chadbrewbaker
commented
3 years ago This gem is crimping my style on arm64 awslinux2 rvm ruby 2.5.1. Hardcoded x86 in the old v8 version. Would bumping libv8 do the trick for you?
Closed Bkahler closed 10 months ago
chadbrewbaker
commented
3 years ago This gem is crimping my style on arm64 awslinux2 rvm ruby 2.5.1. Hardcoded x86 in the old v8 version. Would bumping libv8 do the trick for you?
lloeki
commented
10 months ago Sorry but this gem is unmaintained, so I will close this issue.
We recommend going with mini_racer + libv8-node. If you feel the issue is still relevant to either of those, please open an issue over there!
My team runs a series of continuous security scans against our dependencies, and in September, this issue was surfaced
"The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." "
Specifically this issue was identified in dradis-dradis-3.1.0.rc2-linux-x86. The fix would be to update to upgrade to version 4.2.69 of dradis.
Are there any plans for a new version which might address this issue?