tensorflow/tensorflow
An Open Source Machine Learning Framework for Everyone
6
TensorFlow v2.3.3
Release date:
June 4, 2021
Previous version:
v2.3.2
(released January 4, 2021)
Magnitude:
4,041
Diff Delta
Contributors:
47 total committers
Commits:
241 Features Released with v2.3.3
Browse Other Releases
Latest Pending
Unreleased π
v2.4.0-rc3
Released November 24, 2020
553 Ξ
v2.4.0-rc2
Released November 17, 2020
175 Ξ
v2.4.0-rc1
Released November 7, 2020
1,955 Ξ
v2.4.0-rc0
Released August 8, 2021
993 Ξ
v2.3.4
Released August 11, 2021
34,917 Ξ
v2.3.3
Released June 4, 2021
4,041 Ξ
v2.3.2
Released January 4, 2021
648 Ξ
v2.3.1
Released September 22, 2020
592 Ξ
v2.3.0
Released July 24, 2020
0 Ξ
v2.3.0-rc2
Released July 17, 2020
489 Ξ
Top Contributors in v2.3.3
jsimsa
duncanriach
tensorflower-gardener
JXRiver
mihaimaruseac
edloper
rsanthanam-amd
cheshire
rsamuelgo
benbarsdell
Directory Browser for v2.3.3
We haven't yet finished calculating and confirming the files and directories changed in this release. Please check back soon.
Release Notes Published
Release 2.3.3
This release introduces several vulnerability fixes:
- Fixes a heap buffer overflow in
RaggedBinCount
(CVE-2021-29512) - Fixes a heap out of bounds write in
RaggedBinCount
(CVE-2021-29514) - Fixes a type confusion during tensor casts which leads to dereferencing null pointers (CVE-2021-29513)
- Fixes a reference binding to null pointer in
MatrixDiag*
ops (CVE-2021-29515) - Fixes a null pointer dereference via invalid Ragged Tensors (CVE-2021-29516)
- Fixes a division by zero in
Conv3D
(CVE-2021-29517) - Fixes vulnerabilities where session operations in eager mode lead to null pointer dereferences (CVE-2021-29518)
- Fixes a
CHECK
-fail inSparseCross
caused by type confusion (CVE-2021-29519) - Fixes a segfault in
SparseCountSparseOutput
(CVE-2021-29521) - Fixes a heap buffer overflow in
Conv3DBackprop*
(CVE-2021-29520) - Fixes a division by 0 in
Conv3DBackprop*
(CVE-2021-29522) - Fixes a
CHECK
-fail inAddManySparseToTensorsMap
(CVE-2021-29523) - Fixes a division by 0 in
Conv2DBackpropFilter
(CVE-2021-29524) - Fixes a division by 0 in
Conv2DBackpropInput
(CVE-2021-29525) - Fixes a division by 0 in
Conv2D
(CVE-2021-29526) - Fixes a division by 0 in
QuantizedConv2D
(CVE-2021-29527) - Fixes a division by 0 in
QuantizedMul
(CVE-2021-29528) - Fixes vulnerabilities caused by invalid validation in
SparseMatrixSparseCholesky
(CVE-2021-29530) - Fixes a heap buffer overflow caused by rounding (CVE-2021-29529)
- Fixes a
CHECK
-fail intf.raw_ops.EncodePng
(CVE-2021-29531) - Fixes a heap out of bounds read in
RaggedCross
(CVE-2021-29532) - Fixes a
CHECK
-fail inDrawBoundingBoxes
(CVE-2021-29533) - Fixes a heap buffer overflow in
QuantizedMul
(CVE-2021-29535) - Fixes a
CHECK
-fail inSparseConcat
(CVE-2021-29534) - Fixes a heap buffer overflow in
QuantizedResizeBilinear
(CVE-2021-29537) - Fixes a heap buffer overflow in
QuantizedReshape
(CVE-2021-29536) - Fixes a division by zero in
Conv2DBackpropFilter
(CVE-2021-29538) - Fixes a heap buffer overflow in
Conv2DBackpropFilter
(CVE-2021-29540) - Fixes a heap buffer overflow in
StringNGrams
(CVE-2021-29542) - Fixes a null pointer dereference in
StringNGrams
(CVE-2021-29541) - Fixes a
CHECK
-fail inQuantizeAndDequantizeV4Grad
(CVE-2021-29544) - Fixes a
CHECK
-fail inCTCGreedyDecoder
(CVE-2021-29543) - Fixes a heap buffer overflow in
SparseTensorToCSRSparseMatrix
(CVE-2021-29545) - Fixes a division by 0 in
QuantizedBiasAdd
(CVE-2021-29546) - Fixes a heap out of bounds in
QuantizedBatchNormWithGlobalNormalization
(CVE-2021-29547) - Fixes a division by 0 in
QuantizedBatchNormWithGlobalNormalization
(CVE-2021-29548) - Fixes a division by 0 in
QuantizedAdd
(CVE-2021-29549) - Fixes a division by 0 in
FractionalAvgPool
(CVE-2021-29550) - Fixes an OOB read in
MatrixTriangularSolve
(CVE-2021-29551) - Fixes a heap OOB in
QuantizeAndDequantizeV3
(CVE-2021-29553) - Fixes a
CHECK
-failure inUnsortedSegmentJoin
(CVE-2021-29552) - Fixes a division by 0 in
DenseCountSparseOutput
(CVE-2021-29554) - Fixes a division by 0 in
FusedBatchNorm
(CVE-2021-29555) - Fixes a division by 0 in
SparseMatMul
(CVE-2021-29557) - Fixes a division by 0 in
Reverse
(CVE-2021-29556) - Fixes a heap buffer overflow in
SparseSplit
(CVE-2021-29558) - Fixes a heap OOB access in unicode ops (CVE-2021-29559)
- Fixes a heap buffer overflow in
RaggedTensorToTensor
(CVE-2021-29560) - Fixes a
CHECK
-fail inLoadAndRemapMatrix
(CVE-2021-29561) - Fixes a
CHECK
-fail intf.raw_ops.IRFFT
(CVE-2021-29562) - Fixes a
CHECK
-fail intf.raw_ops.RFFT
(CVE-2021-29563) - Fixes a null pointer dereference in
EditDistance
(CVE-2021-29564) - Fixes a null pointer dereference in
SparseFillEmptyRows
(CVE-2021-29565) - Fixes a heap OOB access in
Dilation2DBackpropInput
(CVE-2021-29566) - Fixes a reference binding to null in
ParameterizedTruncatedNormal
(CVE-2021-29568) - Fixes a set of vulnerabilities caused by lack of validation in
SparseDenseCwiseMul
(CVE-2021-29567) - Fixes a heap out of bounds read in
MaxPoolGradWithArgmax
(CVE-2021-29570) - Fixes a heap out of bounds read in
RequantizationRange
(CVE-2021-29569) - Fixes a memory corruption in
DrawBoundingBoxesV2
(CVE-2021-29571) - Fixes a reference binding to nullptr in
SdcaOptimizer
(CVE-2021-29572) - Fixes an overflow and a denial of service in
tf.raw_ops.ReverseSequence
(CVE-2021-29575) - Fixes a division by 0 in
MaxPoolGradWithArgmax
(CVE-2021-29573) - Fixes an undefined behavior in
MaxPool3DGradGrad
(CVE-2021-29574) - Fixes a heap buffer overflow in
MaxPool3DGradGrad
(CVE-2021-29576) - Fixes a heap buffer overflow in
AvgPool3DGrad
(CVE-2021-29577) - Fixes an undefined behavior and a
CHECK
-fail inFractionalMaxPoolGrad
(CVE-2021-29580) - Fixes a heap buffer overflow in
FractionalAvgPoolGrad
(CVE-2021-29578) - Fixes a heap buffer overflow in
MaxPoolGrad
(CVE-2021-29579) - Fixes a segfault in
CTCBeamSearchDecoder
(CVE-2021-29581) - Fixes a heap OOB read in
tf.raw_ops.Dequantize
(CVE-2021-29582) - Fixes a
CHECK
-fail due to integer overflow (CVE-2021-29584) - Fixes a heap buffer overflow and undefined behavior in
FusedBatchNorm
(CVE-2021-29583) - Fixes a division by zero in padding computation in TFLite (CVE-2021-29585)
- Fixes a division by zero in optimized pooling implementations in TFLite (CVE-2021-29586)
- Fixes a division by zero in TFLite's implementation of
SpaceToDepth
(CVE-2021-29587) - Fixes a division by zero in TFLite's implementation of
GatherNd
(CVE-2021-29589) - Fixes a division by zero in TFLite's implementation of
TransposeConv
(CVE-2021-29588) - Fixes a heap OOB read in TFLite's implementation of
Minimum
orMaximum
(CVE-2021-29590) - Fixes a null pointer dereference in TFLite's
Reshape
operator (CVE-2021-29592) - Fixes a stack overflow due to looping TFLite subgraph (CVE-2021-29591)
- Fixes a division by zero in TFLite's implementation of
DepthToSpace
(CVE-2021-29595) - Fixes a division by zero in TFLite's convolution code (CVE-2021-29594)
- Fixes a division by zero in TFLite's implementation of
EmbeddingLookup
(CVE-2021-29596) - Fixes a division by zero in TFLite's implementation of
BatchToSpaceNd
(CVE-2021-29593) - Fixes a division by zero in TFLite's implementation of
SpaceToBatchNd
(CVE-2021-29597) - Fixes a division by zero in TFLite's implementation of
SVDF
(CVE-2021-29598) - Fixes a division by zero in TFLite's implementation of
Split
(CVE-2021-29599) - Fixes a division by zero in TFLite's implementation of
OneHot
(CVE-2021-29600) - Fixes a division by zero in TFLite's implementation of
DepthwiseConv
(CVE-2021-29602) - Fixes a division by zero in TFLite's implementation of hashtable lookup (CVE-2021-29604)
- Fixes a integer overflow in TFLite concatentation (CVE-2021-29601)
- Fixes a integer overflow in TFLite memory allocation (CVE-2021-29605)
- Fixes a heap OOB write in TFLite (CVE-2021-29603)
- Fixes a heap OOB read in TFLite (CVE-2021-29606)
- Fixes a heap OOB and null pointer dereference in
RaggedTensorToTensor
(CVE-2021-29608) - Fixes vulnerabilities caused by incomplete validation in
SparseAdd
(CVE-2021-29609) - Fixes vulnerabilities caused by incomplete validation in
SparseSparseMinimum
(CVE-2021-29607) - Fixes vulnerabilities caused by incomplete validation in
SparseReshape
(CVE-2021-29611) - Fixes vulnerabilities caused by invalid validation in
QuantizeAndDequantizeV2
(CVE-2021-29610) - Fixes a heap buffer overflow in
BandedTriangularSolve
(CVE-2021-29612) - Fixes vulnerabilities caused by incomplete validation in
tf.raw_ops.CTCLoss
(CVE-2021-29613) - Fixes an interpreter crash from vulnerabilities in
tf.io.decode_raw
(CVE-2021-29614) - Fixes a stack overflow in
ParseAttrValue
with nested tensors (CVE-2021-29615) - Fixes a null dereference in Grappler's
TrySimplify
(CVE-2021-29616) - Fixes a crash in
tf.transpose
with complex inputs (CVE-2021-29618) - Fixes a crash in
tf.strings.substr
due toCHECK
-fail (CVE-2021-29617) - Fixes a segfault in
tf.raw_ops.SparseCountSparseOutput
(CVE-2021-29619) - Fixes a segfault in
tf.raw_ops.ImmutableConst
(CVE-2021-29539) - Updates
curl
to7.76.0
to handle CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285 and CVE-2020-8286.