[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted luajit 2.1.0~beta3+dfsg-5.3+deb11u1 (source) into oldoldstable-security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 Aug 2025 02:20:13 +0200
Source: luajit
Architecture: source
Version: 2.1.0~beta3+dfsg-5.3+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Enrico Tassi <gareuselesinge@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 946053 966148
Changes:
 luajit (2.1.0~beta3+dfsg-5.3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2019-19391: debug.getinfo has a type confusion issue that leads to
     arbitrary memory write or read operations, because certain cases involving
     valid stack levels and `>` options are mishandled. (Closes: #946053)
   * Fix CVE-2020-15890: Out-of-bounds read because __gc handler frame
     traversal is mishandled. (Closes: #966148)
   * Fix CVE-2020-24372: Out-of-bounds read in lj_err_run() in lj_err.c.
   * Fix CVE-2024-25176: Stack-buffer-overflow in lj_strfmt_wfnum() in
     lj_strfmt_num.c.
   * Fix CVE-2024-25177: Unsinking of IR_FSTORE for NULL metatable, which leads
     to Denial of Service.
   * Fix CVE-2024-25178: Out-of-bounds read in the stack-overflow handler in
     lj_state.c.
   * Add upstream fixes for lua_yield() from C hook.
   * Backport DEP-8 tests from bookworm.
Checksums-Sha1:
 8b1bbe94238034e998b0229a215afdb4b79bf384 2547 luajit_2.1.0~beta3+dfsg-5.3+deb11u1.dsc
 015b100f982c6a16c31f71a765034d4e111cff14 975266 luajit_2.1.0~beta3+dfsg.orig.tar.gz
 2162352882869b88a645e9e3442681db182633fd 49916 luajit_2.1.0~beta3+dfsg-5.3+deb11u1.debian.tar.xz
 ef32ca269e69bfb014acf6cd2d5cdd57b92a3edd 7941 luajit_2.1.0~beta3+dfsg-5.3+deb11u1_amd64.buildinfo
Checksums-Sha256:
 a83210059e8bbba458bfe04e974cdf29f0f8644f916489a24feb8366dcce475c 2547 luajit_2.1.0~beta3+dfsg-5.3+deb11u1.dsc
 46589f8a1742d04fc33f309343d9521b32d6d29515a34c6609e2f76932b1b7df 975266 luajit_2.1.0~beta3+dfsg.orig.tar.gz
 02611200a197db0fbdbc0f2b5df169eff8305218c299bc34801174d6bc5847dd 49916 luajit_2.1.0~beta3+dfsg-5.3+deb11u1.debian.tar.xz
 d1948e69d5df0b4c418beac9514b7844209bf45be3fd402301f87003e8a33ff6 7941 luajit_2.1.0~beta3+dfsg-5.3+deb11u1_amd64.buildinfo
Files:
 49f6f07c7853ab319928564da7637b9c 2547 interpreters optional luajit_2.1.0~beta3+dfsg-5.3+deb11u1.dsc
 cfc72c269908dd7b11e574f717e8000e 975266 interpreters optional luajit_2.1.0~beta3+dfsg.orig.tar.gz
 89859aba7b71c90c9606b25155855097 49916 interpreters optional luajit_2.1.0~beta3+dfsg-5.3+deb11u1.debian.tar.xz
 95f4084919da3f3e427fca3681613e9d 7941 interpreters optional luajit_2.1.0~beta3+dfsg-5.3+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmism1AACgkQ05pJnDwh
pVIemw//f7Iy3QQes7FxlP/hmg5ZWLo6d5etS6KHeP60eYCS54inj3ELEnVT8tu7
MkrxRsMxZoyfM5jQLhCwdl7JKP5JwN6PZVYACwCIzmMLxFRqEV45jlnh7/fPStVp
QclklZhg56M7royth2i4KqPQ/C0TSx5a1Hr7oYbGNFiQX8F95dHQR+IY3T3ixusD
8pg14fdosrmXRMxqFIiQ0o51MgOkT9EL/Dt1nOYVoTvTAJ7J6E7fqHVJO5f/I8tR
jdQDRCJNR/hDxrWvgd+vKzVIM3++3vn0o5K9deez8hRkDv/Q/wC3ksqzIKn6sNZ4
rwB9pBMz3BCbOVXlqnn8LY+C7ygtKtBXYSRTdh+wCq98r20xKFCWu58krIN/9rQN
ipeNPsb+JS/qoFAEeesEHoWdmN7Z5apxoCwQJErNkQtxUvBm0Q4aIx3ZDvGYj1LP
BpgncqOOLSsXxwj/SxHdO5QKhAV0Nu1DDDdV8nEFoViXjKzBQbizffwx0frPtYOY
ogIJCGjSsi/0f2zGxMMc6EBpZG0NUAtEUQ9DQQCUX4wXMdTtauZft4i0W0oXUY9i
sWsLFhzuly7MswrP3zrlJf+KzLqQcrMPLHeP/wbu7Gl0rin61nxFaJrOpOSZG8U6
DWsnltuejoUK6DcBSUjmL58sKgvAC8ShGG13Es0lTCwAV9G0BuQ=
=RnUl
-----END PGP SIGNATURE-----

Attachment: pgpHV3NLqNu9t.pgp
Description: PGP signature

Reply to: