-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remediate CVE-2020-26243 by updating to nanopb 0.3.9.7 or higher #7090
Comments
I found a few problems with this issue:
|
@jszumski Thanks for the report. I'll work on it later this month. |
Merged
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
[REQUIRED] Step 1: Describe your environment
[REQUIRED] Step 2: Describe the problem
CVE-2020-26243 "nanopb: oneof fields with PB_ENABLE_MALLOC can leak memory" was reported on Nov. 11 and fixed on Nov. 26 upstream in 0.3.9.7.
Steps to reproduce:
The text was updated successfully, but these errors were encountered: