openSUSE-SU-2016:1834-1

Опубликовано: 20 июл. 2016

Источник: suse-cvrf

Описание

Security update for nodejs

This update for nodejs fixes the following issue:

CVE-2016-1669:
- fix buffer overflow in v8 (boo#987919)

Список пакетов

openSUSE Leap 42.1

nodejs-4.4.5-30.2

nodejs-devel-4.4.5-30.2

nodejs-docs-4.4.5-30.2

npm-4.4.5-30.2

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html
E-Mail link for openSUSE-SU-2016:1834-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

Затронутые продукты

openSUSE Leap 42.1:nodejs-4.4.5-30.2

openSUSE Leap 42.1:nodejs-devel-4.4.5-30.2

openSUSE Leap 42.1:nodejs-docs-4.4.5-30.2

openSUSE Leap 42.1:npm-4.4.5-30.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-1669.html
CVE-2016-1669
https://bugzilla.suse.com/979859
SUSE Bug 979859
https://bugzilla.suse.com/987919
SUSE Bug 987919

openSUSE-SU-2016:1834-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-1669

Описание

Затронутые продукты

Ссылки