-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-20578 2012-12-18 21:17:35 --------------------------------------------------------------------------------
Name : v8 Product : Fedora 18 Version : 3.14.5.8 Release : 1.fc18 URL : http://code.google.com/p/v8 Summary : JavaScript Engine Description : V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. -------------------------------------------------------------------------------- Update Information: Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 22 2013 T.C. Hollingsworth <[email protected]> - 1:3.14.5.8-1 - new upstream release 3.14.5.8 - backport security fix for remote DoS via crafted javascript (RHBZ#924495; CVE-2013-2632) * Mon Mar 11 2013 Stephen Gallagher <[email protected]> - 1:3.14.5.7-3 - Update to v8 3.14.5.7 for Node.js 0.10.0 * Sat Jan 26 2013 T.C. Hollingsworth <[email protected]> - 1:3.13.7.5-2 - rebuild for icu-50 - ignore new GCC 4.8 warning * Tue Dec 4 2012 Tom Callaway <[email protected]> - 1:3.13.7.5-1 - update to 3.13.7.5 (needed for chromium 23) - Resolves multiple security issues (CVE-2012-5120, CVE-2012-5128) - d8 is now using a static libv8, resolves bz 881973) -------------------------------------------------------------------------------- References: [ 1 ] Bug #896266 - CVE-2012-5153 v8: DoS due to crafted JavaScript code that causes out-of-bounds access to stack memory https://bugzilla.redhat.com/show_bug.cgi?id=896266 [ 2 ] Bug #896272 - CVE-2013-0836 v8: DoS due to improperly implemented garbage collection https://bugzilla.redhat.com/show_bug.cgi?id=896272 [ 3 ] Bug #924495 - CVE-2013-2632 v8: remote DoS via crafted javascript https://bugzilla.redhat.com/show_bug.cgi?id=924495 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update v8' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
