UbuntuUpdates.org

Package "libuv1"

Name: libuv1

Description:

asynchronous event notification library - runtime library

Latest version: 1.34.2-1ubuntu1.1
Release: focal (20.04)
Level: security
Repository: main
Homepage: https://github.com/libuv/libuv

Links


Download "libuv1"


Other versions of "libuv1" in Focal

Repository Area Version
base main 1.34.2-1ubuntu1
updates main 1.34.2-1ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.34.2-1ubuntu1.1 2020-09-28 16:06:22 UTC

  libuv1 (1.34.2-1ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2020-8252.patch: fix buffer overruns when
      processing very long paths in uv_fs_readlink() in src/unix/internal.h.
    - CVE-2020-8252

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 25 Sep 2020 10:37:02 -0300

CVE-2020-8252 The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can resul



About   -   Send Feedback to @ubuntu_updates