[SECURITY] Fedora 18 Update: v8-

updates at fedoraproject.org updates at fedoraproject.org
Fri Apr 5 23:03:21 UTC 2013

Fedora Update Notification
2012-12-18 21:17:35

Name        : v8
Product     : Fedora 18
Version     :
Release     : 1.fc18
URL         : http://code.google.com/p/v8
Summary     : JavaScript Engine
Description :
V8 is Google's open source JavaScript engine. V8 is written in C++ and is used
in Google Chrome, the open source browser from Google. V8 implements ECMAScript
as specified in ECMA-262, 3rd edition.

Update Information:

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

* Fri Mar 22 2013 T.C. Hollingsworth <tchollingsworth at gmail.com> - 1:
- new upstream release
- backport security fix for remote DoS via crafted javascript (RHBZ#924495; CVE-2013-2632)
* Mon Mar 11 2013 Stephen Gallagher <sgallagh at redhat.com> - 1:
- Update to v8 for Node.js 0.10.0
* Sat Jan 26 2013 T.C. Hollingsworth <tchollingsworth at gmail.com> - 1:
- rebuild for icu-50
- ignore new GCC 4.8 warning
* Tue Dec  4 2012 Tom Callaway <spot at fedoraproject.org> - 1:
- update to (needed for chromium 23)
- Resolves multiple security issues (CVE-2012-5120, CVE-2012-5128)
- d8 is now using a static libv8, resolves bz 881973)

  [ 1 ] Bug #896266 - CVE-2012-5153 v8: DoS due to crafted JavaScript code that causes out-of-bounds access to stack memory
  [ 2 ] Bug #896272 - CVE-2013-0836 v8: DoS due to improperly implemented garbage collection
  [ 3 ] Bug #924495 - CVE-2013-2632 v8: remote DoS via crafted javascript

This update can be installed with the "yum" update program.  Use 
su -c 'yum update v8' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list