Backport fix for CVE-2022-23593 to 2.7.x release?

Noticed that the fix for NVD - CVE-2022-23593 is only available in 2.8.0 and the last sentence attached to the CVE is little confusing:

The fix will be included in TensorFlow 2.8.0. This is the only affected version.

Does it mean 2.7.x don’t have this issue?
If yes, do we have plan to backport the fix to 2.7.x?


The problem only existed in TF 2.8.0. Hence there is no need to back port the fix in lower versions. Thank you.