[Git][security-tracker-team/security-tracker][master] Reference commit for CVE-2020-15890/luajit

Sat, 22 Aug 2020 01:29:00 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bd36f5d1 by Salvatore Bonaccorso at 2020-08-22T10:27:06+02:00
Reference commit for CVE-2020-15890/luajit

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17638,6 +17638,7 @@ CVE-2020-15890 (LuaJit through 2.1.0-beta3 has an 
out-of-bounds read because __g
        {DLA-2296-1}
        - luajit <unfixed> (unimportant; bug #966148)
        NOTE: https://github.com/LuaJIT/LuaJIT/issues/601
+       NOTE: 
https://github.com/LuaJIT/LuaJIT/commit/53f82e6e2e858a0a62fd1a2ff47e9866693382e6
        NOTE: No security impact, only "exploitable" with untrusted Lua code
 CVE-2020-15889 (Lua through 5.4.0 has a getobjname heap-based buffer over-read 
because ...)
        - lua5.4 5.4.0-2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd36f5d1c833ba153ab3152bd1be470c8ebff058

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd36f5d1c833ba153ab3152bd1be470c8ebff058
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to