SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3922

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3922

Security update for protobuf

Type: security

Severity: important

Issued: 2022-11-09

Description:

This update for protobuf fixes the following issues:

- CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing procedure for binary data (bsc#1194530).
- CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and protobuf-python (bsc#1203681)
- CVE-2022-3171: Fix a potential DoS issue when parsing with binary data in protobuf-java (bsc#1204256)

References

Packages

protobuf-3.9.2-150200.4.19.2