Mangelnde Rechteprüfung in nodejs
ID: | FEDORA-2015-2313 |
Distribution: | Fedora |
Plattformen: | Fedora 21 |
Datum: | Sa, 28. Februar 2015, 16:44 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0278 |
Applikationen: | node.js |
Originalnachricht |
|
Name : nodejs Product : Fedora 21 Version : 0.10.36 Release : 3.fc21 URL : http://nodejs.org/ Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. -------------------------------------------------------------------------------- Update Information: # nodejs * tls: re-add 1024-bit SSL certs removed by f9456a2 (Chris Dickinson) * timers: don't close interval timers when unrefd (Julien Gilli) * timers: don't mutate unref list while iterating it (Julien Gilli) * child_process: check execFile args is an array (Sam Roberts) * child_process: check fork args is an array (Sam Roberts) * crypto: update root certificates (Ben Noordhuis) * domains: fix issues with abort on uncaught (Julien Gilli) * timers: Avoid linear scan in _unrefActive. (Julien Gilli) * timers: fix unref() memory leak (Trevor Norris) * debugger: fix when using "use strict" (Julien Gilli) # libuv * linux: fix epoll_pwait() regression with < 2.6.19 (Ben Noordhuis) * linux: fix epoll_pwait() sigmask size calculation (Ben Noordhuis) * linux: fix sigmask size arg in epoll_pwait() call (Ben Noordhuis) * linux: handle O_NONBLOCK != SOCK_NONBLOCK case (Helge Deller) * doc: update project links (Ben Noordhuis) * unix: add flag for blocking SIGPROF during poll (Ben Noordhuis) * unix, windows: add uv_loop_configure() function (Ben Noordhuis) # v8 * Fix debugger and strict mode regression (Julien Gilli) * don't busy loop in cpu profiler thread (Ben Noordhuis) * add api for aborting on uncaught exception (Julien Gilli) -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 24 2015 T.C. Hollingsworth |