openwrt-packages

History

Hirokazu MORIKAWA 02a982bc10 libuv: fix CVE-2024-24806 Update to 1.48.0 CVE-2024-24806 : Improper Domain Lookup that potentially leads to SSRF attacks Vulnerabilities fixed * CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 0f2d7e7, 3530bcc and e0327e1 Notable Changes * linux: disable io_uring on ppc64 and ppc64le #4285 * linux: disable io_uring on hppa below kernel 6.1.51 #4224 * win/spawn: optionally run executable paths with no file extension #4292 (We recommend that most users consider setting this by default) Important Bugs Fixed * unix,win: fix busy loop with zero timeout timers #4250, #4304. Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>	2024-02-20 13:46:50 +08:00
..
Makefile	libuv: fix CVE-2024-24806	2024-02-20 13:46:50 +08:00

Hirokazu MORIKAWA 02a982bc10 libuv: fix CVE-2024-24806

Update to 1.48.0
CVE-2024-24806 : Improper Domain Lookup that potentially leads to SSRF attacks

Vulnerabilities fixed
* CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 0f2d7e7, 3530bcc and e0327e1
Notable Changes
* linux: disable io_uring on ppc64 and ppc64le #4285
* linux: disable io_uring on hppa below kernel 6.1.51 #4224
* win/spawn: optionally run executable paths with no file extension #4292 (We recommend that most users consider setting this by default)
Important Bugs Fixed
* unix,win: fix busy loop with zero timeout timers #4250, #4304.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

2024-02-20 13:46:50 +08:00

Makefile

libuv: fix CVE-2024-24806

2024-02-20 13:46:50 +08:00