Tensorflow

Latest version: v2.16.1

Safety actively analyzes 638388 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 6 of 17

2.6.2

Not secure
Fixes an issue where `keras`, `tensorflow_estimator` and `tensorboard` were
missing proper upper bounds and resulted in broken installs after TF 2.7 release

2.6.1

Not secure
This release introduces several vulnerability fixes:

* Fixes a code injection issue in `saved_model_cli`
([CVE-2021-41228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41228))
* Fixes a vulnerability due to use of uninitialized value in Tensorflow
([CVE-2021-41225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41225))
* Fixes a heap OOB in `FusedBatchNorm` kernels
([CVE-2021-41223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41223))
* Fixes an arbitrary memory read in `ImmutableConst`
([CVE-2021-41227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41227))
* Fixes a heap OOB in `SparseBinCount`
([CVE-2021-41226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41226))
* Fixes a heap OOB in `SparseFillEmptyRows`
([CVE-2021-41224](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41224))
* Fixes a segfault due to negative splits in `SplitV`
([CVE-2021-41222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41222))
* Fixes segfaults and vulnerabilities caused by accesses to invalid memory
during shape inference in `Cudnn*` ops
([CVE-2021-41221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41221))
* Fixes a null pointer exception when `Exit` node is not preceded by `Enter`
op
([CVE-2021-41217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41217))
* Fixes an integer division by 0 in `tf.raw_ops.AllToAll`
([CVE-2021-41218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41218))
* Fixes a use after free and a memory leak in `CollectiveReduceV2`
([CVE-2021-41220](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41220))
* Fixes an undefined behavior via `nullptr` reference binding in sparse matrix
multiplication
([CVE-2021-41219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41219))
* Fixes a heap buffer overflow in `Transpose`
([CVE-2021-41216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41216))
* Prevents deadlocks arising from mutually recursive `tf.function` objects
([CVE-2021-41213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41213))
* Fixes a null pointer exception in `DeserializeSparse`
([CVE-2021-41215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41215))
* Fixes an undefined behavior arising from reference binding to `nullptr` in
`tf.ragged.cross`
([CVE-2021-41214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41214))
* Fixes a heap OOB read in `tf.ragged.cross`
([CVE-2021-41212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41212))
* Fixes a heap OOB in shape inference for `QuantizeV2`
([CVE-2021-41211](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41211))
* Fixes a heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
([CVE-2021-41205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41205))
* Fixes an FPE in `ParallelConcat`
([CVE-2021-41207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41207))
* Fixes FPE issues in convolutions with zero size filters
([CVE-2021-41209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41209))
* Fixes a heap OOB read in `tf.raw_ops.SparseCountSparseOutput`
([CVE-2021-41210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41210))
* Fixes vulnerabilities caused by incomplete validation in boosted trees code
([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
* Fixes vulnerabilities caused by incomplete validation of shapes in multiple
TF ops
([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
* Fixes a segfault produced while copying constant resource tensor
([CVE-2021-41204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41204))
* Fixes a vulnerability caused by unitialized access in
`EinsumHelper::ParseEquation`
([CVE-2021-41201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41201))
* Fixes several vulnerabilities and segfaults caused by missing validation
during checkpoint loading
([CVE-2021-41203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41203))
* Fixes an overflow producing a crash in `tf.range`
([CVE-2021-41202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41202))
* Fixes an overflow producing a crash in `tf.image.resize` when size is large
([CVE-2021-41199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41199))
* Fixes an overflow producing a crash in `tf.tile` when tiling tensor is large
([CVE-2021-41198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41198))
* Fixes a vulnerability produced due to incomplete validation in
`tf.summary.create_file_writer`
([CVE-2021-41200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41200))
* Fixes multiple crashes due to overflow and `CHECK`-fail in ops with large
tensor shapes
([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
* Fixes a crash in `max_pool3d` when size argument is 0 or negative
([CVE-2021-41196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41196))
* Fixes a crash in `tf.math.segment_*` operations
([CVE-2021-41195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41195))
* Updates `curl` to `7.78.0` to handle
[CVE-2021-22922](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922),
[CVE-2021-22923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923),
[CVE-2021-22924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924),
[CVE-2021-22925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925),
and
[CVE-2021-22926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926).

2.6.0

Not secure
Breaking Changes

* `tf.train.experimental.enable_mixed_precision_graph_rewrite` is removed, as
the API only works in graph mode and is not customizable. The function is
still accessible under
`tf.compat.v1.mixed_precision.enable_mixed_precision_graph_rewrite`, but it
is recommended to use the
[Keras mixed precision API](https://www.tensorflow.org/guide/mixed_precision)
instead.

* `tf.lite`:

* Remove `experimental.nn.dynamic_rnn`, `experimental.nn.TfLiteRNNCell`
and `experimental.nn.TfLiteLSTMCell` since they're no longer supported.
It's recommended to just use
[keras lstm](https://www.tensorflow.org/api_docs/python/tf/keras/layers/LSTM)
instead.

* `tf.keras`:

* Keras been split into a separate PIP package (`keras`), and its code has
been moved to the GitHub
repository[keras-team/keras](http://github.com/keras-team/keras). The
API endpoints for `tf.keras` stay unchanged, but are now backed by the
`keras` PIP package. The existing code in tensorflow/python/keras is a
staled copy and will be removed in future release (2.7). Please remove
any imports to `tensorflow.python.keras` and replace them with public
tf.keras API instead.
* The methods `Model.to_yaml()` and `keras.models.model_from_yaml` have
been replaced to raise a `RuntimeError` as they can be abused to cause
arbitrary code execution. It is recommended to use JSON serialization
instead of YAML, or, a better alternative, serialize to H5.

Known Caveats

* TF Core:
* A longstanding bug in `tf.while_loop`, which caused it to execute
sequentially, even when `parallel_iterations>1`, has now been fixed.
However, the increased parallelism may result in increased memory use.
Users who experience unwanted regressions should reset their
`while_loop`'s `parallel_iterations` value to 1, which is consistent
with prior behavior.

Major Features and Improvements

* `tf.keras`:

* Keras has been split into a separate PIP package (`keras`), and its code
has been moved to the GitHub repository
[keras-team/keras](http://github.com/keras-team/keras). The API
endpoints for `tf.keras` stay unchanged, but are now backed by the
`keras` PIP package. All Keras-related PRs and issues should now be
directed to the GitHub repository.
[keras-team/keras](http://github.com/keras-team/keras).
* `tf.keras.utils.experimental.DatasetCreator` now takes an optional
`tf.distribute.InputOptions` for specific options when used with
distribution.
* `tf.keras.experimental.SidecarEvaluator` is now available for a program
intended to be run on an evaluator task, which is commonly used to
supplement a training cluster running with
`tf.distribute.experimental.ParameterServerStrategy` (see
`https://www.tensorflow.org/tutorials/distribute/parameter_server_training).
It can also be used with single-worker training or other strategies. See
docstring for more info.
* Preprocessing layers moved from experimental to core.
* Import paths moved from `tf.keras.layers.preprocessing.experimental`
to `tf.keras.layers`.
* Updates to Preprocessing layers API for consistency and clarity:
* `StringLookup` and `IntegerLookup` default for `mask_token` changed
to `None`. This matches the default masking behavior of `Hashing`
and `Embedding` layers. To keep existing behavior, pass
`mask_token=""` during layer creation.
* Renamed `"binary"` output mode to `"multi_hot"` for
`CategoryEncoding`, `StringLookup`, `IntegerLookup`, and
`TextVectorization`. Multi-hot encoding will no longer automatically
uprank rank 1 inputs, so these layers can now multi-hot encode
unbatched multi-dimensional samples.
* Added a new output mode `"one_hot"` for `CategoryEncoding`,
`StringLookup`, `IntegerLookup`, which will encode each element in
an input batch individually, and automatically append a new output
dimension if necessary. Use this mode on rank 1 inputs for the old
`"binary"` behavior of one-hot encoding a batch of scalars.
* `Normalization` will no longer automatically uprank rank 1 inputs,
allowing normalization of unbatched multi-dimensional samples.

* `tf.lite`:

* The recommended Android NDK version for building TensorFlow Lite has
been changed from r18b to r19c.
* Supports int64 for mul.
* Supports native variable builtin ops - ReadVariable, AssignVariable.
* Converter:
* Experimental support for variables in TFLite. To enable through
conversion, users need to set
`experimental_enable_resource_variables` on tf.lite.TFLiteConverter
to True. Note: mutable variables is only available using
`from_saved_model` in this release, support for other methods is
coming soon.
* Old Converter (TOCO) is getting removed from next release. It's been
deprecated for few releases already.

* `tf.saved_model`:

* SavedModels can now save custom gradients. Use the option
`tf.saved_model.SaveOption(experimental_custom_gradients=True)` to
enable this feature. The documentation in
[Advanced autodiff](https://www.tensorflow.org/guide/advanced_autodiff#custom_gradients)
has been updated.
* Object metadata has now been deprecated and no longer saved to the
SavedModel.

* TF Core:

* Added `tf.config.experimental.reset_memory_stats` to reset the tracked
peak memory returned by `tf.config.experimental.get_memory_info`.

* `tf.data`:

* Added `target_workers` param to `data_service_ops.from_dataset_id` and
`data_service_ops.distribute`. Users can specify `"AUTO"`, `"ANY"`, or
`"LOCAL"` (case insensitive). If `"AUTO"`, tf.data service runtime
decides which workers to read from. If `"ANY"`, TF workers read from any
tf.data service workers. If `"LOCAL"`, TF workers will only read from
local in-processs tf.data service workers. `"AUTO"` works well for most
cases, while users can specify other targets. For example, `"LOCAL"`
would help avoid RPCs and data copy if every TF worker colocates with a
tf.data service worker. Currently, `"AUTO"` reads from any tf.data
service workers to preserve existing behavior. The default value is
`"AUTO"`.

Bug Fixes and Other Changes

* TF Core:
* Added `tf.lookup.experimental.MutableHashTable`, which provides a
generic mutable hash table implementation.
* Compared to `tf.lookup.experimental.DenseHashTable` this offers
lower overall memory usage, and a cleaner API. It does not require
specifying a `delete_key` and `empty_key` that cannot be inserted
into the table.
* Added support for specifying number of subdivisions in all reduce host
collective. This parallelizes work on CPU and speeds up the collective
performance. Default behavior is unchanged.
* Add an option `perturb_singular` to `tf.linalg.tridiagonal_solve` that
allows solving linear systems with a numerically singular tridiagonal
matrix, e.g. for use in inverse iteration.
* Added `tf.linalg.eigh_tridiagonal` that computes the eigenvalues of a
Hermitian tridiagonal matrix.
* `tf.constant` now places its output on the current default device.
* SavedModel
* Added `tf.saved_model.experimental.TrackableResource`, which allows
the creation of custom wrapper objects for resource tensors.
* Added a SavedModel load option to allow restoring partial
checkpoints into the SavedModel. See
[`tf.saved_model.LoadOptions`](https://www.tensorflow.org/api_docs/python/tf/saved_model/LoadOptions)
for details.
* Added a new op `SparseSegmentSumGrad` to match the other sparse segment
gradient ops and avoid an extra gather operation that was in the
previous gradient implementation.
* Added a new session config setting `internal_fragmentation_fraction`,
which controls when the BFC Allocator needs to split an oversized chunk
to satisfy an allocation request.
* Added `tf.get_current_name_scope()` which returns the current full name
scope string that will be prepended to op names.
* `tf.data`:
* Promoting `tf.data.experimental.bucket_by_sequence_length` API to
`tf.data.Dataset.bucket_by_sequence_length` and deprecating the
experimental endpoint.
* Promoting `tf.data.experimental.get_single_element` API to
`tf.data.Dataset.get_single_element` and deprecating the experimental
endpoint.
* Promoting `tf.data.experimental.group_by_window` API to
`tf.data.Dataset.group_by_window` and deprecating the experimental
endpoint.
* Promoting `tf.data.experimental.RandomDataset` API to
`tf.data.Dataset.random` and deprecating the experimental endpoint.
* Promoting `tf.data.experimental.scan` API to `tf.data.Dataset.scan` and
deprecating the experimental endpoint.
* Promoting `tf.data.experimental.snapshot` API to
`tf.data.Dataset.shapshot` and deprecating the experimental endpoint.
* Promoting `tf.data.experimental.take_while` API to
`tf.data.Dataset.take_while` and deprecating the experimental endpoint.
* Promoting `tf.data.experimental.ThreadingOptions` API to
`tf.data.ThreadingOptions` and deprecating the experimental endpoint.
* Promoting `tf.data.experimental.unique` API to `tf.data.Dataset.unique`
and deprecating the experimental endpoint.
* Added `stop_on_empty_dataset` parameter to `sample_from_datasets` and
`choose_from_datasets`. Setting `stop_on_empty_dataset=True` will stop
sampling if it encounters an empty dataset. This preserves the sampling
ratio throughout training. The prior behavior was to continue sampling,
skipping over exhausted datasets, until all datasets are exhausted. By
default, the original behavior (`stop_on_empty_dataset=False`) is
preserved.
* Removed previously deprecated tf.data statistics related APIs:
* `tf.data.Options.experimental_stats`
* `tf.data.experimental.StatsAggregator`
* `tf.data.experimental.StatsOptions.*`
* `tf.data.experimental.bytes_produced_stats`
* `tf.data.experimental.latency_stats`
* Removed the following experimental tf.data optimization APIs:
* `tf.data.experimental.MapVectorizationOptions.*`
* `tf.data.experimental.OptimizationOptions.filter_with_random_uniform_fusion`
* `tf.data.experimental.OptimizationOptions.hoist_random_uniform`
* `tf.data.experimental.OptimizationOptions.map_vectorization` *
`tf.data.experimental.OptimizationOptions.reorder_data_discarding_ops`
* `tf.keras`:
* Fix usage of `__getitem__` slicing in Keras Functional APIs when the
inputs are `RaggedTensor` objects.
* Add `keepdims` argument to all `GlobalPooling` layers.
* Add `include_preprocessing` argument to `MobileNetV3` architectures to
control the inclusion of `Rescaling` layer in the model.
* Add optional argument (`force`) to `make_(train|test|predict)_funtion`
methods to skip the cached function and generate a new one. This is
useful to regenerate in a single call the compiled training function
when any `.trainable` attribute of any model's layer has changed.
* Models now have a `save_spec` property which contains the `TensorSpec`
specs for calling the model. This spec is automatically saved when the
model is called for the first time.
* `tf.linalg`:
* Add `CompositeTensor` as a base class to `LinearOperator`.
* `tf.lite`:
* Fix mean op reference quantization rounding issue.
* Added `framework_stable` BUILD target, which links in only the
non-experimental TF Lite APIs.
* Remove deprecated Java `Interpreter` methods:
* `modifyGraphWithDelegate` - Use `Interpreter.Options.addDelegate`
* `setNumThreads` - Use `Interpreter.Options.setNumThreads`
* Add Conv3DTranspose as a builtin op.
* `tf.summary`:
* Fix `tf.summary.should_record_summaries()` so it correctly reflects when
summaries will be written, even when `tf.summary.record_if()` is not n
effect, by returning True tensor if default writer is present.
* Grappler:
* Disable default Grappler optimization timeout to make the optimization
pipeline deterministic. This may lead to increased model loading time,
because time spent in graph optimizations is now unbounded (was 20
minutes).
* Deterministic Op Functionality (enabled by setting `TF_DETERMINISTIC_OPS` to
`"true"` or `"1"`):
* Add a deterministic GPU implementation of
`tf.nn.softmax_cross_entropy_with_logits`. See PR
[49178](https://github.com/tensorflow/tensorflow/pull/49178).
* Add a deterministic CPU implementation of `tf.image.crop_and_resize`.
See PR [48905](https://github.com/tensorflow/tensorflow/pull/48905).
* Add determinism-unimplemented exception-throwing to the following ops.
When op-determinism is expected, an attempt to use the specified paths
through the following ops on a GPU will cause
`tf.errors.UnimplementedError` (with an understandable message) to be
thrown.
* `tf.nn.sparse_softmax_cross_entropy_with_logits` forwards and/or
backwards. See PR
[47925](https://github.com/tensorflow/tensorflow/pull/47925).
* `tf.image.crop_and_resize` gradient w.r.t. either `image` or
`boxes`. See PR
[48905](https://github.com/tensorflow/tensorflow/pull/48905).
* `tf.sparse.sparse_dense_matmul` forwards. See PR
[50355](https://github.com/tensorflow/tensorflow/pull/50355).

Security

* Fixes a heap out of bounds access in sparse reduction operations
([CVE-2021-37635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37635))
* Fixes a floating point exception in `SparseDenseCwiseDiv`
([CVE-2021-37636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37636))
* Fixes a null pointer dereference in `CompressElement`
([CVE-2021-37637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37637))
* Fixes a null pointer dereference in `RaggedTensorToTensor`
([CVE-2021-37638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37638))
* Fixes a null pointer dereference and a heap OOB read arising from operations
restoring tensors
([CVE-2021-37639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37639))
* Fixes an integer division by 0 in sparse reshaping
([CVE-2021-37640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37640))
* Fixes a division by 0 in `ResourceScatterDiv`
([CVE-2021-37642](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37642))
* Fixes a heap OOB in `RaggedGather`
([CVE-2021-37641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37641))
* Fixes a `std::abort` raised from `TensorListReserve`
([CVE-2021-37644](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37644))
* Fixes a null pointer dereference in `MatrixDiagPartOp`
([CVE-2021-37643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37643))
* Fixes an integer overflow due to conversion to unsigned
([CVE-2021-37645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37645))
* Fixes a bad allocation error in `StringNGrams` caused by integer conversion
([CVE-2021-37646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37646))
* Fixes a null pointer dereference in `SparseTensorSliceDataset`
([CVE-2021-37647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37647))
* Fixes an incorrect validation of `SaveV2` inputs
([CVE-2021-37648](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37648))
* Fixes a null pointer dereference in `UncompressElement`
([CVE-2021-37649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37649))
* Fixes a segfault and a heap buffer overflow in
`{Experimental,}DatasetToTFRecord`
([CVE-2021-37650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37650))
* Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
([CVE-2021-37651](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37651))
* Fixes a use after free in boosted trees creation
([CVE-2021-37652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37652))
* Fixes a division by 0 in `ResourceGather`
([CVE-2021-37653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37653))
* Fixes a heap OOB and a `CHECK` fail in `ResourceGather`
([CVE-2021-37654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37654))
* Fixes a heap OOB in `ResourceScatterUpdate`
([CVE-2021-37655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37655))
* Fixes an undefined behavior arising from reference binding to nullptr in
`RaggedTensorToSparse`
([CVE-2021-37656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37656))
* Fixes an undefined behavior arising from reference binding to nullptr in
`MatrixDiagV*` ops
([CVE-2021-37657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37657))
* Fixes an undefined behavior arising from reference binding to nullptr in
`MatrixSetDiagV*` ops
([CVE-2021-37658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37658))
* Fixes an undefined behavior arising from reference binding to nullptr and
heap OOB in binary cwise ops
([CVE-2021-37659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37659))
* Fixes a division by 0 in inplace operations
([CVE-2021-37660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37660))
* Fixes a crash caused by integer conversion to unsigned
([CVE-2021-37661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37661))
* Fixes an undefined behavior arising from reference binding to nullptr in
boosted trees
([CVE-2021-37662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37662))
* Fixes a heap OOB in boosted trees
([CVE-2021-37664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37664))
* Fixes vulnerabilities arising from incomplete validation in `QuantizeV2`
([CVE-2021-37663](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37663))
* Fixes vulnerabilities arising from incomplete validation in MKL
requantization
([CVE-2021-37665](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37665))
* Fixes an undefined behavior arising from reference binding to nullptr in
`RaggedTensorToVariant`
([CVE-2021-37666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37666))
* Fixes an undefined behavior arising from reference binding to nullptr in
unicode encoding
([CVE-2021-37667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37667))
* Fixes an FPE in `tf.raw_ops.UnravelIndex`
([CVE-2021-37668](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37668))
* Fixes a crash in NMS ops caused by integer conversion to unsigned
([CVE-2021-37669](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37669))
* Fixes a heap OOB in `UpperBound` and `LowerBound`
([CVE-2021-37670](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37670))
* Fixes an undefined behavior arising from reference binding to nullptr in map
operations
([CVE-2021-37671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37671))
* Fixes a heap OOB in `SdcaOptimizerV2`
([CVE-2021-37672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37672))
* Fixes a `CHECK`-fail in `MapStage`
([CVE-2021-37673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37673))
* Fixes a vulnerability arising from incomplete validation in `MaxPoolGrad`
([CVE-2021-37674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37674))
* Fixes an undefined behavior arising from reference binding to nullptr in
shape inference
([CVE-2021-37676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37676))
* Fixes a division by 0 in most convolution operators
([CVE-2021-37675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37675))
* Fixes vulnerabilities arising from missing validation in shape inference for
`Dequantize`
([CVE-2021-37677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37677))
* Fixes an arbitrary code execution due to YAML deserialization
([CVE-2021-37678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37678))
* Fixes a heap OOB in nested `tf.map_fn` with `RaggedTensor`s
([CVE-2021-37679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37679))
* Fixes a division by zero in TFLite
([CVE-2021-37680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37680))
* Fixes an NPE in TFLite
([CVE-2021-37681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37681))
* Fixes a vulnerability arising from use of unitialized value in TFLite
([CVE-2021-37682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37682))
* Fixes an FPE in TFLite division operations
([CVE-2021-37683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37683))
* Fixes an FPE in TFLite pooling operations
([CVE-2021-37684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37684))
* Fixes an infinite loop in TFLite
([CVE-2021-37686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37686))
* Fixes a heap OOB in TFLite
([CVE-2021-37685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37685))
* Fixes a heap OOB in TFLite's `Gather*` implementations
([CVE-2021-37687](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37687))
* Fixes an undefined behavior arising from null pointer dereference in TFLite
([CVE-2021-37688](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37688))
* Fixes an undefined behavior arising from null pointer dereference in TFLite
MLIR optimizations
([CVE-2021-37689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37689))
* Fixes a FPE in LSH in TFLite
([CVE-2021-37691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37691))
* Fixes a segfault on strings tensors with mismatched dimensions, arising in
Go code
([CVE-2021-37692](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37692))
* Fixes a use after free and a potential segfault in shape inference functions
([CVE-2021-37690](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37690))
* Updates `curl` to `7.77.0` to handle
[CVE-2021-22876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876),
[CVE-2021-22897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22897),
[CVE-2021-22898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898),
and
[CVE-2021-22901](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22901).

Thanks to our Contributors

This release contains contributions from many people at Google, as well as:

Aadhitya A, Abhilash Mahendrakar, Abhishek Varma, Abin Shahab, Adam Hillier,
Aditya Kane, AdityaKane2001, ag.ramesh, Amogh Joshi, Armen Poghosov,
armkevincheng, Avrosh K, Ayan Moitra, azazhu, Banikumar Maiti, Bas Aarts, bhack,
Bhanu Prakash Bandaru Venkata, Billy Cao, Bohumir Zamecnik, Bradley Reece,
CyanXu, Daniel Situnayake, David Pal, Ddavis-2015, DEKHTIARJonathan, Deven
Desai, Duncan Riach, Edward, Eli Osherovich, Eugene Kuznetsov, europeanplaice,
evelynmitchell, Evgeniy Polyakov, Felix Vollmer, Florentin Hennecker, François
Chollet, Frederic Bastien, Fredrik Knutsson, Gabriele Macchi, Gaurav Shukla,
Gauri1 Deshpande, geetachavan1, Georgiy Manuilov, H, Hengwen Tong, Henri
Woodcock, Hiran Sarkar, Ilya Arzhannikov, Janghoo Lee, jdematos, Jens Meder,
Jerry Shih, jgehw, Jim Fisher, Jingbei Li, Jiri Podivin, Joachim Gehweiler,
Johannes Lade, Jonas I. Liechti, Jonas Liechti, Jonas Ohlsson, Jonathan
Dekhtiar, Julian Gross, Kaixi Hou, Kevin Cheng, Koan-Sin Tan, Kulin Seth,
linzewen, Liubov Batanina, luisleee, Lukas Geiger, Mahmoud Abuzaina, mathgaming,
Matt Conley, Max H. Gerlach, mdfaijul, Mh Kwon, Michael Martis, Michal
Szutenberg, Måns Nilsson, nammbash, Neil Girdhar, Nicholas Vadivelu, Nick
Kreeger, Nirjas Jakilim, okyanusoz, Patrice Vignola, Patrik Laurell, Pedro
Marques, Philipp Hack, Phillip Cloud, Piergiacomo De Marchi, Prashant Kumar,
puneeshkhanna, pvarouktsis, QQ喵, Rajeshwar Reddy T, Rama Ketineni, Reza Rahimi,
Robert Kalmar, rsun, Ryan Kuester, Saduf2019, Sean Morgan, Sean Moriarity,
Shaochen Shi, Sheng, Yang, Shu Wang, Shuai Zhang, Soojeong, Stanley-Nod, Steven
I Reeves, stevenireeves, Suraj Sudhir, Sven Mayer, Tamas Bela Feher,
tashuang.zk, tcervi, Teng Lu, Thales Elero Cervi, Thibaut Goetghebuer-Planchon,
Thomas Walther, Till Brychcy, Trent Lo, Uday Bondhugula, vishakha.agrawal,
Vishnuvardhan Janapati, wamuir, Wenwen Ouyang, wenwu, Williard Joshua Jose,
xiaohong1031, Xiaoming (Jason) Cui, Xinan Jiang, Yasir Modak, Yi Li, Yong Tang,
zilinzhu, 박상준, 이장

2.5.3

Not secure
This releases introduces several vulnerability fixes:

* Fixes a floating point division by 0 when executing convolution operators
([CVE-2022-21725](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21725))
* Fixes a heap OOB read in shape inference for `ReverseSequence`
([CVE-2022-21728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21728))
* Fixes a heap OOB access in `Dequantize`
([CVE-2022-21726](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21726))
* Fixes an integer overflow in shape inference for `Dequantize`
([CVE-2022-21727](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21727))
* Fixes a heap OOB access in `FractionalAvgPoolGrad`
([CVE-2022-21730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21730))
* Fixes an overflow and divide by zero in `UnravelIndex`
([CVE-2022-21729](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21729))
* Fixes a type confusion in shape inference for `ConcatV2`
([CVE-2022-21731](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21731))
* Fixes an OOM in `ThreadPoolHandle`
([CVE-2022-21732](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21732))
* Fixes an OOM due to integer overflow in `StringNGrams`
([CVE-2022-21733](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21733))
* Fixes more issues caused by incomplete validation in boosted trees code
([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
* Fixes an integer overflows in most sparse component-wise ops
([CVE-2022-23567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23567))
* Fixes an integer overflows in `AddManySparseToTensorsMap`
([CVE-2022-23568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23568))
* Fixes a number of `CHECK`-failures in `MapStage`
([CVE-2022-21734](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21734))
* Fixes a division by zero in `FractionalMaxPool`
([CVE-2022-21735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21735))
* Fixes a number of `CHECK`-fails when building invalid/overflowing tensor
shapes
([CVE-2022-23569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23569))
* Fixes an undefined behavior in `SparseTensorSliceDataset`
([CVE-2022-21736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21736))
* Fixes an assertion failure based denial of service via faulty bin count
operations
([CVE-2022-21737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21737))
* Fixes a reference binding to null pointer in `QuantizedMaxPool`
([CVE-2022-21739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21739))
* Fixes an integer overflow leading to crash in `SparseCountSparseOutput`
([CVE-2022-21738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21738))
* Fixes a heap overflow in `SparseCountSparseOutput`
([CVE-2022-21740](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21740))
* Fixes an FPE in `BiasAndClamp` in TFLite
([CVE-2022-23557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23557))
* Fixes an FPE in depthwise convolutions in TFLite
([CVE-2022-21741](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21741))
* Fixes an integer overflow in TFLite array creation
([CVE-2022-23558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23558))
* Fixes an integer overflow in TFLite
([CVE-2022-23559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23559))
* Fixes a dangerous OOB write in TFLite
([CVE-2022-23561](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23561))
* Fixes a vulnerability leading to read and write outside of bounds in TFLite
([CVE-2022-23560](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23560))
* Fixes a set of vulnerabilities caused by using insecure temporary files
([CVE-2022-23563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23563))
* Fixes an integer overflow in Range resulting in undefined behavior and OOM
([CVE-2022-23562](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23562))
* Fixes a vulnerability where missing validation causes `tf.sparse.split` to
crash when `axis` is a tuple
([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
* Fixes a `CHECK`-fail when decoding resource handles from proto
([CVE-2022-23564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23564))
* Fixes a `CHECK`-fail with repeated `AttrDef`
([CVE-2022-23565](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23565))
* Fixes a heap OOB write in Grappler
([CVE-2022-23566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23566))
* Fixes a `CHECK`-fail when decoding invalid tensors from proto
([CVE-2022-23571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23571))
* Fixes an unitialized variable access in `AssignOp`
([CVE-2022-23573](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23573))
* Fixes an integer overflow in `OpLevelCostEstimator::CalculateTensorSize`
([CVE-2022-23575](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23575))
* Fixes an integer overflow in `OpLevelCostEstimator::CalculateOutputSize`
([CVE-2022-23576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23576))
* Fixes a null dereference in `GetInitOp`
([CVE-2022-23577](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23577))
* Fixes a memory leak when a graph node is invalid
([CVE-2022-23578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23578))
* Fixes an abort caused by allocating a vector that is too large
([CVE-2022-23580](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23580))
* Fixes multiple `CHECK`-failures during Grappler's `IsSimplifiableReshape`
([CVE-2022-23581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23581))
* Fixes multiple `CHECK`-failures during Grappler's `SafeToRemoveIdentity`
([CVE-2022-23579](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23579))
* Fixes multiple `CHECK`-failures in `TensorByteSize`
([CVE-2022-23582](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23582))
* Fixes multiple `CHECK`-failures in binary ops due to type confusion
([CVE-2022-23583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23583))
* Fixes a use after free in `DecodePng` kernel
([CVE-2022-23584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23584))
* Fixes a memory leak in decoding PNG images
([CVE-2022-23585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23585))
* Fixes multiple `CHECK`-fails in `function.cc`
([CVE-2022-23586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23586))
* Fixes multiple `CHECK`-fails due to attempting to build a reference tensor
([CVE-2022-23588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23588))
* Fixes an integer overflow in Grappler cost estimation of crop and resize
operation
([CVE-2022-23587](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23587))
* Fixes a null pointer dereference in Grappler's `IsConstant`
([CVE-2022-23589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23589))
* Fixes a `CHECK` failure in constant folding
([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
* Fixes a stack overflow due to self-recursive function in `GraphDef`
([CVE-2022-23591](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23591))
* Updates `icu` to `69.1` to handle
[CVE-2020-10531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531)

2.5.2

Not secure
This release introduces several vulnerability fixes:

* Fixes a code injection issue in `saved_model_cli`
([CVE-2021-41228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41228))
* Fixes a vulnerability due to use of uninitialized value in Tensorflow
([CVE-2021-41225](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41225))
* Fixes a heap OOB in `FusedBatchNorm` kernels
([CVE-2021-41223](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41223))
* Fixes an arbitrary memory read in `ImmutableConst`
([CVE-2021-41227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41227))
* Fixes a heap OOB in `SparseBinCount`
([CVE-2021-41226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41226))
* Fixes a heap OOB in `SparseFillEmptyRows`
([CVE-2021-41224](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41224))
* Fixes a segfault due to negative splits in `SplitV`
([CVE-2021-41222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41222))
* Fixes segfaults and vulnerabilities caused by accesses to invalid memory
during shape inference in `Cudnn*` ops
([CVE-2021-41221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41221))
* Fixes a null pointer exception when `Exit` node is not preceded by `Enter`
op
([CVE-2021-41217](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41217))
* Fixes an integer division by 0 in `tf.raw_ops.AllToAll`
([CVE-2021-41218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41218))
* Fixes an undefined behavior via `nullptr` reference binding in sparse matrix
multiplication
([CVE-2021-41219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41219))
* Fixes a heap buffer overflow in `Transpose`
([CVE-2021-41216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41216))
* Prevents deadlocks arising from mutually recursive `tf.function` objects
([CVE-2021-41213](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41213))
* Fixes a null pointer exception in `DeserializeSparse`
([CVE-2021-41215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41215))
* Fixes an undefined behavior arising from reference binding to `nullptr` in
`tf.ragged.cross`
([CVE-2021-41214](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41214))
* Fixes a heap OOB read in `tf.ragged.cross`
([CVE-2021-41212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41212))
* Fixes a heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
([CVE-2021-41205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41205))
* Fixes an FPE in `ParallelConcat`
([CVE-2021-41207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41207))
* Fixes FPE issues in convolutions with zero size filters
([CVE-2021-41209](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41209))
* Fixes a heap OOB read in `tf.raw_ops.SparseCountSparseOutput`
([CVE-2021-41210](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41210))
* Fixes vulnerabilities caused by incomplete validation in boosted trees code
([CVE-2021-41208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41208))
* Fixes vulnerabilities caused by incomplete validation of shapes in multiple
TF ops
([CVE-2021-41206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41206))
* Fixes a segfault produced while copying constant resource tensor
([CVE-2021-41204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41204))
* Fixes a vulnerability caused by unitialized access in
`EinsumHelper::ParseEquation`
([CVE-2021-41201](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41201))
* Fixes several vulnerabilities and segfaults caused by missing validation
during checkpoint loading
([CVE-2021-41203](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41203))
* Fixes an overflow producing a crash in `tf.range`
([CVE-2021-41202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41202))
* Fixes an overflow producing a crash in `tf.image.resize` when size is large
([CVE-2021-41199](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41199))
* Fixes an overflow producing a crash in `tf.tile` when tiling tensor is large
([CVE-2021-41198](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41198))
* Fixes a vulnerability produced due to incomplete validation in
`tf.summary.create_file_writer`
([CVE-2021-41200](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41200))
* Fixes multiple crashes due to overflow and `CHECK`-fail in ops with large
tensor shapes
([CVE-2021-41197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41197))
* Fixes a crash in `max_pool3d` when size argument is 0 or negative
([CVE-2021-41196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41196))
* Fixes a crash in `tf.math.segment_*` operations
([CVE-2021-41195](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41195))
* Updates `curl` to `7.78.0` to handle
[CVE-2021-22922](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922),
[CVE-2021-22923](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923),
[CVE-2021-22924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924),
[CVE-2021-22925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925),
and
[CVE-2021-22926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22926).

2.5.1

Not secure
This release introduces several vulnerability fixes:

* Fixes a heap out of bounds access in sparse reduction operations
([CVE-2021-37635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37635))
* Fixes a floating point exception in `SparseDenseCwiseDiv`
([CVE-2021-37636](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37636))
* Fixes a null pointer dereference in `CompressElement`
([CVE-2021-37637](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37637))
* Fixes a null pointer dereference in `RaggedTensorToTensor`
([CVE-2021-37638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37638))
* Fixes a null pointer dereference and a heap OOB read arising from operations
restoring tensors
([CVE-2021-37639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37639))
* Fixes an integer division by 0 in sparse reshaping
([CVE-2021-37640](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37640))
* Fixes a division by 0 in `ResourceScatterDiv`
([CVE-2021-37642](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37642))
* Fixes a heap OOB in `RaggedGather`
([CVE-2021-37641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37641))
* Fixes a `std::abort` raised from `TensorListReserve`
([CVE-2021-37644](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37644))
* Fixes a null pointer dereference in `MatrixDiagPartOp`
([CVE-2021-37643](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37643))
* Fixes an integer overflow due to conversion to unsigned
([CVE-2021-37645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37645))
* Fixes a bad allocation error in `StringNGrams` caused by integer conversion
([CVE-2021-37646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37646))
* Fixes a null pointer dereference in `SparseTensorSliceDataset`
([CVE-2021-37647](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37647))
* Fixes an incorrect validation of `SaveV2` inputs
([CVE-2021-37648](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37648))
* Fixes a null pointer dereference in `UncompressElement`
([CVE-2021-37649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37649))
* Fixes a segfault and a heap buffer overflow in
`{Experimental,}DatasetToTFRecord`
([CVE-2021-37650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37650))
* Fixes a heap buffer overflow in `FractionalAvgPoolGrad`
([CVE-2021-37651](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37651))
* Fixes a use after free in boosted trees creation
([CVE-2021-37652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37652))
* Fixes a division by 0 in `ResourceGather`
([CVE-2021-37653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37653))
* Fixes a heap OOB and a `CHECK` fail in `ResourceGather`
([CVE-2021-37654](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37654))
* Fixes a heap OOB in `ResourceScatterUpdate`
([CVE-2021-37655](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37655))
* Fixes an undefined behavior arising from reference binding to nullptr in
`RaggedTensorToSparse`
([CVE-2021-37656](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37656))
* Fixes an undefined behavior arising from reference binding to nullptr in
`MatrixDiagV*` ops
([CVE-2021-37657](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37657))
* Fixes an undefined behavior arising from reference binding to nullptr in
`MatrixSetDiagV*` ops
([CVE-2021-37658](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37658))
* Fixes an undefined behavior arising from reference binding to nullptr and
heap OOB in binary cwise ops
([CVE-2021-37659](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37659))
* Fixes a division by 0 in inplace operations
([CVE-2021-37660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37660))
* Fixes a crash caused by integer conversion to unsigned
([CVE-2021-37661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37661))
* Fixes an undefined behavior arising from reference binding to nullptr in
boosted trees
([CVE-2021-37662](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37662))
* Fixes a heap OOB in boosted trees
([CVE-2021-37664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37664))
* Fixes vulnerabilities arising from incomplete validation in `QuantizeV2`
([CVE-2021-37663](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37663))
* Fixes vulnerabilities arising from incomplete validation in MKL
requantization
([CVE-2021-37665](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37665))
* Fixes an undefined behavior arising from reference binding to nullptr in
`RaggedTensorToVariant`
([CVE-2021-37666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37666))
* Fixes an undefined behavior arising from reference binding to nullptr in
unicode encoding
([CVE-2021-37667](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37667))
* Fixes an FPE in `tf.raw_ops.UnravelIndex`
([CVE-2021-37668](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37668))
* Fixes a crash in NMS ops caused by integer conversion to unsigned
([CVE-2021-37669](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37669))
* Fixes a heap OOB in `UpperBound` and `LowerBound`
([CVE-2021-37670](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37670))
* Fixes an undefined behavior arising from reference binding to nullptr in map
operations
([CVE-2021-37671](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37671))
* Fixes a heap OOB in `SdcaOptimizerV2`
([CVE-2021-37672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37672))
* Fixes a `CHECK`-fail in `MapStage`
([CVE-2021-37673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37673))
* Fixes a vulnerability arising from incomplete validation in `MaxPoolGrad`
([CVE-2021-37674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37674))
* Fixes an undefined behavior arising from reference binding to nullptr in
shape inference
([CVE-2021-37676](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37676))
* Fixes a division by 0 in most convolution operators
([CVE-2021-37675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37675))
* Fixes vulnerabilities arising from missing validation in shape inference for
`Dequantize`
([CVE-2021-37677](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37677))
* Fixes an arbitrary code execution due to YAML deserialization
([CVE-2021-37678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37678))
* Fixes a heap OOB in nested `tf.map_fn` with `RaggedTensor`s
([CVE-2021-37679](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37679))
* Fixes a division by zero in TFLite
([CVE-2021-37680](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37680))
* Fixes an NPE in TFLite
([CVE-2021-37681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37681))
* Fixes a vulnerability arising from use of unitialized value in TFLite
([CVE-2021-37682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37682))
* Fixes an FPE in TFLite division operations
([CVE-2021-37683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37683))
* Fixes an FPE in TFLite pooling operations
([CVE-2021-37684](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37684))
* Fixes an infinite loop in TFLite
([CVE-2021-37686](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37686))
* Fixes a heap OOB in TFLite
([CVE-2021-37685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37685))
* Fixes a heap OOB in TFLite's `Gather*` implementations
([CVE-2021-37687](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37687))
* Fixes an undefined behavior arising from null pointer dereference in TFLite
([CVE-2021-37688](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37688))
* Fixes an undefined behavior arising from null pointer dereference in TFLite
MLIR optimizations
([CVE-2021-37689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37689))
* Fixes a FPE in LSH in TFLite
([CVE-2021-37691](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37691))
* Fixes a segfault on strings tensors with mismatched dimensions, arising in
Go code
([CVE-2021-37692](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37692))
* Fixes a use after free and a potential segfault in shape inference functions
([CVE-2021-37690](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37690))
* Updates `curl` to `7.77.0` to handle
[CVE-2021-22876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876),
[CVE-2021-22897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22897),
[CVE-2021-22898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898),
and
[CVE-2021-22901](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22901).

Page 6 of 17

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.