packages

History

Hirokazu MORIKAWA 790a49c09f libuv: fix CVE-2021-22918 idna: fix OOB read in punycode decoder libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii() function which is used to convert strings to ASCII. This is called by the DNS resolution function and can lead to information disclosures or crashes. `b7466e31e4` https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561 https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/ Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>	2021-07-06 14:02:43 +09:00
..
CVE-2021-22918.patch	libuv: fix CVE-2021-22918	2021-07-06 14:02:43 +09:00

Hirokazu MORIKAWA 790a49c09f libuv: fix CVE-2021-22918

idna: fix OOB read in punycode decoder

libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii()
function which is used to convert strings to ASCII. This is called by
the DNS resolution function and can lead to information disclosures or
crashes.

b7466e31e4
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

2021-07-06 14:02:43 +09:00

CVE-2021-22918.patch libuv: fix CVE-2021-22918 2021-07-06 14:02:43 +09:00