Update module google.golang.org/protobuf to v1.33.0
requested to merge gitlab-renovate-forks/gitlab-shell:renovate/google.golang.org-protobuf-1.x into main
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
google.golang.org/protobuf | require | minor |
v1.32.0 -> v1.33.0
|
MR created with the help of gitlab-org/frontend/renovate-gitlab-bot
Release Notes
protocolbuffers/protobuf-go
v1.33.0
This release contains one security fix:
-
encoding/protojson
:Unmarshal
could enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains agoogle.protobuf.Any
value, or when theUnmarshalOptions.DiscardUnknown
option is set.Unmarshal
now correctly returns an error when handling these inputs. This is CVE-2024-24786.
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.