From 9db4c5af5622e7861601e7ab93630df39ea704e9 Mon Sep 17 00:00:00 2001
From: TensorFlow Release Automation <jenkins@tensorflow.org>
Date: Mon, 13 Mar 2023 23:45:08 +0000
Subject: [PATCH 1/3] Insert release notes place-fill

---
 RELEASE.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/RELEASE.md b/RELEASE.md
index c8c00080ea3f6e..2d3a0f53e5e301 100644
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -1,5 +1,9 @@
 # Release 2.11.1
 
+<REPLACE THIS TEXT WITH THE RELEASE NOTES>
+
+# Release 2.11.1
+
 **Note**: TensorFlow 2.10 was the last TensorFlow release that supported GPU on native-Windows. Starting with TensorFlow 2.11, you will need to install TensorFlow in WSL2, or install tensorflow-cpu and, optionally, try the TensorFlow-DirectML-Plugin.
 
 This release also introduces several vulnerability fixes:

From 39e6332029d34340a327ada41926c073d32bc40d Mon Sep 17 00:00:00 2001
From: venkat2469 <104534215+venkat2469@users.noreply.github.com>
Date: Mon, 13 Mar 2023 17:11:13 -0700
Subject: [PATCH 2/3] Update RELEASE.md

---
 RELEASE.md | 30 ++++++++++++++++++++----------
 1 file changed, 20 insertions(+), 10 deletions(-)

diff --git a/RELEASE.md b/RELEASE.md
index 2d3a0f53e5e301..a97d21f37a7f52 100644
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -1,14 +1,24 @@
 # Release 2.11.1
-
-<REPLACE THIS TEXT WITH THE RELEASE NOTES>
-
-# Release 2.11.1
-
-**Note**: TensorFlow 2.10 was the last TensorFlow release that supported GPU on native-Windows. Starting with TensorFlow 2.11, you will need to install TensorFlow in WSL2, or install tensorflow-cpu and, optionally, try the TensorFlow-DirectML-Plugin.
-
-This release also introduces several vulnerability fixes:
-
-* TODO (in another PR)
+ 
+*   Fixes an FPE in TFLite in conv kernel [CVE-2023-27579] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27579)
+*   Fixes a double free in Fractional(Max/Avg)Pool [CVE-2023-25801] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25801)
+*   Fixes a null dereference on ParallelConcat with XLA [CVE-2023-25676] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25676)
+*   Fixes a segfault in Bincount with XLA [CVE-2023-25675] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25675)
+*   Fixes an NPE in RandomShuffle with XLA enable [CVE-2023-25674] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25674)
+*   Fixes an FPE in TensorListSplit with XLA [CVE-2023-25673] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25673)
+*   Fixes segmentation fault in tfg-translate [CVE-2023-25671] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25671)
+*   Fixes an NPE in QuantizedMatMulWithBiasAndDequantize [CVE-2023-25670] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25670)
+*   Fixes an FPE in AvgPoolGrad with XLA [CVE-2023-25669] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25669)
+*   Fixes a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation [CVE-2023-25668] (https://cve.mitre.org/cgi-bin/cvename.cgi?       name=CVE-2023-25668)
+*   Fixes a segfault when opening multiframe gif [CVE-2023-25667] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25667)
+*   Fixes an NPE in SparseSparseMaximum [CVE-2023-25665] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25665)
+*   Fixes an FPE in AudioSpectrogram [CVE-2023-25666] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25666)
+*   Fixes a heap-buffer-overflow in AvgPoolGrad  [CVE-2023-25664] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25664)
+*   Fixes a NPE in TensorArrayConcatV2  [CVE-2023-25663] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25663)
+*   Fixes a Integer overflow in EditDistance  [CVE-2023-25662] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25662)
+*   Fixes a Seg fault in `tf.raw_ops.Print` [CVE-2023-25660] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25660)
+*   Fixes a OOB read in DynamicStitch [CVE-2023-25659] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25659)
+*   Fixes a OOB Read in GRUBlockCellGrad [CVE-2023-25658] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25658)
 
 # Release 2.11.0
 

From 8a9d48690b6251f391521698a1b9c8e849c99ca4 Mon Sep 17 00:00:00 2001
From: learning-to-play <66660475+learning-to-play@users.noreply.github.com>
Date: Mon, 13 Mar 2023 17:21:29 -0700
Subject: [PATCH 3/3] Update RELEASE.md

---
 RELEASE.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/RELEASE.md b/RELEASE.md
index a97d21f37a7f52..8ff21eba50b13f 100644
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -1,5 +1,9 @@
 # Release 2.11.1
- 
+
+**Note**: TensorFlow 2.10 was the last TensorFlow release that supported GPU on native-Windows. Starting with TensorFlow 2.11, you will need to install TensorFlow in WSL2, or install tensorflow-cpu and, optionally, try the TensorFlow-DirectML-Plugin.
+
+This release also introduces several vulnerability fixes:
+
 *   Fixes an FPE in TFLite in conv kernel [CVE-2023-27579] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27579)
 *   Fixes a double free in Fractional(Max/Avg)Pool [CVE-2023-25801] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25801)
 *   Fixes a null dereference on ParallelConcat with XLA [CVE-2023-25676] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25676)