[
https://issues.apache.org/jira/browse/YUNIKORN-2469?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wilfred Spiegelenburg updated YUNIKORN-2469:
--------------------------------------------
Description:
Fix for CVE-2024-24786.
Version v1.33.0 of the
[google.golang.org/protobuf|http://google.golang.org/protobuf] module fixes a
bug in the
[google.golang.org/protobuf/encoding/protojson|https://pkg.go.dev/google.golang.org/protobuf/encoding/protojson]
package which could cause the Unmarshal function to enter an infinite loop
when handling some invalid inputs.
> Upgrade google.golang.org/protobuf to v1.33.0
> ---------------------------------------------
>
> Key: YUNIKORN-2469
> URL: https://issues.apache.org/jira/browse/YUNIKORN-2469
> Project: Apache YuniKorn
> Issue Type: Task
> Components: core - common, release, shim - kubernetes
> Reporter: Craig Condit
> Assignee: Craig Condit
> Priority: Critical
> Labels: pull-request-available
> Fix For: 1.5.0
>
>
> Fix for CVE-2024-24786.
> Version v1.33.0 of the
> [google.golang.org/protobuf|http://google.golang.org/protobuf] module fixes a
> bug in the
> [google.golang.org/protobuf/encoding/protojson|https://pkg.go.dev/google.golang.org/protobuf/encoding/protojson]
> package which could cause the Unmarshal function to enter an infinite loop
> when handling some invalid inputs.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
