UbuntuUpdates.org

Package "protobuf"

Name: protobuf

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Java bindings for protocol buffers
  • compiler for protocol buffer definition files
  • Python bindings for protocol buffers

Latest version: 3.0.0-9.1ubuntu1.1
Release: bionic (18.04)
Level: updates
Repository: universe

Links



Other versions of "protobuf" in Bionic

Repository Area Version
base universe 3.0.0-9.1ubuntu1
base main 3.0.0-9.1ubuntu1
security main 3.0.0-9.1ubuntu1.1
security universe 3.0.0-9.1ubuntu1.1
updates main 3.0.0-9.1ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.0.0-9.1ubuntu1.1 2023-03-14 05:06:55 UTC

  protobuf (3.0.0-9.1ubuntu1.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Null pointer dereference issue
    - debian/patches/CVE-2021-22570.patch: fix null pointer dereference
    - CVE-2021-22570
  * SECURITY UPDATE: Dos vulnerability in cpp and python parser
    - debian/patches/CVE-2022-1941.patch: fix parsing vulnerability for the
      MessageSet type
    - CVE-2022-1941

 -- Nishit Majithia <email address hidden> Thu, 09 Mar 2023 14:14:21 +0530

CVE-2021-22570 Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file
CVE-2022-1941 A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.2



About   -   Send Feedback to @ubuntu_updates