From 18d08c1fce634e11429e6e6899c255a0376a4498 Mon Sep 17 00:00:00 2001 From: TensorFlow Release Automation Date: Wed, 15 Jan 2020 13:53:06 -0800 Subject: [PATCH 1/3] Insert release notes place-fill --- RELEASE.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/RELEASE.md b/RELEASE.md index 24b99c2f354..02845773f8d 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,3 +1,7 @@ +# Release 1.15.1 + + + # Release 1.15.0 This is the last 1.x release for TensorFlow. We do not expect to update the 1.x branch with features, although we will issue patch releases to fix vulnerabilities for at least one year. From 7638645bf45ec927069c0a50d82f2fa61788dcdb Mon Sep 17 00:00:00 2001 From: Mihai Maruseac Date: Sat, 18 Jan 2020 14:52:39 -0800 Subject: [PATCH 2/3] Update RELEASE.md --- RELEASE.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/RELEASE.md b/RELEASE.md index 02845773f8d..64586b12a3c 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,6 +1,9 @@ # Release 1.15.1 - +## Bug Fixes and Other Changes +* Fixes a security vulnerability where converting a Python string to a `tf.float16` value produces a segmentation fault +* Updates `curl` to `7.66.0` to handle [CVE-2019-5482](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482) and [CVE-2019-5481](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481) +* Updates `sqlite3` to `3.30.01` to handle [CVE-2019-19646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19646), [CVE-2019-19645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645) and [CVE-2019-16168](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16168) # Release 1.15.0 This is the last 1.x release for TensorFlow. We do not expect to update the 1.x branch with features, although we will issue patch releases to fix vulnerabilities for at least one year. From a6051e8094c5e7d26ec9573a740246c92e4057a2 Mon Sep 17 00:00:00 2001 From: Mihai Maruseac Date: Tue, 21 Jan 2020 17:12:56 -0800 Subject: [PATCH 3/3] Add CVE number for main patch --- RELEASE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/RELEASE.md b/RELEASE.md index 64586b12a3c..3640311b7b1 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,7 +1,7 @@ # Release 1.15.1 ## Bug Fixes and Other Changes -* Fixes a security vulnerability where converting a Python string to a `tf.float16` value produces a segmentation fault +* Fixes a security vulnerability where converting a Python string to a `tf.float16` value produces a segmentation fault ([CVE-2020-5215](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5215)) * Updates `curl` to `7.66.0` to handle [CVE-2019-5482](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482) and [CVE-2019-5481](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481) * Updates `sqlite3` to `3.30.01` to handle [CVE-2019-19646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19646), [CVE-2019-19645](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645) and [CVE-2019-16168](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16168)