drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in nodejs
| Name: |
Mehrere Probleme in nodejs |
|
| ID: |
FEDORA-2014-11132 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 21 |
|
| Datum: |
So, 28. September 2014, 00:25 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6668 |
|
| Applikationen: |
node.js |
|
Originalnachricht |
Name : nodejs
Product : Fedora 21
Version : 0.10.32
Release : 1.fc21
URL : http://nodejs.org/
Summary : JavaScript runtime
Description :
Node.js is a platform built on Chrome's JavaScript runtime
for easily building fast, scalable network applications.
Node.js uses an event-driven, non-blocking I/O model that
makes it lightweight and efficient, perfect for data-intensive
real-time applications that run across distributed devices.
-------------------------------------------------------------------------------
-
Update Information:
This update provides the latest stable version of Node.js and corresponding
backports to the v8 package.
This update resolves CVE-2013-6668, which has only a minor impact since Node.js
is not typically used to execute untrusted JavaScript. For more information on the fixed vulnerability, please see the CVE bugs listed below.
Changes in this update include:
* v8: fix a crash introduced by previous release (Fedor Indutny)
* crypto: use domains for any callback-taking method (Chris Dickinson)
* http: do not send `0rnrn` in TE HEAD responses (Fedor Indutny)
* querystring: fix unescape override (Tristan Berger)
* url: Add support for RFC 3490 separators (Mathias Bynens)
* v8: backport CVE-2013-6668
* cluster: disconnect should not be synchronous (Sam Roberts)
* fs: fix fs.readFileSync fd leak when get RangeError (Jackson Tian)
* stream: fix Readable.wrap objectMode falsy values (James Halliday)
* timers: fix timers with non-integer delay hanging. (Julien Gilli)
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1074737 - CVE-2013-6668 v8: multiple vulnerabilities fixed in
Google Chrome version 33.0.1750.146
https://bugzilla.redhat.com/show_bug.cgi?id=1074737
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update nodejs' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
