Remediate CVE-2020-26243 by updating to nanopb 0.3.9.7 or higher

### [REQUIRED] Step 1: Describe your environment

  * Xcode version: 12.0
  * Firebase SDK version: 7.2.0
  * Installation method: CocoaPods
  * Firebase Component: nanopb

### [REQUIRED] Step 2: Describe the problem
[CVE-2020-26243](https://bugzilla.redhat.com/show_bug.cgi?id=1902065) "nanopb: oneof fields with PB_ENABLE_MALLOC can leak memory" was reported on Nov. 11 and [fixed on Nov. 26](https://github.com/nanopb/nanopb/issues/615) upstream in 0.3.9.7.

#### Steps to reproduce: 
- Install Firebase 7.2.0
- Observe that Google's mirror of nanopb uses 2.30906.0 (which equates to nanopb 0.3.9.6)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Remediate CVE-2020-26243 by updating to nanopb 0.3.9.7 or higher #7090

[REQUIRED] Step 1: Describe your environment

[REQUIRED] Step 2: Describe the problem

Steps to reproduce:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Remediate CVE-2020-26243 by updating to nanopb 0.3.9.7 or higher #7090

Description

[REQUIRED] Step 1: Describe your environment

[REQUIRED] Step 2: Describe the problem

Steps to reproduce:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions