[YUNIKORN-2469] Upgrade google.golang.org/protobuf to v1.33.0 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.5.0
Component/s: core - common, release, shim - kubernetes
Labels:
- pull-request-available

Target Version:

1.5.0

Description

Fix for CVE-2024-24786.

Version v1.33.0 of the google.golang.org/protobuf module fixes a bug in the google.golang.org/protobuf/encoding/protojson package which could cause the Unmarshal function to enter an infinite loop when handling some invalid inputs.

Attachments

Issue Links

is a parent of

YUNIKORN-2489 Upgrade google.golang.org/protobuf to v1.33.0

Resolved

links to

GitHub Pull Request #175

GitHub Pull Request #798

GitHub Pull Request #819

Activity

People

Assignee:: Craig Condit

Reporter:: Craig Condit

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Mar/24 21:23

Updated:: 20/Mar/24 14:32

Resolved:: 05/Mar/24 22:58