Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: V8: backport f320600cd1f4 (V20.x CVE-2024-4761) #54598

Open
wants to merge 3 commits into
base: v20.x-staging
Choose a base branch
from
Open

deps: V8: backport f320600cd1f4 (V20.x CVE-2024-4761) #54598

wants to merge 3 commits into from

Conversation

giancorderoortiz
Copy link

V8 Backport of v8/v8@f320600

Fixes GHSA-8q82-45v9-cmr9, which has been tagged by CISA as KEV.

@giancorderoortiz
deps: V8: backport f320600cd1f4
67b548b 
Original commit message:

    [wasm-gc] Only normalize JSObject targets in SetOrCopyDataProperties

    Bug: 339458194
    Change-Id: I4d6eebdd921971fa28d7c474535d978900ba633f
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5527397
    Reviewed-by: Rezvan Mahdavi Hezaveh <rezvan@chromium.org>
    Commit-Queue: Shu-yu Guo <syg@chromium.org>
    Cr-Commit-Position: refs/heads/main@{#93811}

Refs: v8/v8@f320600
@giancorderoortiz
V8 backport of f320600
4658be2
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/gyp
  • @nodejs/security-wg
  • @nodejs/v8-update

@nodejs-github-bot nodejs-github-bot added build Issues and PRs related to build files or the CI. needs-ci PRs that need a full CI run. v20.x v20.x Issues that can be reproduced on v20.x or PRs targeting the v20.x-staging branch. v8 engine Issues and PRs related to the V8 dependency. labels Aug 27, 2024
@giancorderoortiz
Copy link
Author

Latest Node 20 minor version has V8 11.3.244.8. See https://github.com/nodejs/node/blob/v20.17.0/deps/v8/include/v8-version.h
CVE-2024-4761 fixed in V8 version 12.6.213 by v8/v8@f320600
Hence the need for a backport.

@RedYetiDev RedYetiDev added commit-queue-squash Add this label to instruct the Commit Queue to squash all the PR commits into the first one. security Issues and PRs related to security. labels Aug 28, 2024
@jasnell jasnell added the request-ci Add this label to start a Jenkins CI on a PR. label Sep 7, 2024
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Sep 7, 2024
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/62126/

@nodejs-github-bot
Copy link
Collaborator

V8 CI: https://ci.nodejs.org/job/node-test-commit-v8-linux/nodes=rhel8-ppc64le,v8test=v8test/6180/

@nodejs-github-bot
Copy link
Collaborator

V8 CI: https://ci.nodejs.org/job/node-test-commit-v8-linux/nodes=rhel8-s390x,v8test=v8test/6180/

@nodejs-github-bot
Copy link
Collaborator

V8 CI: https://ci.nodejs.org/job/node-test-commit-v8-linux/nodes=benchmark-ubuntu2204-intel-64,v8test=v8test/6180/

@targos targos force-pushed the v20.x-staging branch 2 times, most recently from 47be236 to 9e1c229 Compare October 2, 2024 14:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasnell jasnell jasnell approved these changes

Assignees
No one assigned
Labels
build Issues and PRs related to build files or the CI. commit-queue-squash Add this label to instruct the Commit Queue to squash all the PR commits into the first one. needs-ci PRs that need a full CI run. security Issues and PRs related to security. v8 engine Issues and PRs related to the V8 dependency. v20.x v20.x Issues that can be reproduced on v20.x or PRs targeting the v20.x-staging branch.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@giancorderoortiz @nodejs-github-bot @jasnell @RedYetiDev