Message ID | 20240222131628.3479059-1-buildroot@bubu1.eu |
---|---|
State | Accepted |
Headers | show |
Series | package/libuv: security bump to version 1.48 | expand |
>>>>> "Marcus" == Marcus Hoffmann via buildroot <buildroot@buildroot.org> writes: > Fixes: CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 [1] > Release Notes: https://github.com/libuv/libuv/releases/tag/v1.48.0 > Full Changelog: https://github.com/libuv/libuv/blob/v1.48.0/ChangeLog > [1]: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 > Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu> Committed, thanks.
>>>>> "Marcus" == Marcus Hoffmann via buildroot <buildroot@buildroot.org> writes: > Fixes: CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 [1] > Release Notes: https://github.com/libuv/libuv/releases/tag/v1.48.0 > Full Changelog: https://github.com/libuv/libuv/blob/v1.48.0/ChangeLog > [1]: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 > Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu> Committed to 2023.02.x and 2023.11.x, thanks.
diff --git a/package/libuv/libuv.hash b/package/libuv/libuv.hash index 1fd286d9e9..2ca8f64a80 100644 --- a/package/libuv/libuv.hash +++ b/package/libuv/libuv.hash @@ -1,4 +1,4 @@ # Locally calculated -sha256 94f101111ef3209340d7f09c2aa150ddb4feabd2f9d87d47d9f5bded835b8094 libuv-v1.46.0-dist.tar.gz +sha256 c593139feb9061699fdd2f7fde47bb6c1ca77761ae9ec04f052083f1ef46c13b libuv-v1.48.0-dist.tar.gz sha256 16de0c32b265cb7d46a6d3bd614f259dd4d693a5e26b3407b04aae8d73041f0c LICENSE sha256 262c44bd2cdba037e6d2a82fba15f5800d292bc993a6f5d6b6ea487744d02836 LICENSE-extra diff --git a/package/libuv/libuv.mk b/package/libuv/libuv.mk index 76316484e4..5f96e98a98 100644 --- a/package/libuv/libuv.mk +++ b/package/libuv/libuv.mk @@ -6,7 +6,7 @@ # When bumping libuv, check if a new version of uvw is available # and bump it too. -LIBUV_VERSION = 1.46.0 +LIBUV_VERSION = 1.48.0 LIBUV_SOURCE = libuv-v$(LIBUV_VERSION)-dist.tar.gz LIBUV_SITE = https://dist.libuv.org/dist/v$(LIBUV_VERSION) LIBUV_DEPENDENCIES = host-pkgconf
Fixes: CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 [1] Release Notes: https://github.com/libuv/libuv/releases/tag/v1.48.0 Full Changelog: https://github.com/libuv/libuv/blob/v1.48.0/ChangeLog [1]: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu> --- package/libuv/libuv.hash | 2 +- package/libuv/libuv.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)