Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Fedora 31: libuv Update FEDORA-2020-3838c8ea98 Critical Buffer Overflow

fedora
Calendar Grey February 8, 2020
Dist Fedora Esm H88
Learn how to update libuv on Fedora 31 for Node.js 12.15.0. Follow key steps to verify versions, update packages, and ensure security fixes are applied.
Update to Node.js 12.15.0

Summary

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on

Windows and libev on Unix systems. We intend to eventually contain all platform

differences in this library.

Update to Node.js 12.15.0

* Thu Feb 6 2020 Stephen Gallagher - 1.34.2-1

- Update to 1.34.2

- https://github.com/libuv/libuv/blob/v1.34.2/ChangeLog

* Wed Jan 29 2020 Fedora Release Engineering - 1:1.34.1-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Mon Jan 13 2020 Stephen Gallagher - 1.34.1-1

- Update to 1.34.1

- https://github.com/libuv/libuv/blob/v1.34.1/ChangeLog

* Fri Dec 6 2019 Stephen Gallagher - 1.34.0-1

- Update to 1.34.0

- https://github.com/libuv/libuv/blob/v1.34.0/ChangeLog

* Mon Dec 2 2019 Stephen Gallagher - 1.33.1-1

- Update to 1.33.1

- Drop upstreamed patch

- https://github.com/libuv/libuv/blob/v1.33.1/ChangeLog

* Mon Oct 21 2019 Stephen Gallagher - 1.33.0-2

- Add upstream patch to fix aarch64 builds

* Fri Oct 18 2019 Stephen Gallagher - 1.33.0-1

- Update to 1.33.0

- https://github.com/libuv/libuv/blob/v1.33.0/ChangeLog

[ 1 ] Bug #1800364 - CVE-2019-15605 nodejs: HTTP request smuggling using malformed Transfer-Encoding header

https://bugzilla.redhat.com/show_bug.cgi?id=1800364

su -c 'dnf upgrade --advisory FEDORA-2020-3838c8ea98' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory update buffer overflow Fedora software patch nodejs libuv

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 31
Version: 1.34.2
Release: 1.fc31
URL: https://libuv.org/
Summary: Platform layer for node.js

Topics%20covered

Topics Covered

security advisory update buffer overflow Fedora software patch nodejs libuv

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here