mirror of
https://github.com/openwrt/packages.git
synced 2025-12-24 08:28:20 +04:00
790a49c09f
idna: fix OOB read in punycode decoder
libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii()
function which is used to convert strings to ASCII. This is called by
the DNS resolution function and can lead to information disclosures or
crashes.
b7466e31e4
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>