CVE-2015-5237

Priority
Description
protobuf allows remote authenticated attackers to cause a heap-based buffer
overflow.
Notes
 sarnold> No fix as of 2015-08-27, since the message parsing limit defaults
  to 64 megabytes a software author would have to change the limit in order
  to handle larger messages anyway, and is thus unlikely to generate these
  messages in the short-term. (There is no actual limit on generation, so
  this might be an issue today -- it is just not a priority for the
  maintainer.)
Package
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was deferred [2015-08-27])
Ubuntu 14.04 ESM (Trusty Tahr):deferred ([2015-08-27])
Ubuntu 16.04 LTS (Xenial Xerus):deferred (2015-08-27)
Ubuntu 18.04 LTS (Bionic Beaver):deferred (2015-08-27)
Ubuntu 18.10 (Cosmic Cuttlefish):deferred (2015-08-27)
Ubuntu 19.04 (Disco Dingo):deferred (2015-08-27)
Ubuntu 19.10 (Eoan):deferred (2015-08-27)
More Information

Updated: 2019-05-15 17:14:46 UTC (commit 2d71aefac924bf16479c12958688c37878e881eb)