[SECURITY] Fedora 18 Update: v8-3.13.7.5-1.fc18
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jan 11 23:31:34 UTC 2013
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-20117
2012-12-11 04:48:14
--------------------------------------------------------------------------------
Name : v8
Product : Fedora 18
Version : 3.13.7.5
Release : 1.fc18
URL : http://code.google.com/p/v8
Summary : JavaScript Engine
Description :
V8 is Google's open source JavaScript engine. V8 is written in C++ and is used
in Google Chrome, the open source browser from Google. V8 implements ECMAScript
as specified in ECMA-262, 3rd edition.
--------------------------------------------------------------------------------
Update Information:
Update to 3.13.7.5. Fixes CVE-2012-5120 CVE-2012-5128 and gets d8 working properly again.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 4 2012 Tom Callaway <spot at fedoraproject.org> - 1:3.13.7.5-1
- update to 3.13.7.5 (needed for chromium 23)
- Resolves multiple security issues (CVE-2012-5120, CVE-2012-5128)
- d8 is now using a static libv8, resolves bz 881973)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #874840 - CVE-2012-5120 CVE-2012-5128 v8: multiple flaws fixed in Google V8 3.13.7.5 (Chrome 23.0.1271.64)
https://bugzilla.redhat.com/show_bug.cgi?id=874840
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update v8' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list