User: Password:
Subscribe / Log in / New account

Fedora alert FEDORA-2013-19491 (nodejs)

Subject:  [SECURITY] Fedora 18 Update: nodejs-0.10.21-1.fc18
Date:  Tue, 29 Oct 2013 03:36:07 +0000
Message-ID:  <>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-19491 2013-10-19 07:32:49 -------------------------------------------------------------------------------- Name : nodejs Product : Fedora 18 Version : 0.10.21 Release : 1.fc18 URL : Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. -------------------------------------------------------------------------------- Update Information: This release contains a security fix for the http server implementation, please upgrade as soon as possible. For more information, see <>. 2013.10.18, node.js Version 0.10.21 (Stable) * crypto: clear errors from verify failure (Timothy J Fontaine) * dtrace: interpret two byte strings (Dave Pacheco) * fs: fix fs.truncate() file content zeroing bug (Ben Noordhuis) * http: provide backpressure for pipeline flood (isaacs) * tls: fix premature connection termination (Ben Noordhuis) 2013.10.19, libuv Version 0.10.18 (Stable) * unix: fix uv_spawn() NULL pointer deref on ENOMEM (Ben Noordhuis) * unix: don't close inherited fds on uv_spawn() fail (Ben Noordhuis) * unix: revert recent FSEvent changes (Ben Noordhuis) * unix: fix non-synchronized access in signal.c (Ben Noordhuis) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1021170 - CVE-2013-4450 NodeJS: HTTP Pipelining DoS -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nodejs' at the command line. For more information, refer to "Managing Software with yum", available at All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list

(Log in to post comments)

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds