This update provides the latest stable version of Node.js and corresponding backports to the v8 package.

This update resolves CVE-2013-6668, which has only a minor impact since Node.js is not typically used to execute untrusted JavaScript. For more information on the fixed vulnerability, please see the CVE bugs listed below.

Changes in this update include:

  • v8: fix a crash introduced by previous release (Fedor Indutny)
  • crypto: use domains for any callback-taking method (Chris Dickinson)
  • http: do not send 0rnrn in TE HEAD responses (Fedor Indutny)
  • querystring: fix unescape override (Tristan Berger)
  • url: Add support for RFC 3490 separators (Mathias Bynens)
  • v8: backport CVE-2013-6668
  • cluster: disconnect should not be synchronous (Sam Roberts)
  • fs: fix fs.readFileSync fd leak when get RangeError (Jackson Tian)
  • stream: fix Readable.wrap objectMode falsy values (James Halliday)
  • timers: fix timers with non-integer delay hanging. (Julien Gilli)

This update has been submitted for testing by patches.

7 years ago

This update is currently being pushed to the Fedora EPEL 7 testing updates repository.

7 years ago

This update is currently being pushed to the Fedora EPEL 7 testing updates repository.

7 years ago

This update is currently being pushed to the Fedora EPEL 7 testing updates repository.

7 years ago

This update has been pushed to testing

7 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago
User Icon jperrin commented & provided feedback 7 years ago
karma

applied this package and everything linked against it still works fine.

This update has been submitted for stable by patches.

7 years ago

This update is currently being pushed to the Fedora EPEL 7 stable updates repository.

7 years ago

This update has been pushed to stable

7 years ago
User Icon bytehackr provided feedback 6 months ago
karma
BZ#1074737 CVE-2013-6668 v8: multiple vulnerabilities fixed in Google Chrome version 33.0.1750.146
BZ#1074740 CVE-2013-6668 v8: multiple vulnerabilities in v8 fixed in Google Chrome version 3.24.35.10 [epel-6]

Please login to add feedback.

Metadata
Type
security
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
BZ#1074737 CVE-2013-6668 v8: multiple vulnerabilities fixed in Google Chrome version 33.0.1750.146
0
1
BZ#1074740 CVE-2013-6668 v8: multiple vulnerabilities in v8 fixed in Google Chrome version 3.24.35.10 [epel-6]
0
1

Automated Test Results