Patch Releases for CVE-2023-4785, covering gRPC Core, C++, Python, and Ruby

312 views
Skip to first unread message

AJ Heller

unread,
Sep 19, 2023, 10:57:47 AM9/19/23
to grpc.io
Patched versions of the affected gRPC libraries have been released to address CVE-2023-4785. Please deploy patched libraries if all of the following apply to you:

 * You are using gRPC C++, Python, or Ruby.
 * You are running a gRPC Server in one of those languages.
 * You are using an unpatched version of the gRPC library.

The following set of releases contain the fix:

 * 1.57.0 and later: https://github.com/grpc/grpc/releases/tag/v1.57.0
 * 1.56.2: https://github.com/grpc/grpc/releases/tag/v1.56.2
 * 1.55.3: https://github.com/grpc/grpc/releases/tag/v1.55.3
 * 1.54.3: https://github.com/grpc/grpc/releases/tag/v1.54.3
 * 1.53.2: https://github.com/grpc/grpc/releases/tag/v1.53.2

Best regards,
-aj


--

AJ Heller
Software Engineer

ho...@google.com

Reply all
Reply to author
Forward
0 new messages