Updated lua and lua5.1 packages fix security vulnerability
Publication date: 23 Oct 2014Modification date: 23 Oct 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-5461
Description
A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution (CVE-2014-5461).
References
SRPMS
3/core
- lua5.1-5.1.5-2.2.mga3
- lua-5.2.2-1.1.mga3
4/core
- lua5.1-5.1.5-4.1.mga4
- lua-5.2.2-2.1.mga4