Описание
ELSA-2023-0957: lua security update (MODERATE)
[5.4.4-2]
- Resolves CVE-2021-43519
[5.4.4-1]
- Rebase to lua 5.4.4
- Resolves CVE-2021-44964
[5.4.2-7]
- Fix up CVE-2022-33099 patch
[5.4.2-6]
- Enable gating
[5.4.2-5]
- apply upstream fix for CVE-2022-33099
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
lua
5.4.4-2.el9_1
lua-devel
5.4.4-2.el9_1
lua-libs
5.4.4-2.el9_1
Oracle Linux x86_64
lua
5.4.4-2.el9_1
lua-devel
5.4.4-2.el9_1
lua-libs
5.4.4-2.el9_1
Связанные CVE
Связанные уязвимости
CVSS3: 6.3
ubuntu
больше 3 лет назад
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.
CVSS3: 7
redhat
больше 3 лет назад
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.
CVSS3: 6.3
nvd
больше 3 лет назад
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.
