Bug 24287

Summary: lua5.3 new security issue CVE-2019-6706
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: lua5.3 CVE:
Status comment:

Description David Walser 2019-02-01 22:10:02 CET 
Fedora has issued an advisory on January 30:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BYAL4H676UEL6FZ53WIWFP2OSML4J3RL/

I've pushed the fix for lua5.3 in Cauldron, but 5.2 is also affected.

Mageia 6 is also affected.
David Walser 2019-02-01 22:10:08 CET

Whiteboard: (none) => MGA6TOO

Comment 1 David Walser 2019-02-02 20:38:37 CET 
Both SUSE and Debian say that 5.2 isn't affected, so closing this as FIXED for lua5.3.

Summary: lua new security issue CVE-2019-6706 => lua5.3 new security issue CVE-2019-6706
Whiteboard: MGA6TOO => (none)
Resolution: (none) => FIXED
Source RPM: lua-5.2.4-3.mga7.src.rpm => lua5.3
Status: NEW => RESOLVED