Bug 14412

Summary:	[CVE 21] libuv 1.44 CVE found
Product:	[ROSA-based products] ROSA Fresh	Reporter:	Arsenii <a.konovalov>
Component:	Contributed Packages	Assignee:	ROSA Linux Bugs <bugs>
Status:	VERIFIED FIXED	QA Contact:	ROSA Linux Bugs <bugs>
Severity:	major
Priority:	Normal	CC:	a.proklov, pastordidi, v.potapov
Version:	All	Flags:	v.potapov: qa_verified+ a.konovalov: secteam_verified? a.proklov: published+
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:
Platform:	2021.1	ROSA Vulnerability identifier:
RPM Package:		ISO-related:
Bad POT generating:		Upstream:

Description Arsenii 2024-04-11 12:46:55 MSK

https://nvd.nist.gov/vuln/detail/CVE-2024-24806 HIGH

Comment 1 Aleksandr Proklov 2024-04-12 02:57:05 MSK

закрыто патчем

libuv	1.44.2-2

https://abf.io/build_lists/5019607 х64
https://abf.io/build_lists/5019608
https://abf.io/build_lists/5019609
https://abf.io/build_lists/5019610
https://abf.io/build_lists/5019611

Comment 2 Dmitry Postnikov 2024-04-15 20:39:13 MSK

*******************************
Обновление опубликовано в Тестинг

Comment 3 Vladimir Potapov 2024-04-24 16:08:34 MSK

libuv-1.44.2-2
https://abf.io/build_lists/5019607 х64
https://abf.io/build_lists/5019608
https://abf.io/build_lists/5019609
https://abf.io/build_lists/5019610
https://abf.io/build_lists/5019611
**************************** Advisory *************************
CVE fix by patch
***************************************************************
QA Verified