User: Password:
Subscribe / Log in / New account

Fedora alert FEDORA-2014-4625 (v8)

Subject:  [SECURITY] Fedora 20 Update: v8-
Date:  Tue, 15 Apr 2014 15:32:56 +0000
Message-ID:  <>

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-4625 2014-04-02 07:53:15 -------------------------------------------------------------------------------- Name : v8 Product : Fedora 20 Version : Release : 7.fc20 URL : Summary : JavaScript Engine Description : V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. -------------------------------------------------------------------------------- Update Information: Common Vulnerabilities and Exposures assigned an identifier CVE-2014-1704 to the following vulnerability: URL: Multiple unspecified vulnerabilities in Google V8 before, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Only one vulnerability in this CVE affects v8- in Fedora. This update fixes the vulnerability involving unsigned integer arithmetic. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 18 2014 T.C. Hollingsworth <> - 1: - backport fix for unsigned integer arithmetic (RHBZ#1077136; CVE-2014-1704) * Mon Feb 24 2014 Tomas Hrcka <> - 1: - Backport fix for incorrect handling of popular pages (RHBZ#1059070; CVE-2013-6640) * Fri Feb 14 2014 T.C. Hollingsworth <> - 1: - rebuild for icu-52 * Mon Jan 27 2014 T.C. Hollingsworth <> - 1: - backport fix for enumeration for objects with lots of properties * Fri Dec 13 2013 T.C. Hollingsworth <> - 1: - backport fix for out-of-bounds read DoS (RHBZ#1039889; CVE-2013-6640) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1077136 - CVE-2014-1704 v8: multiple vulnerabilities in v8 fixed in Google Chrome version 33.0.1750.149 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update v8' at the command line. For more information, refer to "Managing Software with yum", available at All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds