dgit.raspbian.org Git - libuv1.git/commit

author	Dominique Dumont <dod@debian.org>
	Tue, 20 Feb 2024 17:28:54 +0000 (18:28 +0100)
committer	Dominique Dumont <dod@debian.org>
	Tue, 20 Feb 2024 17:28:54 +0000 (18:28 +0100)
commit	47a72a22f86f52ea9eb51a79fb5a9c0753ccb906
tree	72520b58e93ad94f4eae00b2957dcf56c4c3cdec	tree \| snapshot
parent	c184001dc78e53fe01a8169ae653693e7d4b122b	commit \| diff

Fix CVE-2024-24806

Bug: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
Bug-Debian: https://bugs.debian.org/1063484
Origin: https://github.com/libuv/libuv
git diff v1.48.0~5..v1.48.0~2

From upstream change log:
   Merge pull request from GHSA-f74f-cvh7-c6q6
    * fix: always zero-terminate idna output
    * fix: reject zero-length idna inputs
    * test: empty strings are not valid IDNA

See also https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6

Gbp-Pq: Name fix-cve-2024-24806

src/idna.c		diff \| blob \| history
test/test-idna.c		diff \| blob \| history