Fedora 28: 2018-373bbbd408 Moderate: Nodejs-JSV Denial of Service

fedora

June 16, 2018

Update to latest nodejs-uri-js for CVE fix

Summary

JSV is a JavaScript implementation of a extendable, fully compliant

JSON Schema validator with the following features:

* The fastest extendable JSON validator available!

* Complete implementation of all current JSON Schema draft revisions.

* Supports creating individual environments (sandboxes) that validate

using a particular schema specification.

* Provides an intuitive API for creating new validating schema

attributes, or whole new custom schema schemas.

* Supports self, full and described by hyper links.

* Validates itself, and is bootstrapped from the JSON Schema schemas.

* Includes over 1100 unit tests for testing all parts of the specifications.

* Works in all ECMAScript 3 environments, including all web browsers

and Node.js.

* Licensed under the FreeBSD License, a very open license.

Update to latest nodejs-uri-js for CVE fix

* Thu Jun 7 2018 Tom Hughes - 4.0.2-12

- Update npm(uri-js) dependency

[ 1 ] Bug #1588825 - CVE-2017-16021 nodejs-uri-js: regular expression denial of service vulnerability in parse method [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1588825

[ 2 ] Bug #1435853 - nodejs-uri-js-4.2.2 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1435853

su -c 'dnf upgrade --advisory FEDORA-2018-373bbbd408' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRDWTKMSD55QU6DW6DC7Q7ZZAONMI6X6/

Topics Covered

security advisory moderate denial of service security issue fedora nodejs-jsv json validation

Change Log

References

Update Instructions

Product: Fedora 28

Version: 4.0.2

Release: 12.fc28

URL: https://github.com/garycourt/JSV

Summary: JSON Schema Validator

Topics Covered

security advisory moderate denial of service security issue fedora nodejs-jsv json validation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 28: 2018-373bbbd408 Moderate: Nodejs-JSV Denial of Service

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 28: 2018-373bbbd408 Moderate: Nodejs-JSV Denial of Service

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!