Bug 24287 - lua5.3 new security issue CVE-2019-6706
Summary: lua5.3 new security issue CVE-2019-6706
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-02-01 22:10 CET by David Walser
Modified: 2019-02-02 20:38 CET (History)
0 users

See Also:
Source RPM: lua5.3
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2019-02-01 22:10:02 CET 
Fedora has issued an advisory on January 30:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BYAL4H676UEL6FZ53WIWFP2OSML4J3RL/

I've pushed the fix for lua5.3 in Cauldron, but 5.2 is also affected.

Mageia 6 is also affected.
David Walser 2019-02-01 22:10:08 CET

Whiteboard: (none) => MGA6TOO

Comment 1 David Walser 2019-02-02 20:38:37 CET 
Both SUSE and Debian say that 5.2 isn't affected, so closing this as FIXED for lua5.3.

Summary: lua new security issue CVE-2019-6706 => lua5.3 new security issue CVE-2019-6706
Whiteboard: MGA6TOO => (none)
Resolution: (none) => FIXED
Source RPM: lua-5.2.4-3.mga7.src.rpm => lua5.3
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.