[Git][security-tracker-team/security-tracker][master] Two luajit issues fixed via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jan 19 19:38:55 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e5887a9f by Salvatore Bonaccorso at 2022-01-19T20:38:25+01:00
Two luajit issues fixed via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -112547,7 +112547,7 @@ CVE-2020-15891
 	RESERVED
 CVE-2020-15890 (LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ...)
 	{DLA-2296-1}
-	- luajit <unfixed> (unimportant; bug #966148)
+	- luajit 2.1.0~beta3+git20210112+dfsg-2 (unimportant; bug #966148)
 	NOTE: https://github.com/LuaJIT/LuaJIT/issues/601
 	NOTE: https://github.com/LuaJIT/LuaJIT/commit/53f82e6e2e858a0a62fd1a2ff47e9866693382e6
 	NOTE: No security impact, only "exploitable" with untrusted Lua code
@@ -152160,7 +152160,7 @@ CVE-2019-19393 (The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00
 CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly Dot ...)
 	NOT-FOR-US: forDNN.UsersExportImport module for DNN
 CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit before 2.1. ...)
-	- luajit <unfixed> (bug #946053; unimportant)
+	- luajit 2.1.0~beta3+git20210112+dfsg-2 (bug #946053; unimportant)
 	NOTE: https://github.com/LuaJIT/LuaJIT/pull/526
 	NOTE: Negligible security impact. The debug library is unsafe per se and one is
 	NOTE: not supposed to release an application with the debug library.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5887a9f5be0a8c1c4929f906ae82c87dfb9d3eb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5887a9f5be0a8c1c4929f906ae82c87dfb9d3eb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220119/2fcd0ec9/attachment.htm>

More information about the debian-security-tracker-commits mailing list