node, iojs, and v8 -- denial of service

2015-07-03T00:00:00
ID 864E6F75-2372-11E5-86FF-14DAE9D210B8
Type freebsd
Reporter FreeBSD
Modified 2015-07-10T00:00:00

Description

node reports:

This release of Node.js fixes a bug that triggers an out-of-band write in V8's utf-8 decoder. This bug impacts all Buffer to String conversions. This is an important security update as this bug can be used to cause a denial of service attack.