Information on source package protobuf

Available versions

ReleaseVersion
buster3.6.1.3-2
buster (security)3.6.1.3-2+deb10u1
bullseye3.12.4-1+deb11u1
bookworm3.21.12-3
trixie3.21.12-8
sid3.21.12-8.2

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2022-3510vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA parsing issue similar to CVE-2022-3171, but with Message-Type Extens ...
CVE-2022-3509vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA parsing issue similar to CVE-2022-3171, but with textformat in proto ...
CVE-2022-3171vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedA parsing issue with binary data in protobuf-java core and lite versio ...

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2015-5237vulnerablevulnerablevulnerablevulnerablevulnerableprotobuf allows remote authenticated attackers to cause a heap-based b ...

Resolved issues

BugDescription
CVE-2022-1941A parsing vulnerability for the MessageSet type in the ProtocolBuffers ...
CVE-2021-22570Nullptr dereference when a null char is present in a proto symbol. The ...
CVE-2021-22569An issue in protobuf-java allowed the interleaving of com.google.proto ...

Security announcements

DSA / DLADescription
DLA-3393-1protobuf - security update

Search for package or bug name: Reporting problems