Fixes a segfault in CompositeTensorVariantToComponents (CVE-2022-41909)
Fixes a invalid char to bool conversion in printing a tensor (CVE-2022-41911)
Fixes a heap overflow in QuantizeAndDequantizeV2 (CVE-2022-41910)
Fixes a CHECK failure in SobolSample via missing validation (CVE-2022-35935)
Fixes a CHECK fail in TensorListScatter and TensorListScatterV2 in eager mode (CVE-2022-35935)
Release 2.10.0
Breaking Changes
Causal attention in keras.layers.Attention and
keras.layers.AdditiveAttention is now specified in the call() method via
the use_causal_mask argument (rather than in the constructor), for
consistency with other layers.
Some files in tensorflow/python/training have been moved to
tensorflow/python/tracking and tensorflow/python/checkpoint. Please
update your imports accordingly, the old files will be removed in Release
2.11.
tf.keras.optimizers.experimental.Optimizer will graduate in Release 2.11,
which means tf.keras.optimizers.Optimizer will be an alias of
tf.keras.optimizers.experimental.Optimizer. The current
tf.keras.optimizers.Optimizer will continue to be supported as
tf.keras.optimizers.legacy.Optimizer,
e.g.,tf.keras.optimizers.legacy.Adam. Most users won't be affected by this
change, but please check the
API doc
... (truncated)
Commits
1b8f5c3 Merge pull request #58583 from tensorflow/vinila21-patch-1
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/VisionLearningGroup/taskcv-2017-public/network/alerts).
dependabot[bot]
commented
2 years ago
Bumps tensorflow-gpu from 1.0.0 to 2.8.4.
Release notes
Sourced from tensorflow-gpu's releases.
... (truncated)
Changelog
Sourced from tensorflow-gpu's changelog.
... (truncated)
Commits
1b8f5c3Merge pull request #58583 from tensorflow/vinila21-patch-170d400bBroken build - 2.8.4 Patch release5e563ceMerge pull request #58579 from tensorflow-jenkins/version-numbers-2.8.4-171485cc92bfUpdate version numbers to 2.8.434bdb4aUpdate RELEASE.md43c90c6Merge pull request #58483 from tensorflow-jenkins/relnotes-2.8.4-173818392eccUpdate RELEASE.mdda4cc79Update RELEASE.md1470c37Merge pull request #58575 from pak-laura/cherry2.89f03a9d3bafe902c1e6beb105b2...323c668Update py_func.ccDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/VisionLearningGroup/taskcv-2017-public/network/alerts).