Release 2.11.1
Note: TensorFlow 2.10 was the last TensorFlow release that supported GPU on native-Windows. Starting with TensorFlow 2.11, you will need to install TensorFlow in WSL2, or install tensorflow-cpu and, optionally, try the TensorFlow-DirectML-Plugin.
- Security vulnerability fixes will no longer be patched to this Tensorflow version. The latest Tensorflow version includes the security vulnerability fixes. You can update to the latest version (recommended) or patch security vulnerabilities yourself steps. You can refer to the release notes of the latest Tensorflow version for a list of newly fixed vulnerabilities. If you have any questions, please create a GitHub issue to let us know.
This release also introduces several vulnerability fixes:
- Fixes an FPE in TFLite in conv kernel CVE-2023-27579
- Fixes a double free in Fractional(Max/Avg)Pool CVE-2023-25801
- Fixes a null dereference on ParallelConcat with XLA CVE-2023-25676
- Fixes a segfault in Bincount with XLA CVE-2023-25675
- Fixes an NPE in RandomShuffle with XLA enable CVE-2023-25674
- Fixes an FPE in TensorListSplit with XLA CVE-2023-25673
- Fixes segmentation fault in tfg-translate CVE-2023-25671
- Fixes an NPE in QuantizedMatMulWithBiasAndDequantize CVE-2023-25670
- Fixes an FPE in AvgPoolGrad with XLA CVE-2023-25669
- Fixes a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation CVE-2023-25668
- Fixes a segfault when opening multiframe gif CVE-2023-25667
- Fixes an NPE in SparseSparseMaximum CVE-2023-25665
- Fixes an FPE in AudioSpectrogram CVE-2023-25666
- Fixes a heap-buffer-overflow in AvgPoolGrad CVE-2023-25664
- Fixes a NPE in TensorArrayConcatV2 CVE-2023-25663
- Fixes a Integer overflow in EditDistance CVE-2023-25662
- Fixes a Seg fault in
tf.raw_ops.PrintCVE-2023-25660 - Fixes a OOB read in DynamicStitch CVE-2023-25659
- Fixes a OOB Read in GRUBlockCellGrad CVE-2023-25658