CVE-2022-48468: protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. Fix, in 1.4.1: https://github.com/protobuf-c/protobuf-c/commit/ec3d900001a13ccdaa8aef996b34c61159c76217
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18f7c3dc5579906aceb8ba0426c9d913519709e9 commit 18f7c3dc5579906aceb8ba0426c9d913519709e9 Author: Hans de Graaff <graaff@gentoo.org> AuthorDate: 2023-10-02 16:52:43 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-10-02 16:53:27 +0000 dev-libs/protobuf-c: drop 1.4.0-r1 Bug: https://bugs.gentoo.org/904423 Signed-off-by: Hans de Graaff <graaff@gentoo.org> dev-libs/protobuf-c/Manifest | 1 - dev-libs/protobuf-c/protobuf-c-1.4.0-r1.ebuild | 53 -------------------------- 2 files changed, 54 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=a0da025e092e7afa71e7f4671f3b1868819a61da commit a0da025e092e7afa71e7f4671f3b1868819a61da Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-08-12 09:21:36 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-08-12 09:21:52 +0000 [ GLSA 202408-33 ] protobuf-c: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/856043 Bug: https://bugs.gentoo.org/904423 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202408-33.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+)
