|
| 1 | +# Release 1.15.5 |
| 2 | + |
| 3 | +Note that this is the last patch release for the TensorFlow 1.x series. |
| 4 | + |
| 5 | +## Bug Fixes and Other Changes |
| 6 | +* Fixes an access to unitialized memory in Eigen code |
| 7 | + ([CVE-2020-26266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26266)) |
| 8 | +* Fixes a security vulnerability caused by lack of validation in |
| 9 | + `tf.raw_ops.DataFormatVecPermute` and `tf.raw_ops.DataFormatDimMap` |
| 10 | + ([CVE-2020-26267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26267)) |
| 11 | +* Fixes a vulnerability caused by attempting to write to immutable memory region in |
| 12 | + `tf.raw_ops.ImmutableConst` |
| 13 | + ([CVE-2020-26268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26268) |
| 14 | +* Fixes a `CHECK`-fail in LSTM with zero-length input |
| 15 | + ([CVE-2020-26270](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26270)) |
| 16 | +* Fixes a security vulnerability caused by accessing heap data outside of bounds |
| 17 | + when loading a specially crafted `SavedModel` |
| 18 | + ([CVE-2020-26271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26271)) |
| 19 | +* Updates `libjpeg-turbo` to `2.0.5` to handle |
| 20 | + [CVE-2020-13790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790). |
| 21 | +* Updates `junit` to `4.13.1` to handle |
| 22 | + [CVE-2020-15250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250). |
| 23 | +* Updates `PCRE` to `8.44` to handle |
| 24 | + [CVE-2019-20838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838) |
| 25 | + and |
| 26 | + [CVE-2020-14155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155). |
| 27 | +* Updates `sqlite3` to `3.44.0` to keep in sync with master branch. |
| 28 | + |
1 | 29 | # Release 1.15.4 |
2 | 30 |
|
3 | 31 | ## Bug Fixes and Other Changes |
|
0 commit comments