Common Vulnerabilities and Exposures assigned an identifier CVE-2013-2632 to the following vulnerability: Name: CVE-2013-2632 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2632 Assigned: 20130321 Reference: http://code.google.com/p/v8/source/browse/trunk/ChangeLog Reference: http://googlechromereleases.blogspot.com/2013/03/dev-channel-update_18.html Reference: https://code.google.com/p/chromium/issues/detail?id=194749 Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game.
Created v8 tracking bugs for this issue Affects: fedora-all [bug 924496] Affects: epel-6 [bug 924497]
Node.js upstream has been notified: https://github.com/joyent/node/issues/5113 I'll be backporting this to Fedora's V8 shortly.
v8-3.14.5.8-1.fc18, nodejs-0.10.2-1.fc18, libuv-0.10.3-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
v8-3.14.5.8-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.