Facial-Expression-Recognition
Facial-Expression-Recognition copied to clipboard
Bump tensorflow from 2.2.0 to 2.4.2
Bumps tensorflow from 2.2.0 to 2.4.2.
Release notes
Sourced from tensorflow's releases.
TensorFlow 2.4.2
Release 2.4.2
This release introduces several vulnerability fixes:
- Fixes a heap buffer overflow in
RaggedBinCount
(CVE-2021-29512)- Fixes a heap out of bounds write in
RaggedBinCount
(CVE-2021-29514)- Fixes a type confusion during tensor casts which leads to dereferencing null pointers (CVE-2021-29513)
- Fixes a reference binding to null pointer in
MatrixDiag*
ops (CVE-2021-29515)- Fixes a null pointer dereference via invalid Ragged Tensors (CVE-2021-29516)
- Fixes a division by zero in
Conv3D
(CVE-2021-29517)- Fixes vulnerabilities where session operations in eager mode lead to null pointer dereferences (CVE-2021-29518)
- Fixes a
CHECK
-fail inSparseCross
caused by type confusion (CVE-2021-29519)- Fixes a segfault in
SparseCountSparseOutput
(CVE-2021-29521)- Fixes a heap buffer overflow in
Conv3DBackprop*
(CVE-2021-29520)- Fixes a division by 0 in
Conv3DBackprop*
(CVE-2021-29522)- Fixes a
CHECK
-fail inAddManySparseToTensorsMap
(CVE-2021-29523)- Fixes a division by 0 in
Conv2DBackpropFilter
(CVE-2021-29524)- Fixes a division by 0 in
Conv2DBackpropInput
(CVE-2021-29525)- Fixes a division by 0 in
Conv2D
(CVE-2021-29526)- Fixes a division by 0 in
QuantizedConv2D
(CVE-2021-29527)- Fixes a division by 0 in
QuantizedMul
(CVE-2021-29528)- Fixes vulnerabilities caused by invalid validation in
SparseMatrixSparseCholesky
(CVE-2021-29530)- Fixes a heap buffer overflow caused by rounding (CVE-2021-29529)
- Fixes a
CHECK
-fail intf.raw_ops.EncodePng
(CVE-2021-29531)- Fixes a heap out of bounds read in
RaggedCross
(CVE-2021-29532)- Fixes a
CHECK
-fail inDrawBoundingBoxes
(CVE-2021-29533)- Fixes a heap buffer overflow in
QuantizedMul
(CVE-2021-29535)- Fixes a
CHECK
-fail inSparseConcat
(CVE-2021-29534)- Fixes a heap buffer overflow in
QuantizedResizeBilinear
(CVE-2021-29537)- Fixes a heap buffer overflow in
QuantizedReshape
(CVE-2021-29536)- Fixes a division by zero in
Conv2DBackpropFilter
(CVE-2021-29538)- Fixes a heap buffer overflow in
Conv2DBackpropFilter
(CVE-2021-29540)- Fixes a heap buffer overflow in
StringNGrams
(CVE-2021-29542)- Fixes a null pointer dereference in
StringNGrams
(CVE-2021-29541)- Fixes a
CHECK
-fail inQuantizeAndDequantizeV4Grad
(CVE-2021-29544)- Fixes a
CHECK
-fail inCTCGreedyDecoder
(CVE-2021-29543)- Fixes a heap buffer overflow in
SparseTensorToCSRSparseMatrix
(CVE-2021-29545)- Fixes a division by 0 in
QuantizedBiasAdd
(CVE-2021-29546)- Fixes a heap out of bounds in
QuantizedBatchNormWithGlobalNormalization
(CVE-2021-29547)- Fixes a division by 0 in
QuantizedBatchNormWithGlobalNormalization
(CVE-2021-29548)- Fixes a division by 0 in
QuantizedAdd
(CVE-2021-29549)- Fixes a division by 0 in
FractionalAvgPool
(CVE-2021-29550)- Fixes an OOB read in
MatrixTriangularSolve
(CVE-2021-29551)- Fixes a heap OOB in
QuantizeAndDequantizeV3
(CVE-2021-29553)- Fixes a
CHECK
-failure inUnsortedSegmentJoin
(CVE-2021-29552)- Fixes a division by 0 in
DenseCountSparseOutput
(CVE-2021-29554)- Fixes a division by 0 in
FusedBatchNorm
(CVE-2021-29555)- Fixes a division by 0 in
SparseMatMul
(CVE-2021-29557)- Fixes a division by 0 in
Reverse
(CVE-2021-29556)
... (truncated)
Changelog
Sourced from tensorflow's changelog.
Release 2.4.2
This release introduces several vulnerability fixes:
- Fixes a heap buffer overflow in
RaggedBinCount
(CVE-2021-29512)- Fixes a heap out of bounds write in
RaggedBinCount
(CVE-2021-29514)- Fixes a type confusion during tensor casts which leads to dereferencing null pointers (CVE-2021-29513)
- Fixes a reference binding to null pointer in
MatrixDiag*
ops (CVE-2021-29515)- Fixes a null pointer dereference via invalid Ragged Tensors (CVE-2021-29516)
- Fixes a division by zero in
Conv3D
(CVE-2021-29517)- Fixes vulnerabilities where session operations in eager mode lead to null pointer dereferences (CVE-2021-29518)
- Fixes a
CHECK
-fail inSparseCross
caused by type confusion (CVE-2021-29519)- Fixes a segfault in
SparseCountSparseOutput
(CVE-2021-29521)- Fixes a heap buffer overflow in
Conv3DBackprop*
(CVE-2021-29520)- Fixes a division by 0 in
Conv3DBackprop*
(CVE-2021-29522)- Fixes a
CHECK
-fail inAddManySparseToTensorsMap
(CVE-2021-29523)- Fixes a division by 0 in
Conv2DBackpropFilter
(CVE-2021-29524)- Fixes a division by 0 in
Conv2DBackpropInput
(CVE-2021-29525)- Fixes a division by 0 in
Conv2D
(CVE-2021-29526)- Fixes a division by 0 in
QuantizedConv2D
(CVE-2021-29527)- Fixes a division by 0 in
QuantizedMul
(CVE-2021-29528)- Fixes vulnerabilities caused by invalid validation in
SparseMatrixSparseCholesky
(CVE-2021-29530)- Fixes a heap buffer overflow caused by rounding (CVE-2021-29529)
- Fixes a
CHECK
-fail intf.raw_ops.EncodePng
(CVE-2021-29531)- Fixes a heap out of bounds read in
RaggedCross
(CVE-2021-29532)- Fixes a
CHECK
-fail inDrawBoundingBoxes
... (truncated)
Commits
1923123
Merge pull request #50210 from tensorflow/geetachavan1-patch-1a0c8093
Update BUILDf1c8200
Merge pull request #50203 from tensorflow/mihaimaruseac-patch-17cf45b5
Update common.sh4aaac2b
Merge pull request #50185 from geetachavan1/cherrypicks_U90C165afa4b
Fix the nightly nonpip builds for MacOS.46c1821
Merge pull request #50184 from tensorflow/mihaimaruseac-patch-1cf8d667
Update common_win.batb2ef8a6
Merge pull request #50061 from tensorflow/geetachavan1-patch-2f9a1ba8
Update sparse_fill_empty_rows_op.cc- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.