FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

node -- multiple vulnerabilities

Affected packages
		node	<	5.7.1

Details

VuXML ID	6d33b3e5-ea03-11e5-85be-14dae9d210b8
Discovery	2016-03-02
Entry	2016-03-14

Jeremiah Senkpiel reports:

Fix a double-free defect in parsing malformed DSA keys that may potentially be used for DoS or memory corruption attacks.

Fix a defect that can cause memory corruption in certain very rare cases

Fix a defect that makes the CacheBleed Attack possible

[source]

References

CVE Name	CVE-2016-0702
CVE Name	CVE-2016-0705
CVE Name	CVE-2016-0797
URL	https://github.com/nodejs/node/commit/805f054cc7791c447dbb960fbf3b179ea05294ac