[Git][security-tracker-team/security-tracker][master] lua5.4 fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jul 18 10:45:59 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0793e791 by Moritz Muehlenhoff at 2022-07-18T11:43:55+02:00
lua5.4 fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7790,12 +7790,16 @@ CVE-2022-33101
CVE-2022-33100
RESERVED
CVE-2022-33099 (An issue in the component luaG_runerror of Lua v5.4.4 and below leads ...)
- - lua5.4 <unfixed> (bug #1014935)
+ - lua5.4 5.4.4-3 (bug #1014935)
+ [bullseye] - lua5.4 <no-dsa> (Minor issue)
+ - lua5.3 <not-affected> (Specific to 5.4)
+ - lua5.2 <not-affected> (Specific to 5.4)
+ - lua5.1 <not-affected> (Specific to 5.4)
+ - lua50 <not-affected> (Specific to 5.4)
NOTE: https://github.com/lua/lua/commit/42d40581dd919fb134c07027ca1ce0844c670daf
NOTE: https://lua-users.org/lists/lua-l/2022-05/msg00035.html
NOTE: https://lua-users.org/lists/lua-l/2022-05/msg00042.html
NOTE: https://lua-users.org/lists/lua-l/2022-05/msg00073.html
- TODO: check older lua versions
CVE-2022-33098 (Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting ...)
NOT-FOR-US: Magnolia CMS
CVE-2022-33097 (74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0793e7913568ade7272203dece37091633ecb003
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0793e7913568ade7272203dece37091633ecb003
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220718/81c55a6b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list