- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2018-d4746c772f
2018-02-14 17:08:28.617718
——————————————————————————–
Name : mujs
Product : Fedora 26
Version : 0
Release : 11.20180129git25821e6.fc26
URL : http://mujs.com/
Summary : An embeddable Javascript interpreter
Description :
MuJS is a lightweight Javascript interpreter designed for embedding in
other software to extend them with scripting capabilities.
——————————————————————————–
Update Information:
Security fix for CVE-2018-5759.
——————————————————————————–
References:
[ 1 ] Bug #1539514 – CVE-2018-5759 mujs: Improper management of AST depth in jsparse.c can allow a remote attacker to cause a denial of service via a crafted file
https://bugzilla.redhat.com/show_bug.cgi?id=1539514
[ 2 ] Bug #1539847 – CVE-2018-6191 mujs: Interger overflow in js_strtod function in jsdtoa.c
https://bugzilla.redhat.com/show_bug.cgi?id=1539847
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade mujs’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2018-5b2e981f14
2018-02-14 17:26:16.387108
——————————————————————————–
Name : mujs
Product : Fedora 27
Version : 0
Release : 11.20180129git25821e6.fc27
URL : http://mujs.com/
Summary : An embeddable Javascript interpreter
Description :
MuJS is a lightweight Javascript interpreter designed for embedding in
other software to extend them with scripting capabilities.
——————————————————————————–
Update Information:
Security fix for CVE-2018-5759.
——————————————————————————–
References:
[ 1 ] Bug #1539514 – CVE-2018-5759 mujs: Improper management of AST depth in jsparse.c can allow a remote attacker to cause a denial of service via a crafted file
https://bugzilla.redhat.com/show_bug.cgi?id=1539514
[ 2 ] Bug #1539847 – CVE-2018-6191 mujs: Interger overflow in js_strtod function in jsdtoa.c
https://bugzilla.redhat.com/show_bug.cgi?id=1539847
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade mujs’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
| Autor | Petar Bertok |
| Cert id | NCERT-REF-2018-02-0110-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
