-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FR: Update nanopb because of security finding #5191
Comments
@karlkaminski Thanks for the report. Our nanopb migration is currently pending migrating the Firestore gRPC dependency from a nanopb-dependent version. See #4312. Once that happens, we'll move the Firebase nanopb version forward. |
@tereznikov We don't make commitments about future releases, but will work on the nanopb update in the next month or two." |
Now that #4312 has landed, I'm going to pick up the nanopb update project again and try to get it into the next release. |
Feature proposal
In our project we use whitesources to find security issues in the code.
We got an security finding in the nanopb library in the newest firebase 6.21.0
https://nvd.nist.gov/vuln/detail/CVE-2020-5235
Could you please update to a nanopb version that fixed this security issue?
Thank you
The text was updated successfully, but these errors were encountered: