ALSA-2019:3706

[ALSA-2019:3706] Moderate: lua security and bug fix update

Type:

security

Severity:

moderate

Release date:

2021-08-11

Description:

The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language.

Security Fix(es):

* lua: use-after-free in lua_upvaluejoin in lapi.c resulting in denial of service (CVE-2019-6706)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

CVE-2019-6706

Updated packages listed below:

Architecture	Package	Checksum
i686	lua-devel-5.3.4-11.el8.i686.rpm	4110f28ef669e0144751bd58102b309594e1d5bf8c2ad199e4d80f59f2645438
i686	lua-5.3.4-11.el8.i686.rpm	ef36703181d1888648c0caa2f0d85ebdd5ee46846abb60278e09363f0db11f45
x86_64	lua-devel-5.3.4-11.el8.x86_64.rpm	9a9118c50f62c3137c573ef7dd6e3203b38b1039c902430a6f1042e0a1c113e5

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.