diff mbox series

package/libuv: security bump to version 1.48

Message ID 20240222131628.3479059-1-buildroot@bubu1.eu
State Accepted
Headers show
Series package/libuv: security bump to version 1.48 | expand

Commit Message

Marcus Hoffmann Feb. 22, 2024, 1:16 p.m. UTC 
Fixes: CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 [1]

Release Notes: https://github.com/libuv/libuv/releases/tag/v1.48.0
Full Changelog: https://github.com/libuv/libuv/blob/v1.48.0/ChangeLog

[1]: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6

Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
---
 package/libuv/libuv.hash | 2 +-
 package/libuv/libuv.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

Peter Korsgaard Feb. 24, 2024, 10:13 a.m. UTC | #1 
>>>>> "Marcus" == Marcus Hoffmann via buildroot <buildroot@buildroot.org> writes:

 > Fixes: CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 [1]
 > Release Notes: https://github.com/libuv/libuv/releases/tag/v1.48.0
 > Full Changelog: https://github.com/libuv/libuv/blob/v1.48.0/ChangeLog

 > [1]: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6

 > Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>

Committed, thanks.
Peter Korsgaard March 17, 2024, 12:57 p.m. UTC | #2 
>>>>> "Marcus" == Marcus Hoffmann via buildroot <buildroot@buildroot.org> writes:

 > Fixes: CVE-2024-24806 / GHSA-f74f-cvh7-c6q6 [1]
 > Release Notes: https://github.com/libuv/libuv/releases/tag/v1.48.0
 > Full Changelog: https://github.com/libuv/libuv/blob/v1.48.0/ChangeLog

 > [1]: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6

 > Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>

Committed to 2023.02.x and 2023.11.x, thanks.
diff mbox series

Patch

diff --git a/package/libuv/libuv.hash b/package/libuv/libuv.hash
index 1fd286d9e9..2ca8f64a80 100644
--- a/package/libuv/libuv.hash
+++ b/package/libuv/libuv.hash
@@ -1,4 +1,4 @@ 
 # Locally calculated
-sha256  94f101111ef3209340d7f09c2aa150ddb4feabd2f9d87d47d9f5bded835b8094  libuv-v1.46.0-dist.tar.gz
+sha256  c593139feb9061699fdd2f7fde47bb6c1ca77761ae9ec04f052083f1ef46c13b  libuv-v1.48.0-dist.tar.gz
 sha256  16de0c32b265cb7d46a6d3bd614f259dd4d693a5e26b3407b04aae8d73041f0c  LICENSE
 sha256  262c44bd2cdba037e6d2a82fba15f5800d292bc993a6f5d6b6ea487744d02836  LICENSE-extra
diff --git a/package/libuv/libuv.mk b/package/libuv/libuv.mk
index 76316484e4..5f96e98a98 100644
--- a/package/libuv/libuv.mk
+++ b/package/libuv/libuv.mk
@@ -6,7 +6,7 @@ 
 
 # When bumping libuv, check if a new version of uvw is available
 # and bump it too.
-LIBUV_VERSION = 1.46.0
+LIBUV_VERSION = 1.48.0
 LIBUV_SOURCE = libuv-v$(LIBUV_VERSION)-dist.tar.gz
 LIBUV_SITE = https://dist.libuv.org/dist/v$(LIBUV_VERSION)
 LIBUV_DEPENDENCIES = host-pkgconf