Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e5887a9f by Salvatore Bonaccorso at 2022-01-19T20:38:25+01:00
Two luajit issues fixed via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -112547,7 +112547,7 @@ CVE-2020-15891
RESERVED
CVE-2020-15890 (LuaJit through 2.1.0-beta3 has an out-of-bounds read because
__gc hand ...)
{DLA-2296-1}
- - luajit <unfixed> (unimportant; bug #966148)
+ - luajit 2.1.0~beta3+git20210112+dfsg-2 (unimportant; bug #966148)
NOTE: https://github.com/LuaJIT/LuaJIT/issues/601
NOTE:
https://github.com/LuaJIT/LuaJIT/commit/53f82e6e2e858a0a62fd1a2ff47e9866693382e6
NOTE: No security impact, only "exploitable" with untrusted Lua code
@@ -152160,7 +152160,7 @@ CVE-2019-19393 (The Web application on Rittal CMC PU
III 7030.000 V3.00 V3.11.00
CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN
(formerly Dot ...)
NOT-FOR-US: forDNN.UsersExportImport module for DNN
CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit
before 2.1. ...)
- - luajit <unfixed> (bug #946053; unimportant)
+ - luajit 2.1.0~beta3+git20210112+dfsg-2 (bug #946053; unimportant)
NOTE: https://github.com/LuaJIT/LuaJIT/pull/526
NOTE: Negligible security impact. The debug library is unsafe per se
and one is
NOTE: not supposed to release an application with the debug library.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5887a9f5be0a8c1c4929f906ae82c87dfb9d3eb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5887a9f5be0a8c1c4929f906ae82c87dfb9d3eb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
