Release date:
2025-11-05 17:31:54 UTC
Description:
- CVE-2024-24806: fix issue where uv_getaddrinfo function truncates hostnames,
potentially allowing crafted payloads to resolve to unintended IP addresses,
by handling hostname_ascii variable properly in uv_getaddrinfo and
uv__idna_toascii functions
Updated packages:
-
libuv-1.42.0-1.el9.tuxcare.els1.i686.rpm
sha:5ac85580fc301137465a2c3a6fc0e6b32d7feb7eb868c32888164dd92b046389
-
libuv-1.42.0-1.el9.tuxcare.els1.x86_64.rpm
sha:aa1838880751c7577d423146e320131a903a9cee208a0eafc1b312e99e03c7f5
-
libuv-devel-1.42.0-1.el9.tuxcare.els1.i686.rpm
sha:3335b16c11a74af4e7f2076f06dda3c0acc3f88bae68aa30091b170ac21a37fe
-
libuv-devel-1.42.0-1.el9.tuxcare.els1.x86_64.rpm
sha:e9d54e9434468ed507fdb8f91245d16f66dc428bed154cfa3c25e9588e2370a1
-
libuv-static-1.42.0-1.el9.tuxcare.els1.x86_64.rpm
sha:c226e71ed0475c86cf37f1a9af67e7c605fdff3644d8a2c53a41d71d9d311e03
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
