There were no CVEs. The security implications are as follows: http://www.lua.org/bugs.html under "5.1.3":
* patch 2 fixes a potential stack overflow. * patch 4 fixes a crash (possible DoS for Lua-scripted applications that run user scripts) * patch 5 fixes a crash (ditto) * patch 6 fixes a stack overflow * patch 8 fixes the ability to create booleans that are neither true nor false These patches all affect the interpretation of Lua code; Lua is widely used in Ubuntu for application scripting. Hence, at the very least, a stack overflow is a potential security problem. Some of the other bugs patched may have security implications too, as they all allow incorrect execution of code. -- Some security problems (with fixes) https://bugs.launchpad.net/bugs/241652 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
