[Git][security-tracker-team/security-tracker][master] 2 commits: Adjust reference for CVE-2020-24371

Sat Sep 26 08:27:01 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8d170b5 by Salvatore Bonaccorso at 2020-09-26T09:15:40+02:00
Adjust reference for CVE-2020-24371

- - - - -
a58a26a3 by Salvatore Bonaccorso at 2020-09-26T09:26:30+02:00
Update information on CVE-2020-24371

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3798,11 +3798,9 @@ CVE-2020-24372 (LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_r
 	NOTE: No security impact, only "exploitable" with untrusted Lua code
 CVE-2020-24371 (lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the ...)
 	- lua5.4 <unfixed>
-	- lua5.3 <unfixed>
-	[buster] - lua5.3 <not-affected> (Vulnerable code not present)
-	[stretch] - lua5.3 <not-affected> (Vulnerable code not present)
+	- lua5.3 <not-affected> (Vulnerable code introduced in 5.4.0)
 	NOTE: https://github.com/lua/lua/commit/a6da1472c0c5e05ff249325f979531ad51533110
-	NOTE: https://www.lua.org/bugs.html#5.4.0-9
+	NOTE: https://www.lua.org/bugs.html#5.4.0-10
 CVE-2020-24370 (ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation faul ...)
 	- lua5.4 <unfixed>
 	- lua5.3 <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/839b69a545324c10daf95ba9062fa2a191963850...a58a26a32061288f2fed1a9e2bec0e37adedb790

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/839b69a545324c10daf95ba9062fa2a191963850...a58a26a32061288f2fed1a9e2bec0e37adedb790
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200926/2e67b479/attachment-0001.html>
