[SECURITY] Fedora 19 Update: v8-3.14.5.10-2.fc19

updates at fedoraproject.org updates at fedoraproject.org
Thu Aug 15 02:39:19 UTC 2013 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-14176
2013-08-03 22:44:36
--------------------------------------------------------------------------------

Name        : v8
Product     : Fedora 19
Version     : 3.14.5.10
Release     : 2.fc19
URL         : http://code.google.com/p/v8
Summary     : JavaScript Engine
Description :
V8 is Google's open source JavaScript engine. V8 is written in C++ and is used
in Google Chrome, the open source browser from Google. V8 implements ECMAScript
as specified in ECMA-262, 3rd edition.

--------------------------------------------------------------------------------
Update Information:

This update fixes an issue with Google V8, as used in Google Chrome before 28.0.1500.95, which allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors that leverage "type confusion."

Please note that this issue's impact on Node.js is somewhat lessened since it
does not typically execute JavaScript from foreign sources.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug  2 2013 T.C. Hollingsworth <tchollingsworth at gmail.com> - 1:3.14.5.10-2
- backport fix for remote DoS or unspecified other impact via type confusion
  (RHBZ#991116; CVE-2013-2882)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #991116 - CVE-2013-2882 v8: remote DoS or unspecified other impact via type confusion
        https://bugzilla.redhat.com/show_bug.cgi?id=991116
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update v8' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list