katacoda-notebooks
katacoda-notebooks copied to clipboard
Published
20 hours ago •
PipelineAI
PipelineAI
Bump tensorflow from 1.13.1 to 2.9.3 in /mlflow/wip/boston/build-base
Bumps tensorflow from 1.13.1 to 2.9.3.
Release notes
Sourced from tensorflow's releases.
TensorFlow 2.9.3
Release 2.9.3
This release introduces several vulnerability fixes:
- Fixes an overflow in
tf.keras.losses.poisson(CVE-2022-41887)- Fixes a heap OOB failure in
ThreadUnsafeUnigramCandidateSamplercaused by missing validation (CVE-2022-41880)- Fixes a segfault in
ndarray_tensor_bridge(CVE-2022-41884)- Fixes an overflow in
FusedResizeAndPadConv2D(CVE-2022-41885)- Fixes a overflow in
ImageProjectiveTransformV2(CVE-2022-41886)- Fixes an FPE in
tf.image.generate_bounding_box_proposalson GPU (CVE-2022-41888)- Fixes a segfault in
pywrap_tfe_srccaused by invalid attributes (CVE-2022-41889)- Fixes a
CHECKfail inBCast(CVE-2022-41890)- Fixes a segfault in
TensorListConcat(CVE-2022-41891)- Fixes a
CHECK_EQfail inTensorListResize(CVE-2022-41893)- Fixes an overflow in
CONV_3D_TRANSPOSEon TFLite (CVE-2022-41894)- Fixes a heap OOB in
MirrorPadGrad(CVE-2022-41895)- Fixes a crash in
Mfcc(CVE-2022-41896)- Fixes a heap OOB in
FractionalMaxPoolGrad(CVE-2022-41897)- Fixes a
CHECKfail inSparseFillEmptyRowsGrad(CVE-2022-41898)- Fixes a
CHECKfail inSdcaOptimizer(CVE-2022-41899)- Fixes a heap OOB in
FractionalAvgPoolandFractionalMaxPool(CVE-2022-41900)- Fixes a
CHECK_EQinSparseMatrixNNZ(CVE-2022-41901)- Fixes an OOB write in grappler (CVE-2022-41902)
- Fixes a overflow in
ResizeNearestNeighborGrad(CVE-2022-41907)- Fixes a
CHECKfail inPyFunc(CVE-2022-41908)- Fixes a segfault in
CompositeTensorVariantToComponents(CVE-2022-41909)- Fixes a invalid char to bool conversion in printing a tensor (CVE-2022-41911)
- Fixes a heap overflow in
QuantizeAndDequantizeV2(CVE-2022-41910)- Fixes a
CHECKfailure inSobolSamplevia missing validation (CVE-2022-35935)- Fixes a
CHECKfail inTensorListScatterandTensorListScatterV2in eager mode (CVE-2022-35935)TensorFlow 2.9.2
Release 2.9.2
This releases introduces several vulnerability fixes:
- Fixes a
CHECKfailure in tf.reshape caused by overflows (CVE-2022-35934)- Fixes a
CHECKfailure inSobolSamplecaused by missing validation (CVE-2022-35935)- Fixes an OOB read in
Gather_ndop in TF Lite (CVE-2022-35937)- Fixes a
CHECKfailure inTensorListReservecaused by missing validation (CVE-2022-35960)- Fixes an OOB write in
Scatter_ndop in TF Lite (CVE-2022-35939)- Fixes an integer overflow in
RaggedRangeOp(CVE-2022-35940)- Fixes a
CHECKfailure inAvgPoolOp(CVE-2022-35941)- Fixes a
CHECKfailures inUnbatchGradOp(CVE-2022-35952)- Fixes a segfault TFLite converter on per-channel quantized transposed convolutions (CVE-2022-36027)
- Fixes a
CHECKfailures inAvgPool3DGrad(CVE-2022-35959)- Fixes a
CHECKfailures inFractionalAvgPoolGrad(CVE-2022-35963)- Fixes a segfault in
BlockLSTMGradV2(CVE-2022-35964)- Fixes a segfault in
LowerBoundandUpperBound(CVE-2022-35965)
... (truncated)
Changelog
Sourced from tensorflow's changelog.
Release 2.9.3
This release introduces several vulnerability fixes:
- Fixes an overflow in
tf.keras.losses.poisson(CVE-2022-41887)- Fixes a heap OOB failure in
ThreadUnsafeUnigramCandidateSamplercaused by missing validation (CVE-2022-41880)- Fixes a segfault in
ndarray_tensor_bridge(CVE-2022-41884)- Fixes an overflow in
FusedResizeAndPadConv2D(CVE-2022-41885)- Fixes a overflow in
ImageProjectiveTransformV2(CVE-2022-41886)- Fixes an FPE in
tf.image.generate_bounding_box_proposalson GPU (CVE-2022-41888)- Fixes a segfault in
pywrap_tfe_srccaused by invalid attributes (CVE-2022-41889)- Fixes a
CHECKfail inBCast(CVE-2022-41890)- Fixes a segfault in
TensorListConcat(CVE-2022-41891)- Fixes a
CHECK_EQfail inTensorListResize(CVE-2022-41893)- Fixes an overflow in
CONV_3D_TRANSPOSEon TFLite (CVE-2022-41894)- Fixes a heap OOB in
MirrorPadGrad(CVE-2022-41895)- Fixes a crash in
Mfcc(CVE-2022-41896)- Fixes a heap OOB in
FractionalMaxPoolGrad(CVE-2022-41897)- Fixes a
CHECKfail inSparseFillEmptyRowsGrad(CVE-2022-41898)- Fixes a
CHECKfail inSdcaOptimizer(CVE-2022-41899)- Fixes a heap OOB in
FractionalAvgPoolandFractionalMaxPool(CVE-2022-41900)- Fixes a
CHECK_EQinSparseMatrixNNZ(CVE-2022-41901)- Fixes an OOB write in grappler (CVE-2022-41902)
- Fixes a overflow in
ResizeNearestNeighborGrad(CVE-2022-41907)- Fixes a
CHECKfail inPyFunc(CVE-2022-41908)- Fixes a segfault in
CompositeTensorVariantToComponents(CVE-2022-41909)- Fixes a invalid char to bool conversion in printing a tensor (CVE-2022-41911)
- Fixes a heap overflow in
QuantizeAndDequantizeV2(CVE-2022-41910)- Fixes a
CHECKfailure inSobolSamplevia missing validation (CVE-2022-35935)- Fixes a
CHECKfail inTensorListScatterandTensorListScatterV2in eager mode (CVE-2022-35935)Release 2.8.4
This release introduces several vulnerability fixes:
- Fixes a heap OOB failure in
ThreadUnsafeUnigramCandidateSamplercaused by missing validation (CVE-2022-41880)- Fixes a segfault in
ndarray_tensor_bridge(CVE-2022-41884)- Fixes an overflow in
FusedResizeAndPadConv2D(CVE-2022-41885)- Fixes a overflow in
ImageProjectiveTransformV2(CVE-2022-41886)- Fixes an FPE in
tf.image.generate_bounding_box_proposalson GPU (CVE-2022-41888)- Fixes a segfault in
pywrap_tfe_srccaused by invalid attributes (CVE-2022-41889)- Fixes a
CHECKfail inBCast(CVE-2022-41890)- Fixes a segfault in
TensorListConcat(CVE-2022-41891)- Fixes a
CHECK_EQfail inTensorListResize(CVE-2022-41893)- Fixes an overflow in
CONV_3D_TRANSPOSEon TFLite (CVE-2022-41894)- Fixes a heap OOB in
MirrorPadGrad(CVE-2022-41895)- Fixes a crash in
Mfcc(CVE-2022-41896)- Fixes a heap OOB in
FractionalMaxPoolGrad(CVE-2022-41897)- Fixes a
CHECKfail inSparseFillEmptyRowsGrad(CVE-2022-41898)- Fixes a
CHECKfail inSdcaOptimizer(CVE-2022-41899)
... (truncated)
Commits
a5ed5f3Merge pull request #58584 from tensorflow/vinila21-patch-2258f9a1Update py_func.cccd27cfbMerge pull request #58580 from tensorflow-jenkins/version-numbers-2.9.3-244743e75385Update version numbers to 2.9.3bc72c39Merge pull request #58482 from tensorflow-jenkins/relnotes-2.9.3-256953506c90Update RELEASE.md8dcb48eUpdate RELEASE.md4f34ec8Merge pull request #58576 from pak-laura/c2.99f03a9d3bafe902c1e6beb105b2f2417...6fc67e4Replace CHECK with returning an InternalError on failing to create python tuple5dbe90aMerge pull request #58570 from tensorflow/r2.9-7b174a0f2e4- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}