SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-618

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-618

Security update for protobuf

Type: security

Severity: moderate

Issued: 2026-02-24

Description:

This update for protobuf fixes the following issues:i

- CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python json_format.ParseDict (bsc#1257173).

References

CVE: CVE-2026-0994
Bugzilla: 1257173 VUL-0: CVE-2026-0994: protobuf: `max_recursion_depth` limit can be bypassed when parsing nested `google.protobuf.Any` messages and lead to the exhaustion of the Python recursion stack

Packages

protobuf-3.9.2-150200.4.30.1