-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2015-0862 2015-02-19 23:16:17 --------------------------------------------------------------------------------

Name : libuv Product : Fedora EPEL 7 Version : 0.10.34 Release : 1.el7 URL : http://libuv.org/ Summary : Platform layer for node.js Description : libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all platform differences in this library.

-------------------------------------------------------------------------------- Update Information:

# nodejs

* tls: re-add 1024-bit SSL certs removed by f9456a2 (Chris Dickinson)

* timers: don't close interval timers when unrefd (Julien Gilli)

* timers: don't mutate unref list while iterating it (Julien Gilli)

* child_process: check execFile args is an array (Sam Roberts)

* child_process: check fork args is an array (Sam Roberts)

* crypto: update root certificates (Ben Noordhuis)

* domains: fix issues with abort on uncaught (Julien Gilli)

* timers: Avoid linear scan in _unrefActive. (Julien Gilli)

* timers: fix unref() memory leak (Trevor Norris)

* debugger: fix when using "use strict" (Julien Gilli)

# libuv

* linux: fix epoll_pwait() regression with < 2.6.19 (Ben Noordhuis)

* linux: fix epoll_pwait() sigmask size calculation (Ben Noordhuis)

* linux: fix sigmask size arg in epoll_pwait() call (Ben Noordhuis)

* linux: handle O_NONBLOCK != SOCK_NONBLOCK case (Helge Deller)

* doc: update project links (Ben Noordhuis)

* unix: add flag for blocking SIGPROF during poll (Ben Noordhuis)

* unix, windows: add uv_loop_configure() function (Ben Noordhuis)

# v8

* Fix debugger and strict mode regression (Julien Gilli)

* don't busy loop in cpu profiler thread (Ben Noordhuis)

* add api for aborting on uncaught exception (Julien Gilli) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1194651 - CVE-2015-0278 libuv: incorrect revocation order while relinquishing privileges https://bugzilla.redhat.com/show_bug.cgi?id=1194651 --------------------------------------------------------------------------------

This update can be installed with the "yum" update programs. Use su -c 'yum update libuv' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------