[pkg-lua-devel] Bug#1004189: lua5.4: CVE-2021-44647
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 22 12:13:08 GMT 2022
Source: lua5.4
Version: 5.4.3-1
Severity: important
Tags: security upstream
Forwarded: http://lua-users.org/lists/lua-l/2021-11/msg00195.html
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerability was published for lua5.4.
CVE-2021-44647[0]:
| Lua 5.4.4 and 5.4.2 are affected by SEGV by type confusion in
| funcnamefromcode function in ldebug.c which can cause a local denial
| of service.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2021-44647
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44647
[1] http://lua-users.org/lists/lua-l/2021-11/msg00195.html
[2] http://lua-users.org/lists/lua-l/2021-11/msg00204.html
Regards,
Salvatore
More information about the pkg-lua-devel
mailing list