Package: libv8-3.14-dev
Severity: normal


It's not so clear that the recent workaround for REPLACE_INVALID_UTF8 is
such a good idea. In general, this sort of thing has the potential to lead
to security problems.

nodejs themselves manually patched their bundeled version of v8 specifically 
for this bug, see:

which points to:

We should probably import this, instead of the current "fix".


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.0.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libv8-3.14-dev depends on:
ii  libv8-3.14.5

libv8-3.14-dev recommends no packages.

libv8-3.14-dev suggests no packages.

-- no debconf information

Pkg-javascript-devel mailing list

Reply via email to