Backport request

[claytonparnell]

Hello, I checked repo but don't see any process available for backporting fixes to previous minor versions. There was recently a fix (#20751) for a public GHSA (GHSA-48g7-3x6r-xfhp), But the fix was only applied in a new minor version 3.9, leaving 3.(0-8) still vulnerable.
Is there any process for backporting a fix to previous minor versions? I am happy to help raise PR adding the fix to version tags, but not sure the best way to do this and to drive new patch releases for these versions.

Thanks!

[claytonparnell]

@sachinprasadhs can I get some support on this this week? Thank you!

[claytonparnell]

@sonali-kumari1 @sachinprasadhs can you help with this?

[JyotinderSingh]

Hi @claytonparnell, backporting fixes is a fairly manual process and presently the keras team does not actively maintain older minor versions of the library. Unfortunately, we don't have a backporting guide yet that we can point you to either.

Could you help us understand why your use-case requires you to stick to an older version of the library? We would ideally want people to use the latest version available.

[github-actions]

This issue is stale because it has been open for 14 days with no activity. It will be closed if no further activity occurs. Thank you.

[github-actions]

This issue was closed because it has been inactive for 28 days. Please reopen if you'd like to work on this further.

[google-ml-butler]

Are you satisfied with the resolution of your issue?
Yes
No