[SECURITY] Fedora 18 Update: libuv-0.10.3-1.fc18

updates at fedoraproject.org updates at fedoraproject.org
Fri Apr 5 23:03:21 UTC 2013 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-20578
2012-12-18 21:17:35
--------------------------------------------------------------------------------

Name        : libuv
Product     : Fedora 18
Version     : 0.10.3
Release     : 1.fc18
URL         : http://nodejs.org/
Summary     : Platform layer for node.js
Description :
libuv is a new platform layer for Node. Its purpose is to abstract IOCP on
Windows and libev on Unix systems. We intend to eventually contain all platform
differences in this library.

--------------------------------------------------------------------------------
Update Information:

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #896266 - CVE-2012-5153 v8: DoS due to crafted JavaScript code that causes out-of-bounds access to stack memory
        https://bugzilla.redhat.com/show_bug.cgi?id=896266
  [ 2 ] Bug #896272 - CVE-2013-0836 v8: DoS due to improperly implemented garbage collection
        https://bugzilla.redhat.com/show_bug.cgi?id=896272
  [ 3 ] Bug #924495 - CVE-2013-2632 v8: remote DoS via crafted javascript
        https://bugzilla.redhat.com/show_bug.cgi?id=924495
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libuv' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list