This update provides the latest stable version of Node.js and corresponding backports to the v8 package.

This update resolves CVE-2013-6668, which has only a minor impact since Node.js is not typically used to execute untrusted JavaScript. For more information on the fixed vulnerability, please see the CVE bugs listed below.

Changes in this update include:

  • v8: fix a crash introduced by previous release (Fedor Indutny)
  • crypto: use domains for any callback-taking method (Chris Dickinson)
  • http: do not send 0rnrn in TE HEAD responses (Fedor Indutny)
  • querystring: fix unescape override (Tristan Berger)
  • url: Add support for RFC 3490 separators (Mathias Bynens)
  • v8: backport CVE-2013-6668
  • cluster: disconnect should not be synchronous (Sam Roberts)
  • fs: fix fs.readFileSync fd leak when get RangeError (Jackson Tian)
  • stream: fix Readable.wrap objectMode falsy values (James Halliday)
  • timers: fix timers with non-integer delay hanging. (Julien Gilli)

How to install

sudo dnf upgrade --advisory=FEDORA-2014-11132

This update has been submitted for testing by patches.

7 years ago

AutoQA: depcheck test PASSED on i386. Result log: http://autoqa.fedoraproject.org/report/1gnv4 (results are informative only)

AutoQA: depcheck test PASSED on x86_64. Result log: http://autoqa.fedoraproject.org/report/1gnv8 (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

7 years ago

This update has been pushed to testing

7 years ago

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

This update has been submitted for stable by patches.

7 years ago

AutoQA: upgradepath test PASSED on noarch. Result log: http://autoqa.fedoraproject.org/report/1h9ld (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

7 years ago

This update has been pushed to stable

7 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
BZ#1074737 CVE-2013-6668 v8: multiple vulnerabilities fixed in Google Chrome version 33.0.1750.146
0
0
BZ#1074739 CVE-2013-6668 v8: multiple vulnerabilities in v8 fixed in Google Chrome version 3.24.35.10 [fedora-all]
0
0

Automated Test Results