Описание
ELSA-2023-2582: lua security update (LOW)
[5.4.4-3]
- Apply upstream patch for CVE-2022-28805
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
lua
5.4.4-3.el9
lua-devel
5.4.4-3.el9
lua-libs
5.4.4-3.el9
Oracle Linux x86_64
lua
5.4.4-3.el9
lua-devel
5.4.4-3.el9
lua-libs
5.4.4-3.el9
Связанные CVE
Связанные уязвимости
singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.
singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.
singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.
singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) ...