| Summary: | lua5.1 new security issue CVE-2020-24370 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | Nicolas Salguero <nicolas.salguero> |
| Status: | RESOLVED INVALID | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | jani.valimaa, mageia, nicolas.salguero |
| Version: | 8 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | lua5.1-5.1.5-15.mga8.src.rpm | CVE: | |
| Status comment: | Patch available from openSUSE | ||
|
Description
David Walser
2021-06-30 18:37:35 CEST
David Walser
2021-06-30 18:37:50 CEST
CC:
(none) =>
nicolas.salguero NicolasL is the registered maintainer for this; unusually I cannot pin it down in the Cauldron logs to see who really has been doing it, so assigning it to you by default. NicolasS is already CC'd. Assignee:
bugsquad =>
mageia Removing Mageia 7 from whiteboard due to EOL: https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/ Whiteboard:
MGA7TOO =>
(none) openSUSE has issued an advisory for this on July 2: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OOVDNMRFDTKUTT25LOX5ABPHFFAREA4V/ Status comment:
(none) =>
Patch available from openSUSE this is already fixed in mga8. ------------------------------------------------------------------------ r1620894 | ns80 | 2020-09-02 10:46:32 +0200 (Wed 02 Sep 2020) | 2 lignes - add Fedora patch for CVE-2020-24370 (mga#27213) Resolution:
(none) =>
FIXED Yes, patch added in both lua and lua5.3. How about lua5.1? Source RPM:
lua5.3-5.3.5-5.mga8.src.rpm =>
lua5.1-5.1.5-15.mga8.src.rpm i looked and lua 5.1 does not seems affected. ( the findvararg function does not exist ) Resolution:
(none) =>
FIXED |