packages

History

Hirokazu MORIKAWA c0e93ddff3 libuv: fix CVE-2021-22918 idna: fix OOB read in punycode decoder libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii() function which is used to convert strings to ASCII. This is called by the DNS resolution function and can lead to information disclosures or crashes. libuv/libuv@b7466e3 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561 https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/ Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>	2021-07-12 15:13:13 +09:00
..
patches	libuv: fix CVE-2021-22918	2021-07-12 15:13:13 +09:00
Makefile	libuv: fix CVE-2021-22918	2021-07-12 15:13:13 +09:00

Hirokazu MORIKAWA c0e93ddff3 libuv: fix CVE-2021-22918

idna: fix OOB read in punycode decoder

libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii()
function which is used to convert strings to ASCII. This is called by
the DNS resolution function and can lead to information disclosures or
crashes.

libuv/libuv@b7466e3
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

2021-07-12 15:13:13 +09:00

patches

libuv: fix CVE-2021-22918

2021-07-12 15:13:13 +09:00

Makefile

libuv: fix CVE-2021-22918

2021-07-12 15:13:13 +09:00