CVE-2015-5237

Priority
Description
protobuf allows remote authenticated attackers to cause a heap-based buffer
overflow.
Notes
 sarnold> No fix as of 2015-08-27, since the message parsing limit defaults
  to 64 megabytes a software author would have to change the limit in order
  to handle larger messages anyway, and is thus unlikely to generate these
  messages in the short-term. (There is no actual limit on generation, so
  this might be an issue today -- it is just not a priority for the
  maintainer.)
Package
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was deferred [2015-08-27])
Ubuntu 14.04 LTS (Trusty Tahr):deferred (2015-08-27)
Ubuntu 16.04 LTS (Xenial Xerus):deferred (2015-08-27)
Ubuntu 18.04 LTS (Bionic Beaver):deferred (2015-08-27)
Ubuntu 18.10 (Cosmic Cuttlefish):deferred (2015-08-27)
Ubuntu 19.04 (Disco Dingo):deferred (2015-08-27)
More Information

Updated: 2019-01-14 21:17:24 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)