| Package | libuv1 |
|---|---|
| Version | 1.24.1-1+deb10u3 (buster) |
| Related CVEs | CVE-2020-8252 |
realpath in libuv incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
For Debian 10 buster, these problems have been fixed in version 1.24.1-1+deb10u3.
We recommend that you upgrade your libuv1 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.