1.0 and CVEs
43 views
Skip to first unread message
Olivier
Nov 7, 2024, 10:12:01 AM11/7/24
to ScalaPB
Hello
I see that 1.0.0 alpha fixes a lot of CVEs.
I have two questions:
- do you have an idea on when you will be able to release the non-alpha version ?
- do you plan to backport some CVEs fixes to 0.11 ? I'm thinking mainly about CVE-2024-7254 (which could be fixed while remaining on protobuf 3)t
Thank you !
Marcin Micek
Feb 14, 2025, 4:35:44 AMFeb 14
to ScalaPB
Hello,
v1.0.0-alpha.1 through bumping protobuf-java to 4.28.2 solves one of the vulnerabilities in our repository. However, we are waiting for the stable version.
Is there any plan on when the full release 1.0.0 could be available?
Thank you so much!
v1.0.0-alpha.1 through bumping protobuf-java to 4.28.2 solves one of the vulnerabilities in our repository. However, we are waiting for the stable version.
Is there any plan on when the full release 1.0.0 could be available?
Thank you so much!
yazgoo
Mar 6, 2025, 6:11:57 AMMar 6
to Marcin Micek, ScalaPB
Hi Marcin,
It looks like the mailing list is not used anymore.--
You received this message because you are subscribed to a topic in the Google Groups "ScalaPB" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/scalapb/Bl0PDKBu2QM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to scalapb+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/scalapb/360dde50-a68c-4ba0-b36e-40dfe4971d00n%40googlegroups.com.
Marcin Micek
Mar 6, 2025, 6:27:13 AMMar 6
to yazgoo, ScalaPB
Hi there!
Yes, it seems so. According to the contact page, we can also try on ScalaPB Gitter channel or on Stack Overflow, tagging it
with "scalapb".
yazgoo
Mar 6, 2025, 7:34:37 AMMar 6
to Marcin Micek, ScalaPB
I tried gitter a while ago with no success.
I also just created a ticket on github https://github.com/scalapb/ScalaPB/issues/1832
Reply all
Reply to author
Forward
0 new messages