From 076e71e8b4e172e2113b76bdec589a8e36e462e5 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 19 Jan 2022 20:38:25 +0100 Subject: Two luajit issues fixed via unstable --- data/CVE/list.2019 | 2 +- data/CVE/list.2020 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'data') diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index a4927cdcfe..267bad929b 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -4417,7 +4417,7 @@ CVE-2019-19393 (The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00 CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly Dot ...) NOT-FOR-US: forDNN.UsersExportImport module for DNN CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit before 2.1. ...) - - luajit (bug #946053; unimportant) + - luajit 2.1.0~beta3+git20210112+dfsg-2 (bug #946053; unimportant) NOTE: https://github.com/LuaJIT/LuaJIT/pull/526 NOTE: Negligible security impact. The debug library is unsafe per se and one is NOTE: not supposed to release an application with the debug library. diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 28d30179db..c61037d125 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -34617,7 +34617,7 @@ CVE-2020-15891 RESERVED CVE-2020-15890 (LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ...) {DLA-2296-1} - - luajit (unimportant; bug #966148) + - luajit 2.1.0~beta3+git20210112+dfsg-2 (unimportant; bug #966148) NOTE: https://github.com/LuaJIT/LuaJIT/issues/601 NOTE: https://github.com/LuaJIT/LuaJIT/commit/53f82e6e2e858a0a62fd1a2ff47e9866693382e6 NOTE: No security impact, only "exploitable" with untrusted Lua code -- cgit v1.2.3