Skip to content

TensorFlow 2.0.4
Compare
Choose a tag to compare
@tensorflow-jenkins tensorflow-jenkins released this 06 Jan 17:47
v2.0.4
cdf2c54
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release 2.0.4

Note that this is the last patch release for the TensorFlow 2.0.x series.

Bug Fixes and Other Changes

  • Fixes an access to unitialized memory in Eigen code (CVE-2020-26266)
  • Fixes a security vulnerability caused by lack of validation in tf.raw_ops.DataFormatVecPermute and tf.raw_ops.DataFormatDimMap (CVE-2020-26267)
  • Fixes a vulnerability caused by attempting to write to immutable memory region in tf.raw_ops.ImmutableConst (CVE-2020-26268
  • Fixes a CHECK-fail in LSTM with zero-length input (CVE-2020-26270)
  • Fixes a security vulnerability caused by accessing heap data outside of bounds when loading a specially crafted SavedModel (CVE-2020-26271)
  • Updates libjpeg-turbo to 2.0.5 to handle CVE-2020-13790.
  • Updates junit to 4.13.1 to handle CVE-2020-15250.
  • Updates PCRE to 8.44 to handle CVE-2019-20838 and CVE-2020-14155.
  • Updates sqlite3 to 3.44.0 to keep in sync with master branch.
Assets 2