Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 18 Update: v8-3.14.5.10-2.fc18
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Thursday 15th August 2013 03:02:47 UTC (over 3 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-14205
2013-08-03 22:45:53
--------------------------------------------------------------------------------

Name        : v8
Product     : Fedora 18
Version     : 3.14.5.10
Release     : 2.fc18
URL         : http://code.google.com/p/v8
Summary     : JavaScript Engine
Description :
V8 is Google's open source JavaScript engine. V8 is written in C++ and is
used
in Google Chrome, the open source browser from Google. V8 implements
ECMAScript
as specified in ECMA-262, 3rd edition.

--------------------------------------------------------------------------------
Update Information:

This update fixes an issue with Google V8, as used in Google Chrome before
28.0.1500.95, which allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors that leverage "type confusion."

Please note that this issue's impact on Node.js is somewhat lessened since
it
does not typically execute JavaScript from foreign sources.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2013 T.C. Hollingsworth  -
1:3.14.5.10-2
- backport fix for remote DoS or unspecified other impact via type
confusion
  (RHBZ#991116; CVE-2013-2882)
* Wed May 29 2013 T.C. Hollingsworth  -
1:3.14.5.10-1
- new upstream release 3.14.5.10
* Mon May  6 2013 Stanislav Ochotnicky  -
1:3.14.5.8-2
- Fix ownership of include directory (#958729)
* Fri Mar 22 2013 T.C. Hollingsworth  -
1:3.14.5.8-1
- new upstream release 3.14.5.8
- backport security fix for remote DoS via crafted javascript (RHBZ#924495;
CVE-2013-2632)
* Mon Mar 11 2013 Stephen Gallagher  - 1:3.14.5.7-3
- Update to v8 3.14.5.7 for Node.js 0.10.0
* Sat Jan 26 2013 T.C. Hollingsworth  -
1:3.13.7.5-2
- rebuild for icu-50
- ignore new GCC 4.8 warning
* Tue Dec  4 2012 Tom Callaway  - 1:3.13.7.5-1
- update to 3.13.7.5 (needed for chromium 23)
- Resolves multiple security issues (CVE-2012-5120, CVE-2012-5128)
- d8 is now using a static libv8, resolves bz 881973)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #991116 - CVE-2013-2882 v8: remote DoS or unspecified other
impact via type confusion
        https://bugzilla.redhat.com/show_bug.cgi?id=991116
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update v8' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms