[pkg-lua-devel] Lua security vulnerabilities in bullseye - plan for resolving?
Jérémy Lal
kapouer at melix.org
Wed Sep 28 22:57:33 BST 2022
Le mer. 28 sept. 2022 à 23:46, David W. Kennedy <dave_k at reasoned.us> a
écrit :
> On 2022-09-26 00:36, David W. Kennedy wrote:
> > Debian Tracker indicates that Lua5.1, 5.2, 5.3 and 5.4 have unresolved
> > security vulnerabilities in bullseye.
> >
> > Is there a plan for resolving these vulnerabilities? I looked through
> > the security and security-announce mailing list archives, and I don't
> > see discussion of lua in the past 2 years.
>
> Can you please send a minimal reply so I know whether you're taking
> action on this, and what the ETA is? Are more volunteers needed to help
> with this issue?
Yes, I can't speak for the others, but the absence of answers indicates
the last maintainers of lua are busy doing something else right now.
Assessing and classifying those vulnerabilities would be a good start to
help.
Thanks,
Jérémy
More information about the pkg-lua-devel
mailing list