Bug 966121 (CVE-2013-2838)
Summary: | CVE-2013-2838 v8: Denial of service (out-of-bounds read) via unspecified vectors | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | sgallagh, tcallawa, tchollingsworth, thrcka, tomspur |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | V8-3.18.5 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-05-23 18:58:46 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 966127, 966128 | ||
Bug Blocks: |
Description
Jan Lieskovsky
2013-05-22 14:19:57 UTC
This issue affects the versions of the v8 package, as shipped with Fedora release of 17 and 18. Please schedule an update. -- This issue affects the version of the v8 package, as shipped with Fedora EPEL-6. Please schedule an update. Created v8 tracking bugs for this issue Affects: fedora-all [bug 966127] Affects: epel-6 [bug 966128] Node.js upstream notified in issue 5535: https://github.com/joyent/node/issues/5535 Any indication whether this affects the 3.16 stable branch of V8 used in Fedora? The upstream bug is still embargoed and there haven't been any pushes to this branch upstream since April. That patch contains a lot of unrelated changes so can't be backported, so I cannot take any action in Fedora or EPEL at this time. I'll have to wait for feedback here or from Node.js upstream (who is in much better contact with V8 upstream than myself). The actual patch is: https://code.google.com/p/v8/source/detail?r=14481 This bug never affected the stable 3.16 series in Fedora, so no action is needed. Closing NEXTRELEASE because when we update v8 we'll definitely update to a version that already has this fixed. (In reply to T.C. Hollingsworth from comment #4) > This bug never affected the stable 3.16 series in Fedora Was this rather meant to say 3.14? It does not seem 3.16 was ever in Fedora. Any details on why 3.14/.16 was unaffected? The fix seems applicable. Yeah, I meant 3.14, sorry. The determination was made by the lead Node.js upstream developer: https://github.com/joyent/node/issues/5535#issuecomment-18316882 To double-check, I ran the relevant regression test [1] and it passes with our current v8. [1] https://github.com/v8/v8/blob/a295634/test/mjsunit/regress/regress-235311.js Thank you! I did see node upstream ticket comment, and check with reproducer with the same results. I could not see where the difference lies. |