libuv: fix CVE-2024-24806

Update to 1.48.0 CVE-2024-24806 : Improper Domain Lookup that potentially leads to SSRF attacks Vulnerabilities fixed * CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 0f2d7e7, 3530bcc and e0327e1 Notable Changes * linux: disable io_uring on ppc64 and ppc64le #4285 * linux: disable io_uring on hppa below kernel 6.1.51 #4224 * win/spawn: optionally run executable paths with no file extension #4292 (We recommend that most users consider setting this by default) Important Bugs Fixed * unix,win: fix busy loop with zero timeout timers #4250, #4304. Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
2024-02-16 18:33:14 +09:00 · 2024-02-16 18:33:14 +09:00 · 02a982bc10
parent 6818154a61
commit 02a982bc10
1 changed files with 3 additions and 3 deletions
--- a/libs/libuv/Makefile
+++ b/libs/libuv/Makefile
@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=libuv
-PKG_VERSION:=1.45.0
+PKG_VERSION:=1.48.0
 PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://dist.libuv.org/dist/v$(PKG_VERSION)/
-PKG_HASH:=f5b07f65a1e8166e47983a7ed1f42fae0bee08f7458142170c37332fc676a748
+PKG_SOURCE_URL:=https://dist.libuv.org/dist/v$(PKG_VERSION)/
+PKG_HASH:=7f1db8ac368d89d1baf163bac1ea5fe5120697a73910c8ae6b2fffb3551d59fb
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION)

 PKG_MAINTAINER:=Marko Ratkaj <markoratkaj@gmail.com>