USN-5490-1: Protocol Buffers vulnerability
21 June 2022
Protocol Buffers could be made to crash if it received specially crafted input.
Releases
Packages
- protobuf - protocol buffers C++ library (development files)
Details
It was discovered that Protocol Buffers did not properly parse certain symbols.
An attacker could possibly use this issue to cause a denial of service or other
unspecified impact.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
libprotoc9v5
-
2.6.1-1.3ubuntu0.1~esm1
Available with Ubuntu Pro
-
libprotobuf-lite9v5
-
2.6.1-1.3ubuntu0.1~esm1
Available with Ubuntu Pro
-
libprotobuf9v5
-
2.6.1-1.3ubuntu0.1~esm1
Available with Ubuntu Pro
-
protobuf-compiler
-
2.6.1-1.3ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.