Advisories ยป MGASA-2014-0414

Updated lua and lua5.1 packages fix security vulnerability

Publication date: 23 Oct 2014
Modification date: 23 Oct 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-5461

Description

A heap-based overflow vulnerability was found in the way Lua handles varargs
functions with many fixed parameters called with few arguments, leading to
application crashes or, potentially, arbitrary code execution (CVE-2014-5461).
                

References

SRPMS

3/core

4/core