * Fixes deprecated usage of `collections` API
5060 ## Bug Fixes and Other Changes
5062 * Fixes an undefined behavior causing a segfault in `tf.raw_ops.Switch`
5063 ([CVE-2020-15190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190))
5064 * Fixes three vulnerabilities in conversion to DLPack format
5065 ([CVE-2020-15191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191),
5066 [CVE-2020-15192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192),
5067 [CVE-2020-15193](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193))
5068 * Fixes two vulnerabilities in `SparseFillEmptyRowsGrad`
5069 ([CVE-2020-15194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194),
5070 [CVE-2020-15195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195))
5071 * Fixes an integer truncation vulnerability in code using the work sharder API
5072 ([CVE-2020-15202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202))
5073 * Fixes a format string vulnerability in `tf.strings.as_string`
5074 ([CVE-2020-15203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203))
5075 * Fixes segfault raised by calling session-only ops in eager mode
5076 ([CVE-2020-15204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204))
5077 * Fixes data leak and potential ASLR violation from `tf.raw_ops.StringNGrams`
5078 ([CVE-2020-15205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205))
5079 * Fixes segfaults caused by incomplete `SavedModel` validation
5080 ([CVE-2020-15206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206))
5081 * Fixes a data corruption due to a bug in negative indexing support in TFLite
5082 ([CVE-2020-15207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207))
5083 * Fixes a data corruption due to dimension mismatch in TFLite
5084 ([CVE-2020-15208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208))
5085 * Fixes several vulnerabilities in TFLite saved model format
5086 ([CVE-2020-15209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209),
5087 [CVE-2020-15210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210),
5088 [CVE-2020-15211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211))
5090 [CVE-2020-9327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327),
5091 [CVE-2020-11655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655),
5092 [CVE-2020-11656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11656),
5093 [CVE-2020-13434](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13434),
5094 [CVE-2020-13435](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435),
5095 [CVE-2020-13630](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630),
5096 [CVE-2020-13631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631),
5097 [CVE-2020-13871](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13871),
5099 [CVE-2020-15358](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358).
5106 ## Bug Fixes and Other Changes
5108 * Fixes an undefined behavior causing a segfault in `tf.raw_ops.Switch`
5109 ([CVE-2020-15190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190))
5110 * Fixes three vulnerabilities in conversion to DLPack format
5111 ([CVE-2020-15191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191),
5112 [CVE-2020-15192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192),
5113 [CVE-2020-15193](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193))
5114 * Fixes two vulnerabilities in `SparseFillEmptyRowsGrad`
5115 ([CVE-2020-15194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194),
5116 [CVE-2020-15195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195))
5117 * Fixes an integer truncation vulnerability in code using the work sharder API
5118 ([CVE-2020-15202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202))
5119 * Fixes a format string vulnerability in `tf.strings.as_string`
5120 ([CVE-2020-15203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203))
5121 * Fixes segfault raised by calling session-only ops in eager mode
5122 ([CVE-2020-15204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204))
5123 * Fixes data leak and potential ASLR violation from `tf.raw_ops.StringNGrams`
5124 ([CVE-2020-15205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205))
5125 * Fixes segfaults caused by incomplete `SavedModel` validation
5126 ([CVE-2020-15206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206))
5127 * Fixes a data corruption due to a bug in negative indexing support in TFLite
5128 ([CVE-2020-15207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207))
5129 * Fixes a data corruption due to dimension mismatch in TFLite
5130 ([CVE-2020-15208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208))
5131 * Fixes several vulnerabilities in TFLite saved model format
5132 ([CVE-2020-15209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209),
5133 [CVE-2020-15210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210),
5134 [CVE-2020-15211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211))
5136 [CVE-2020-9327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327),
5137 [CVE-2020-11655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655),
5138 [CVE-2020-11656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11656),
5139 [CVE-2020-13434](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13434),
5140 [CVE-2020-13435](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435),
5141 [CVE-2020-13630](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630),
5142 [CVE-2020-13631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631),
5143 [CVE-2020-13871](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13871),
5145 [CVE-2020-15358](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358).
5151 ## Bug Fixes and Other Changes
5153 * Fixes an undefined behavior causing a segfault in `tf.raw_ops.Switch`
5154 ([CVE-2020-15190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190))
5155 * Fixes three vulnerabilities in conversion to DLPack format
5156 ([CVE-2020-15191](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191),
5157 [CVE-2020-15192](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192),
5158 [CVE-2020-15193](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193))
5159 * Fixes two vulnerabilities in `SparseFillEmptyRowsGrad`
5160 ([CVE-2020-15194](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194),
5161 [CVE-2020-15195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195))
5162 * Fixes an integer truncation vulnerability in code using the work sharder API
5163 ([CVE-2020-15202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202))
5164 * Fixes a format string vulnerability in `tf.strings.as_string`
5165 ([CVE-2020-15203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203))
5166 * Fixes segfault raised by calling session-only ops in eager mode
5167 ([CVE-2020-15204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204))
5168 * Fixes data leak and potential ASLR violation from `tf.raw_ops.StringNGrams`
5169 ([CVE-2020-15205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205))
5170 * Fixes segfaults caused by incomplete `SavedModel` validation
5171 ([CVE-2020-15206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206))
5172 * Fixes a data corruption due to a bug in negative indexing support in TFLite
5173 ([CVE-2020-15207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207))
5174 * Fixes a data corruption due to dimension mismatch in TFLite
5175 ([CVE-2020-15208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208))
5176 * Fixes several vulnerabilities in TFLite saved model format
5177 ([CVE-2020-15209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209),
5178 [CVE-2020-15210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210),
5179 [CVE-2020-15211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211))
5181 [CVE-2020-9327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327),
5182 [CVE-2020-11655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655),
5183 [CVE-2020-11656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11656),
5184 [CVE-2020-13434](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13434),
5185 [CVE-2020-13435](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435),
5186 [CVE-2020-13630](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630),
5187 [CVE-2020-13631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631),
5188 [CVE-2020-13871](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13871),
5190 [CVE-2020-15358](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358).
5191 * Fixes #41630 by including `max_seq_length` in CuDNN descriptor cache key
5227 We’ve also added opt-in support on Android and iOS for
5229 a highly optimized set of CPU kernels, as well as opt-in support for
5230 …ob/master/tensorflow/lite/g3doc/performance/gpu_advanced.md#running-quantized-models-experimental).
5234 …ase a nightly version of these packages](https://github.com/tensorflow/tensorflow#official-builds).
5243 history of op executions at the Python (eager) and intra-graph levels, the
5252 * C++ API: - `IteratorBase::RestoreInternal`,
5254 become pure-virtual and subclasses are now expected to provide an
5283 * Keras-based LSTM models must be converted with an explicit batch size in
5286 ## Bug Fixes and Other Changes
5314 for dynamically-sized TensorArray inside `tf.function`.
5357 [compute capability](https://developer.nvidia.com/cuda-gpus) 7.0 to
5418 exceptions when the values to reduce are from loops or if-clauses.
5438 * `CategoryEncoding`: turn integer-encoded categories into one-hot,
5439 multi-hot, or tf-idf encoded representations
5441 co-occurrences of previous categorical feature values
5442 * `Hashing`: the hashing trick, for large-vocabulary categorical features
5450 n-gram generation, and token encoding
5469 is a `tf.data.Dataset`-based replacement of the legacy
5476 * Extends `tf.keras.layers.Lambda` layers to support multi-argument lambdas,
5484 tracing time), instead of acting like a pseudo-variable whose updates *kind
5485 of sometimes* get reflected in already-traced `tf.function` traces.
5504 * Enabled experimental support for a new quantization mode with 16-bit
5505 activations and 8-bit weights. See
5519 * Rename GPU whitelist -> compatibility (list).
5533 * Experimental per-channel quant support for `conv` in Hexagon delegate.
5563 * Fix a subtle use-after-free issue in `XStatVisitor::RefValue()`.
5571 * Depend on a specific version of google-api-python-client.
5572 * Fixes apiclient import.
5589 Andrew Stevens, Angus-Luo, Anshuman Tripathy, Anush Elangovan, Artem Mavrin,
5592 Montaruli, Bigcat-Himax, blueyi, Bryan Cutler, Byambaa, Carlos
5593 Hernandez-Vaquero, Chen Lei, Chris Knorowski, Christian Clauss, chuanqiw,
5594 CuiYifeng, Daniel Situnayake, Daria Zhuravleva, Dayananda-V, Deven Desai, Devi
5602 Turner-Trauring, jacco, Jake Tae, Janosh Riebesell, Jason Zaman, jayanth, Jeff
5607 Leslie-Fang, Leslie-Fang-Intel, Li, Guizi, Lukas Geiger, Lutz Roeder, M\U00E5Ns
5610 Michael137, Milan Straka, Mitchell Vitez, Ml-0, Mokke Meguru, Mshr-H, nammbash,
5616 rposts, Ruan Kunliang, Rushabh Vasani, Ryohei Ikegami, Semun Lee, Seo-Inyoung,
5619 storypku, sunchenggen, sunway513, Sven-Hendrik Haase, Swapnil Parekh, Tamas Bela
5621 Tzu-Wei Huang, Téo Bouvard, Uday Bondhugula, Vaibhav Jade, Vijay Tadikamalla,
5629 ## Bug Fixes and Other Changes
5632 [CVE-2019-19880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19880),
5633 [CVE-2019-19244](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244)
5635 [CVE-2019-19645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645)
5637 [CVE-2019-15601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15601)
5638 * Updates `libjpeg-turbo` to `2.0.4` to handle
5639 [CVE-2018-19664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19664),
5640 [CVE-2018-20330](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20330)
5642 [CVE-2019-13960](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13960)
5644 [CVE-2019-10099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10099),
5645 [CVE-2018-17190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17190)
5647 [CVE-2018-11770](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11770)
5648 * Fixes a versioning bug which causes Keras layers from TF 1.x to be used
5653 ## Bug Fixes and Other Changes
5656 [CVE-2019-19880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19880),
5657 [CVE-2019-19244](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244)
5659 [CVE-2019-19645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645)
5661 [CVE-2019-15601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15601)
5662 * Updates `libjpeg-turbo` to `2.0.4` to handle
5663 [CVE-2018-19664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19664),
5664 [CVE-2018-20330](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20330)
5666 [CVE-2019-13960](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13960)
5668 [CVE-2019-10099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10099),
5669 [CVE-2018-17190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17190)
5671 [CVE-2018-11770](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11770)
5675 ## Bug Fixes and Other Changes
5678 [CVE-2019-19880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19880),
5679 [CVE-2019-19244](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244)
5681 [CVE-2019-19645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645)
5683 [CVE-2019-15601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15601)
5684 * Updates `libjpeg-turbo` to `2.0.4` to handle
5685 [CVE-2018-19664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19664),
5686 [CVE-2018-20330](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20330)
5688 [CVE-2019-13960](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13960)
5690 [CVE-2019-10099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10099),
5691 [CVE-2018-17190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17190)
5693 [CVE-2018-11770](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11770)
5700 [Python 2's EOL on January 1, 2020](https://www.python.org/dev/peps/pep-0373/#update).
5705 containing `-py3` will no longer be provided and existing `-py3` tags like
5706 `latest-py3` will not be updated.
5719 …on of swig efforts](https://github.com/tensorflow/community/blob/master/rfcs/20190208-pybind11.md).
5725 * Performance improvements for GPU multi-worker distributed training using
5727 * Update NVIDIA `NCCL` to `2.5.7-1` for better performance and performance
5729 …[nccl developer guide](https://docs.nvidia.com/deeplearning/sdk/nccl-developer-guide/docs/env.html)
5747 * Easily write state-of-the-art training loops without worrying about
5763 implicitly in `Model._standardize_user_data`. Long-term, a solution
5766 * The SavedModel format now supports all Keras built-in layers (including
5792 losses. It now computes mean over the last axis of per-sample losses
5812 ## Bug Fixes and Other Changes
5830 * Speed up `GradientTape` in eager mode by auto-generating list of op
5834 * Improve error message when attempting to use `None` in data-dependent
5840 non-ragged dimension.
5846 * Support `embedding_column` with variable-length input features for
5930 on 32-bit ARM. This ensures a deterministic early exit instead of a hard
5938 deterministic `tf.nn.bias_add` back-prop functionality (and therefore
5939 also deterministic back-prop of bias-addition in Keras layers) to
5951 * Fix an issue with AUC.reset_states for multi-label AUC
5954 error and the output mode is `in-place`.
5964 Eichenberger, Amit Kumar Jaiswal, amoitra, Andrew Anderson, Angus-Luo, Anthony
5965 Barbier, Anton Kachatkou, Anuj Rawat, archis, Arpan-Dhatt, Arvind Sundararajan,
5969 Daria Zhuravleva, darsh8200, David Truby, Dayananda-V, deepakm, Denis Khalikov,
5978 Jake Tae, Jean-Denis Lesage, Jean-Michel Gorius, Jeff Daily, Jens Elofsson,
5980 Dekhtiar, Jose Ignacio Gomez, Joseph-Rance, Judd, Julian Gross, Kaixi Hou,
5982 Yasaswi Sri Chandra Gandhi, Koan-Sin Tan, Koki Ibukuro, Kristian Holsheimer,
5983 kurileo, Lakshay Tokas, Lee Netherton, leike666666, Leslie-Fang-Intel, Li,
5986 Franke, marload, Mbah-Javis, mbhuiyan, Meng Zhang, Michael Liao,
5990 Panpaliya, nmostafa, Noah Trenaman, nuka137, Officium, Owen L - Sfe, Pallavi G,
5997 srinivasan.narayanamoorthy, Srishti Yadav, Steph-En-M, Stephan Uphoff, Stephen
6001 VoVAllen, Wallyss Lima, Wen-Heng (Jack) Chung, wenxizhu, William D. Irons,
6003 Yasuhiro Matsumoto, Yaxun (Sam) Liu, Yong Tang, Ytyt-Yt, yuan, Yuan Mingshuai,
6008 ## Bug Fixes and Other Changes
6010 * Fixes a security vulnerability where converting a Python string to a
6012 ([CVE-2020-5215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5215))
6014 [CVE-2019-5482](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482)
6016 [CVE-2019-5481](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481)
6018 [CVE-2019-19646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19646),
6019 [CVE-2019-19645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645)
6021 [CVE-2019-16168](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16168)
6025 ## Bug Fixes and Other Changes
6027 * Fixes a security vulnerability where converting a Python string to a
6029 ([CVE-2020-5215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5215))
6031 [CVE-2019-5482](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482)
6033 [CVE-2019-5481](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481)
6035 [CVE-2019-19646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19646),
6036 [CVE-2019-19645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645)
6038 [CVE-2019-16168](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16168)
6043 [officially ends an January 1, 2020](https://www.python.org/dev/peps/pep-0373/#update).
6051 `tensorflow-gpu`) for both Linux and Windows. This runs on machines with and
6052 without NVIDIA GPUs. `tensorflow-gpu` is still available, and CPU-only
6053 packages can be downloaded at `tensorflow-cpu` for users who are concerned
6055 * **Windows users:** Officially-released `tensorflow` Pip packages are now
6060 [here](https://support.microsoft.com/help/2977003/the-latest-supported-visual-c-downloads).
6075 strings and takes care of text standardization, tokenization, n-gram
6077 …[end-to-end text classification example](https://colab.research.google.com/drive/1RvCnR7h0_l4Ekn5v…
6116 * [TensorRT 6.0](https://developer.nvidia.com/tensorrt#tensorrt-whats-new)
6120 TensorFlow-TensorRT python conversion API is exported as
6126 "1" also makes cuDNN convolution and max-pooling operate deterministically.
6128 both the forward and backward directions when running on a CUDA-enabled GPU.
6140 input tensors are marked non-feedable. In other words, if they are used as
6143 structure changes. A different graph can result in different per-op random
6155 ## Bug Fixes and Other Changes
6158 * Fixes concurrency issue with `tf.data.experimental.parallel_interleave`
6189 * Add an `errno`-like field to `NNAPI` delegate for detecting `NNAPI`
6197 * TPUs can now be re-initialized multiple times, using
6200 * Added new `uniform_row_length` row-partitioning tensor to
6214 and `tf.function(f).get_initialization_function` thread-safe.
6217 * Added more `dtypes` and zero-sized inputs to `Einsum` Op and improved
6219 * Enable multi-worker `NCCL` `all-reduce` inside functions executing
6228 * Added `tf.autodiff.ForwardAccumulator` for forward-mode autodiff
6252 Anthony Barbier, Anton Kachatkou, Anubh-V, Anuja Jakhade, Artem Ryabov, autoih,
6254 Koonce, candy.dc, Captain-Pool, caster, cathy, Chong Yan, Choong Yin Thong,
6260 Zhuang, Haifeng Jin, Haoyu Wu, HarikrishnanBalagopal, HJYOO, Huang Chen-Yi,
6264 Chen, Karthik Muthuraman, Keiji Ariyama, Kevin Rose, Kevin Wang, Koan-Sin Tan,
6265 kstuedem, Kwabena W. Agyeman, Lakshay Tokas, latyas, Leslie-Fang-Intel, Li,
6272 Refraction-Ray, Richard Barnes, richardbrks, Robert Herbig, Romeo Kienzler, Ryan
6278 vcarpani, Wei Wang, Wen-Heng (Jack) Chung, wenshuai, Wenshuai-Xiaomi, wenxizhu,
6294 `tensorflow-gpu` now) for the platforms we currently have GPU support (Linux
6296 `tensorflow-gpu` will still be available, and CPU-only packages can be
6297 downloaded at `tensorflow-cpu` for users who are concerned about package
6312 allowing users to write regular Python inside `tf.function`-decorated
6318 with element-wise comparison results. This will be the default behavior
6344 issued that starts with Layer "layer-name" is casting an input tensor
6353 a noop is returned and the input tensors are marked non-feedable. In
6357 graph can result in different per-op random seeds when they are not
6360 ## Bug Fixes and Other Changes
6368 * Fixes critical bugs that help with `DenseFeatures` usability in TF2
6390 distribution strategy is not specified this goes through the no-op
6411 * Update docstring for gather to properly describe the non-empty `batch_dims`
6415 * Makes the a-normal form transformation in Pyct configurable as to which
6422 nonscalar predicate if has a single element. This does not affect non-V2
6440 * Fix accidental quadratic graph construction cost in graph-mode
6452 Bryan Cutler, candy.dc, Cao Zongyan, Captain-Pool, Casper Da Costa-Luis, Chen
6456 Ito-Fisher, eashtian3, EFanZh, ejot, Elroy Ashtian Jr, Eric Schweitz, Fangjun
6461 Sandsmark, I-Hong, Ilham Firdausi Putra, Imran Salam, Jason Zaman, Jason
6466 Muthuraman, Kbhute-Ibm, khanhlvg, Koock Yoon, kstuedem, Kyuwon Kim, Lakshay
6467 Tokas, leike666666, leonard951, Leslie-Fang, Leslie-Fang-Intel, Li, Guizi, Lukas
6469 Maynard-Reid, Mark Ryan, Matt Conley, Matthew Bentham, Matthew Denton, mbhuiyan,
6477 Sami Kama, Sana-Damani, Sergii Khomenko, Severen Redwood, Shubham Goyal, Sigrid
6479 srinivasan.narayanamoorthy, Sumesh Udayakumaran, Sungmann Cho, Tae-Hwan Jung,
6483 Suryamurthy, Wei Wang, Wen-Heng (Jack) Chung, wenxizhu, William D. Irons,
6484 winstonq, wyzhao, Xiaoming (Jason) Cui, Xinan Jiang, Xinping Wang, Yann-Yy,
6506 [Upgrade](https://medium.com/tensorflow/upgrading-your-code-to-tensorflow-2-0-f72c3a4d83b5)
6514 models. Keras provides several model-building APIs such as Sequential,
6523 out-of-the-box performance. It supports distributed training with Keras
6524 model.fit, as well as with custom training loops. Multi-GPU support is
6538 allowing users to write regular Python inside `tf.function`-decorated
6550 * API clean-up, included removing `tf.app`, `tf.flags`, and `tf.logging`
6551 in favor of [absl-py](https://github.com/abseil/abseil-py).
6558 * Fixes autocomplete for most TensorFlow API references by switching to use
6560 * Auto Mixed-Precision graph optimizer simplifies converting models to
6565 forces the selection of deterministic cuDNN convolution and max-pooling
6620 * Feature Columns have been upgraded to be more Eager-friendly and to work
6624 `shared_embedding_columns`, which are not cross-compatible with v1 and
6640 issued that starts with `Layer <layer-name>` is casting an input tensor
6652 * Tensors are no longer hashable, but instead compare element-wise with `==`
6673 pre-trained checkpoint, please construct the layer with
6679 comma-separated list of base paths that are searched to find CUDA libraries
6693 ## Bug Fixes and Other Changes
6704 user-defined functions can span multiple devices now.
6722 * Support cancellation of long-running `reduce`.
6744 When used in distribution strategy scope, outside of built-in training
6747 * Support for multi-host `ncclAllReduce` in Distribution Strategy.
6793 eager-friendly training step inside of a `tf.function`. With this
6796 distribution strategy is not specified the path uses a no-op
6838 * Added fault-tolerance support for training Keras model via `model.fit()`
6858 of built-in training loops such as `tf.keras` `compile` and `fit`, we
6861 * `NONE`: Weighted losses with one dimension reduced (axis=-1, or axis
6862 specified by loss function). When this reduction type used with built-in
6868 built-in training loops like `tf.keras` `compile`/`fit`.
6878 * Allow non-Tensors through v2 losses.
6881 * `add_update` can now be passed a zero-arg callable in order to support
6898 * Post-training quantization tool supports quantizing weights shared by
6902 * Post-training quantization tool supports fp16 weights and GPU delegate
6909 * Add TensorFlow 2.0-compatible `TrtGraphConverterV2` API for TensorRT
6911 a named-tuple, `TrtConversionParams`, rather than as separate arguments
6924 * Fix accidental quadratic graph construction cost in graph-mode
6935 (incl. anti-aliasing).
7000 * Makes the a-normal form transformation in Pyct configurable as to which
7014 nonscalar predicate if has a single element. This does not affect non-V2
7030 * Update docstring for gather to properly describe the non-empty
7035 * Turn on MKL-DNN contraction kernels by default. MKL-DNN dynamically
7038 `--define=tensorflow_mkldnn_contraction_kernel=0`.
7041 * Added top-k to precision and recall to keras metrics.
7058 * Support both binary and -1/1 label input in v2 hinge and squared hinge
7070 * Updating cosine similarity loss - removed the negate sign from cosine
7090 Raghunathan, Bhavani Subramanian, Bin Fan, blairhan, BléNesi Attila, Bodin-E,
7091 Brandon Carter, Bryan Cutler, candy.dc, Cao Zongyan, Casper Da Costa-Luis, Chao
7098 Ito-Fisher, eashtian3, Edward Forgacs, EFanZh, ejot, Elroy Ashtian Jr, Eric
7104 Gurpreet Singh, Gustavo Lima Chaves, Gyoung-Yoon Ryoo, haison, Hanton Yang,
7106 Hoeseong Kim, Huan Li (李卓桓), HåKon Sandsmark, I-Hong, I-Hong Jhuo, Ilham
7115 Weinmeister, Karthik Muthuraman, Kashif Rasul, Kay Zhu, Kbhute-Ibm, KDR, Keno
7116 Fischer, Kevin Mader, khanhlvg, Kilaru Yasaswi Sri Chandra Gandhi, Koan-Sin Tan,
7118 leike666666, leonard951, Leslie-Fang, Letian Kang, Li, Guizi, Loo Rong Jie,
7121 Grover, Marco Gaido, Marek Drozdowski, Margaret Maynard-Reid, Mark Ryan, mars20,
7125 Holcomb, minds, monklof, Moses Marin, mpppk, Mr. Metal, Mshr-H, musikisomorphie,
7126 nammbash, Natalia Gimelshein, Nathan Luehr, Nayana-Ibm, Nayana Thorat, neargye,
7128 Niklas SilfverströM, Niranjan Hasabnis, Nuka-137, Nutti, ocjosen, olicht,
7136 Sana-Damani, Saurabh Deoras, sdamani, Sean Morgan, seanshpark, Sebastien Iooss,
7137 Serv-Inc, Severen Redwood, Shahzad Lone, Shashank Gupta, shashvat, Shashvat
7139 sleighsoft, smilu97, Snease-Abq, Son Tran, Spencer Schaber, sremedios, Srini511,
7141 Sungmann Cho, sunway513, Supriya Rao, sxwang, Tae-Hwan Jung, Taehoon Lee, Takeo
7147 Srinivasan, Vincent, Vishnuvardhan Janapati, Vitor-Alves, Vivek Suryamurthy,
7148 wangsiyu, wateryzephyr, WeberXie, Wei Wang, WeijieSun, Wen-Heng (Jack) Chung,
7150 Xiaoquan Kong, Xin, Xinping Wang, Yan Facai (颜发才), Yann-Yy, Yasir Modak,
7152 Yuan (Terry) Tang, Yuchen Ying, Yves-Noel Weweler, zhangyujing, zjjott, zyeric,
7163 * Turn on MKL-DNN contraction kernels by default. MKL-DNN dynamically
7165 To disable them, build with --define=tensorflow_mkldnn_contraction_kernel=0.
7173 distribution strategy scope, outside of built-in training loops such as
7191 * Updating cosine similarity loss - removed the negate sign from cosine
7206 ## Bug Fixes and Other Changes
7232 * Added top-k to precision and recall to keras metrics.
7257 enums. #tf-metrics-convergence
7278 * `add_update` can now be passed a zero-arg callable in order to support
7293 * Post-training quantization tool supports quantizing weights shared by
7300 (incl. anti-aliasing).
7303 * Turn on MKL-DNN contraction kernels by default. MKL-DNN dynamically
7306 --define=tensorflow_mkldnn_contraction_kernel=0.
7307 * Support for multi-host ncclAllReduce in Distribution Strategy.
7312 * Allow non-Tensors through v2 losses.
7322 checkpoint breaking change. If user want to use their 1.x pre-trained
7326 * TF 2.0 - Update metric name to always reflect what the user has given in
7338 * Support both binary and -1/1 label input in v2 hinge and squared hinge
7366 comma-separated list of base paths that are searched to find CUDA
7390 Norman, Dayananda V, Dayananda-V, delock, Denis Khalikov, Deven Desai, Dheeraj
7394 Pawelczak, Gyoung-Yoon Ryoo, HanGuo97, Hanton Yang, Hari Shankar, hehongliang,
7395 Heungsub Lee, Hoeseong Kim, I-Hong Jhuo, Ilango R, Innovimax, Irene Dea, Jacky
7401 kjopek, Koan-Sin Tan, kouml, ktaebum, Lakshay Tokas, Laurent Le Brun, Letian
7407 Moses Marin, Mshr-H, nammbash, Natalia Gimelshein, Nayana-Ibm, neargye, Neeraj
7409 Nuka-137, Nutti, olicht, P Sudeepam, Palmer Lao, Pan Daoxin, Pariksheet Pinjari,
7411 Soldatow, rthadur, Ruizhe, Ryan Jiang, Samantha Andow, Sami Kama, Sana-Damani,
7412 Saurabh Deoras, sdamani, seanshpark, Sebastien Iooss, Serv-Inc, Shahzad Lone,
7414 Snease-Abq, Spencer Schaber, sremedios, srinivasan.narayanamoorthy, Steve Lang,
7418 Vishwak Srinivasan, Vitor-Alves, wangsiyu, wateryzephyr, WeberXie, WeijieSun,
7419 Wen-Heng (Jack) Chung, wenxizhu, Will Battel, William D. Irons, wyzhao, Xin,
7420 Yasuhiro Matsumoto, ymodak, Yong Tang, Younes Khoudli, Yuan Lin, Yves-Noel
7425 ## Bug Fixes and Other Changes
7428 CVE-2019-7317, CVE-2018-13785, and CVE-2018-14048.
7429 * Updates `sqlite` dependency to 3.28.0 to not be affected by CVE-2018-20506,
7430 CVE-2018-20346, and CVE-2018-20505.
7434 ## Bug Fixes and Other Changes
7436 * Fixes a potential security vulnerability where carefully crafted GIF images
7458 scale the output l2-norm by `gain` and NOT by `sqrt(gain)`. (Note that these
7462 ## Bug Fixes and Other Changes
7508 `"ii->"`.
7509 * Add DCT-I and IDCT-I in `tf.signal.dct` and `tf.signal.idct`.
7518 Unicode encodings (UTF-8, UTF-16-BE, UTF-32-BE)
7523 * Support multi-label quantile regression in estimator.
7542 change. If user want to use their 1.x pre-trained checkpoint, please
7593 * Disable static optimizations for input pipelines that use non-resource
7595 * Add NUMA-aware MapAndBatch dataset.
7611 android-ndk-r14b/platforms/android-14/arch-*/usr/include/linux/futex.h
7649 Andrew Banchich, Andy Craze, Anton Dmitriev, Artem Malykh, Avijit-Nervana,
7668 Trevor Morris, Ubuntu, Vadim Borisov, vanderliang, wangsiyu, Wen Yun, Wen-Heng
7685 ## Bug Fixes and Other Changes
7692 dataset to a single element using a user-provided reduce function.
7721 * In tf eager execution, allow re-entering a GradientTape context.
7722 * Add tf_api_version flag. If --define=tf_api_version=2 flag is passed in,
7734 (David) Siu-Kei Muk, Ag Ramesh, Anton Dmitriev, Artem Sobolev, Avijit-Nervana,
7738 jiefangxuanyan, Johannes Bannhofer, Jonathan Homer, Koan-Sin Tan, kouml, Loo
7743 wangsiyu, weidankong, Wen-Heng (Jack) Chung, William D. Irons, Xin Jin, Yan
7758 * Add multi-GPU DistributionStrategy support in tf.keras. Users can now
7761 * Add multi-worker DistributionStrategy and standalone client support in
7777 ## Bug Fixes and Other Changes
7801 worse performance in others - see docstring). The option also allows to
7823 rather than re-using a shared one.
7824 * Fix FTRL L2-shrinkage behavior: the gradient from the L2 shrinkage term
7863 Koul, Aurelien Geron, Avijit, Avijit-Nervana, Ben, Benjamin H. Myara, bhack,
7871 Kate Hodesdon, Kb Sriram, Keishi Hattori, Kenneth Blomqvist, Koan-Sin Tan, Li
7880 Tristan Rice, TShapinsky, tucan, tucan9389, Vicente Reyes, Vilmar-Hillow, Vitaly
7881 Lavrukhin, wangershi, weidan.kong, weidankong, Wen-Heng (Jack) Chung, William D.
7883 Yamazaki, Yuan (Terry) Tang, Yuan, Man, zhaoyongke, ÁRon Ricardo Perez-Lopez,
7888 ## Bug Fixes and Other Changes
7936 ## Bug Fixes and Other Changes
7952 include a `PredictOutput` object in the `model_fn` for simple use-cases.
7978 * Adding per-element weight support for `WALSComputePartialLhsAndRhsOp`.
8047 eqy, Evgeniy Zheltonozhskiy, Freedom" Koan-Sin Tan, FréDéRic Branchaud-Charron,
8048 G K, gracehoney, Guillaume Klein, Guozhong Zhuang, Hsien-Yang Li, hsm207,
8064 * Updated docs for `tf.keras`: New Keras-based
8084 * Improved data-loading and text processing with:
8088 * Added experimental support for new pre-made Estimators:
8101 site-packages/external into site-packages/tensorflow/include/external.
8103 ## Bug Fixes and Other Changes
8165 * Added `tf.train.Checkpoint` for reading/writing object-based
8167 * Added LinearOperatorKronecker, a dense-free implementation of the
8180 Abdullah Alrasheed, Achal Shah, Ad-530, ADiegoCAlonso, Aditya Yogi, Ag Ramesh,
8182 Bhavani-Subramanian, braincodercn, Brett Koonce, Brian Nemsick, Brian Zier,
8185 Abecassis, Fergal Cotter, fo40225, foo0x29a, Freedom" Koan-Sin Tan, FréDéRic
8186 Branchaud-Charron, gdh1995, Geoffrey Irving, Giuseppe, gracehoney, Guido
8194 Niranjan Hasabnis, P-Hidringer, Paul Van Eck, Peng Yu, Qing Zhao, Qingying Chen,
8213 * Added Gradient Boosted Trees as pre-made Estimators: BoostedTreesClassifier,
8219 communication<sup>[1](#rpc-issue)</sup>.
8221 ## Bug Fixes and Other Changes
8238 tf.device(“/gpu:0”)`) (Fixes #14133)
8248 * During tensor-filter operations, allow exclusion of nodes by regular
8252 * Add meta-distribution BatchReshape which reshapes batch dimensions.
8258 * Add non-linear image warping ops: `tf.contrib.image.sparse_image_warp`,
8264 * Low-level graph construction now calls the TensorFlow C API. This change
8280 multi-threaded environments.
8287 * Fix non-uniformity of orthogonal matrices.
8288 * Fix bug where multi-image Estimator eval summaries were not displayed
8291 <a name="rpc-issue"><sup>1</sup></a> The cancellation logic of the RPC op
8303 Wilder-James, Fanjin Zeng, Felix Abecassis, fo40225, George Sterpu, Giovanni
8322 * Graph rewrites emulating fixed-point quantization compatible with TensorFlow
8338 ## Bug Fixes and Other Changes
8377 * Move LIBXSMM convolutions to a separate --define flag so that they are
8416 Wang, June-One, Kamil Sindi, Kb Sriram, Kdavis-Mozilla, Kenji, lazypanda1,
8417 Liang-Chi Hsieh, Loo Rong Jie, Mahesh Bhosale, MandarJKulkarni, ManHyuk, Marcus
8420 Penghao Cen, Phil, Raghuraman-K, resec, Rohin Mohanadas, Sandeep N Gupta, Scott
8435 * New Optimizer internal API for non-slot variables. Descendants of
8441 ## Bug Fixes and Other Changes
8449 * Add client-side throttle.
8471 * Improved XLA support for C64-related ops log, pow, atan2, tanh.
8485 Google discovered in mid-December 2017 that the PTX-to-SASS compiler in CUDA
8487 decomposing 64-bit address calculations with large offsets (e.g. `load [x +
8488 large_constant]`) into 32-bit arithmetic in SASS.
8496 [downgrade](https://developer.nvidia.com/cuda-toolkit-archive) to CUDA 8.0.x
8499 TensorFlow will print a warning if you use XLA:GPU with a known-bad version
8512 Zhang, Daniyar, Darjan Salaj, Dave Maclachlan, David Norman, Dong--Jian,
8518 Julian Niedermeier, Julian Wolff, JxKing, K-W-W, Karl Lessard, Kasper Marstal,
8519 Keiji Ariyama, Koan-Sin Tan, Loki Der Quaeler, Loo Rong Jie, Luke Schaefer, Lynn
8522 Mohamed Aly, Mohammad Ashraf Bhuiyan, Myungjoo Ham, Naman Bhalla, Namrata-Ibm,
8525 Kapica, Peng Yu, Philip Yang, Pierre Blondeau, Po-Hsien Chu, powderluv, Puyu
8576 * Support shape inference (i.e., shapes containing -1) in the Reshape
8589 ## Bug Fixes and Other Changes
8592 * Clarified that you can only install TensorFlow on 64-bit machines.
8609 * Bug Fixes:
8616 `import_meta_graph` with a non-empty `import_scope` argument.
8650 * Add `RevBlock`, a memory-efficient implementation of reversible residual
8657 * GPU back-end now uses `ptxas` to compile generated PTX.
8679 Google discovered in mid-December 2017 that the PTX-to-SASS compiler in CUDA
8681 decomposing 64-bit address calculations with large offsets (e.g. `load [x +
8682 large_constant]`) into 32-bit arithmetic in SASS.
8690 [downgrade](https://developer.nvidia.com/cuda-toolkit-archive) to CUDA 8.0.x
8693 TensorFlow will print a warning if you use XLA:GPU with a known-bad version
8704 Thomé, Cem Eteke, cglewis, Changming Sun, Charles Shenton, Chi-Hung, Chris
8708 Donggeon Lim, dongpilYu, Dr. Kashif Rasul, Edd Wilder-James, Eric Lv, fcharras,
8714 Lessard, Kb Sriram, Keven Wang, Koan-Sin Tan, Kyle Mills, lanhin, LevineHuang,
8718 Traynor, miqlas, Namrata-Ibm, Nathan Luehr, Nathan Van Doorn, Noa Ezra, Nolan
8720 Yu, PinkySan, pks, powderluv, Qiao Hai-Jun, Qiao Longfei, Rajendra Arora, Ralph
8722 He, Sandeep Dcunha, sandipmgiri, Sang Han, scott, Scott Mudge, Se-Won Kim, Simon
8734 ## Bug Fixes and Other Changes
8755 * Add `tf.spectral.dct` for computing the DCT-II.
8756 * Add Mel-Frequency Cepstral Coefficient support to `tf.contrib.signal` (with
8758 * Add a self-check on `import tensorflow` for Windows DLL issues.
8762 expressions in tfdbg command-line interface. See
8773 ExportOutputs. For instance, a classifier may provide regression- and
8774 prediction-flavored outputs, in addition to the classification-flavored one.
8786 * Extend `tf.contrib.distributions.bijector` API to handle some non-injective
8789 * Generics (e.g., `Tensor<Integer>`) for improved type-safety (courtesy
8791 * Support for multi-dimensional string tensors.
8797 ## Bug Fixes and Other Changes
8809 log-det-jacobian.
8810 * Fix `tf.random_gamma` incorrectly handling non-batch, scalar draws.
8829 * Reorder some TF-GAN loss functions in a non-backwards compatible way.
8850 Dorokhov, Duncan Mac-Vicar P, EdwardDixon, EMCP, error.d, FAIJUL, Fan Xia,
8851 Francois Xavier, Fred Reiss, Freedom" Koan-Sin Tan, Fritz Obermeyer, Gao, Xiang,
8860 MtDersvan, Namrata-Ibm, Nathan Luehr, Naurril, Nayana Thorat, Nicolas Lopez,
8906 * Adding TensorFlow-iOS CocoaPod for symmetry with tensorflow-android.
8912 * Display summaries of numeric tensor values with the `-s` flag to command
8917 the `run -p` command.
8938 * Adds tf.contrib.nn.rank_sampled_softmax_loss, a sampled-softmax variant that
8951 ## Bug Fixes and Other Changes
8953 * Fixes `strides` and `begin` dtype mismatch when slicing using int64 Tensor
8958 * A more efficient implementation of non-max suppression.
8959 * Add support for the shrinkage-type L2 to FtrlOptimizer in addition to the
8971 transition to clusterspec-propagated configurations.
8975 * Add fixed-grid ODE integration routines.
8977 * Correctness fixes for fft_length parameter to `tf.spectral.rfft` &
8991 * Add in-memory caching to the Dataset API.
8998 * When GPU is configured, do not require --config=cuda, instead, automatically
9004 * Allow uses of over-parameterized separable convolution.
9005 * TensorForest multi-regression bug fix.
9013 * Fixed a bug that prevented tfdbg from functioning with multi-GPU setups.
9023 Hundt, Androbin, Andy Kernahan, Anish Shah, Anthony Platanios, Arvinds-Ds, b1rd,
9030 Koan-Sin Tan, Fritz Obermeyer, Gao, Xiang, Gautam, Guenther Schmuelling, Gyu-Ho
9034 Alvarez-Gutierrez, Juang, Yi-Lin, Julian Viereck, Kaarthik Sivashanmugam, Karl
9055 ## Bug Fixes and Other Changes
9068 * Added libverbs-based RDMA support to contrib (courtesy @junshi15 from
9070 * Bring `tf.feature_column.*` into the API. Non-deprecated functionality from
9081 will now build a 5-layer LSTM stack where each layer shares the **same**
9105 replaced by calling `embedding_lookup` or `layers.dense` as pre- or post-
9110 … (https://software.intel.com/en-us/articles/tensorflow-optimizations-on-modern-intel-architecture).
9115 manipulation: multi-dimensional transposition (conversion), split, concat,
9120 * Support client-provided ClusterSpec's and propagate them to all workers to
9125 * We released a new open-source version of TensorBoard.
9163 ## Bug Fixes and Other Changes
9185 * Add tf.log_sigmoid(x) = tf.log(tf.sigmoid(x)) = -tf.nn.softplus(-x).
9210 * The "run" command of tfdbg's command-line interface now supports filtering
9233 KhabarlakKonstantin, Koan-Sin Tan, krivard, Kwotsin, Leandro Gracia Gil, Li
9262 * Added a new lightweight queue-like object - `RecordInput`.
9264 * Bring `tf.estimator.*` into the API. Non-deprecated functionality from
9272 * New navigation bar in Curses-based UI
9312 ## Bug Fixes and Other Changes
9317 * Fix a bug in the WALS solver when single-threaded.
9335 * Fixed bfloat16 integration of LIBXSMM sparse mat-mul.
9337 input buffers to output buffers and perform computations in-place.
9352 * Multiple tfdbg bug fixes:
9356 * Java Maven fixes for bugs with Windows installation.
9357 * Backport fixes and improvements from external keras.
9364 A. Besir Kurtulmus, Adal Chiriliuc, @akash, Alec-Desouza, Alex Rothberg, Alex
9378 @Lezcano, Li Yi, Luo Yun, @lurker, Mahmoud-Abuzaina, Mandeep Singh, Marek
9397 ## Bug Fixes and Other Changes
9401 * Google Cloud Storage fixes.
9403 intended to be exposed. Please use the same objects through top-level `tf`
9412 domain-specific compiler for TensorFlow graphs, that targets CPUs and GPUs.
9413 * TensorFlow Debugger (tfdbg): command-line interface and API.
9461 `tf.reciprocal` (component-wise reciprocal) to avoid confusion with `np.inv`
9502 ## Bug Fixes and Other Changes
9528 * Android: pre-built libs are now built nightly.
9545 * Add new queue-like `StagingArea` and new ops: `stage` and `unstage`.
9592 * Added a new library for library of matrix-free (iterative) solvers for
9593 linear equations, linear least-squares, eigenvalues and singular values in
9624 include `RNN` -> `rnn` in `tf.nn.rnn`, `tf.nn.dynamic_rnn` and moving from
9625 `Linear/Matrix` -> `weights` and `Linear/Bias` -> `biases` in most RNN
9654 ## Bug Fixes and Other Changes
9658 * Fixed bug causing incorrect number of threads to be used for multi-threaded
9660 * Performance optimizations for `batch_matmul` on multi-core CPUs.
9680 Laurent Mazare, Leonard Lee, Liang-Chi Hsieh, Liangliang He, Luke Iwanski, Marek
9700 * Improved support for NumPy style basic slicing including non-1 strides,
9702 like `foo[1, 2:4, tf.newaxis, ..., :-3:-1, :]` are now supported. In
9703 addition we have preliminary (non-broadcasting) support for sliced
9717 promoted the non-batch version of the ops to handle batches of matrices.
9726 ## Bug Fixes and Other Changes
9733 * Improved multi-threaded performance of `batch_matmul`.
9765 Egor-Krivov, Elia Palme, Eric Platon, Fabrizio Milo, Gaetan Semet, Georg
9766 Nebehay, Gu Wang, Gustav Larsson, @haosdent, Harold Cooper, Hw-Zz, @ichuang,
9769 @jpangburn, Jules Gagnon-Marchand, Karen Brems, @kborer, Kirill Bobyrev, Laurent
9771 Winkelmann, @mecab, Mu-Ik Jeon, Nand Dalal, Niels Ole Salscheider, Nikhil
9774 @suiyuan2009, Tiago Jorge, Tijmen Tieleman, @tvn, @tyfkda, Wang Yang, Wei-Ting
9786 * Added graph-construction C API
9787 * Major revision to the graph-construction C++ API
9790 * Full version of TF-Slim available as `tf.contrib.slim`
9791 * Added k-Means clustering and WALS matrix factorization
9793 ## Bug Fixes and Other Changes
9798 * New high-level ops in tf.contrib. {layers,metrics}
9809 * Many documentation fixes
9816 Diesel, Charles-Emmanuel Dias, @chemelnucfin, Chris Lesniewski, Daeyun Shin,
9825 @Robin-des-Bois, Rohit Girdhar, Sam Abrahams, satok16, Sergey Kishchenko, Sharkd
9826 Tu, @shotat, Siddharth Agrawal, Simon Denel, @sono-bfio, SunYeop Lee, Thijs
9840 * Added makefile for better cross-platform build support (C API only)
9849 ## Bug Fixes and Other Changes
9852 * Added support for using third-party Python optimization algorithms
9865 * Many documentation fixes
9866 * TensorBoard fixes: graphs with only one data point, Nan values, reload
9867 button and auto-reload, tooltips in scalar charts, run filtering, stable
9881 Jie, Lucas Moura, Łukasz Bieniasz-Krzywiec, Mario Cho, Maxim Grechkin, Michael
9882 Heilman, Mostafa Rahmani, Mourad Mourafiq, @ninotoshi, Orion Reblitz-Richardson,
9903 * Allow use of (non-blocking) Eigen threadpool with
9909 ## Bug Fixes and Other Changes
9917 * `bool`-strictness: Tensors have to be explicitly compared to `None`
9927 * Added tutorials, many documentation fixes.
9935 @BanditCat, Bas Veeling, Cameron Chen, @cg31, Cheng-Lung Sung, Christopher
9938 @e-lin, Eurico Doirado, Erik Erwitt, Fabrizio Milo, @gaohuazuo, Iblis Lin, Igor
9949 Vlad Zagorodniy, Wei-Ting Kuo, Wenjian Huang, William Dmitri Breaden Madden,
9958 ## Bug Fixes and Other Changes
9962 * GPU Pip wheels are built with cuda 7.5 and cudnn-v4, making them required
9969 * Improvements and fixes to Docker image.
9979 * Added an easy way to add and dynamically load user-defined ops
9984 ## Bug Fixes and Other Changes
9989 * Open-sourced the doc generator
9990 * Un-fork Eigen
9997 * Documentation fixes and improvements
10007 casting safety is handled by `saturate_cast`, which makes sure over- and
10015 * `env.h` -> `../platform/env.h`
10016 * `status.h` -> `../lib/core/status.h`
10017 * `tensor.h` -> `../framework/tensor.h`
10018 * `tensor_shape.h` -> `../framework/tensor_shape.h`
10019 * `partial_tensor_shape.h` -> `../framework/partial_tensor_shape.h`
10029 currently maintained for short-term compatibility but will be removed.
10030 * The non-public `nn.rnn` and the various `nn.seq2seq` methods now return just
10036 3-D images). The C++ `RandomCrop` op has been replaced with pure Python.
10038 `tf.test.get_temp_dir` and `tf.test.is_built_with_cuda` for PEP-8
10063 Taehoon Kim, Timothy J Laurent, Vlad Zavidovych, Yangqing Jia, Yi-Lin Juang,
10065 @Mandar-Shinde, @nsipplswezey, @ninotoshi, @panmari, @prolearner and
10079 [convnet benchmarks](https://github.com/soumith/convnet-benchmarks/issues/66)
10081 to moving to 32-bit indices, faster shuffling kernels. More improvements to
10084 ## Bug Fixes
10086 * Lots of fixes to documentation and tutorials, many contributed by the
10091 ## Backwards-Incompatible Changes