From c6a5a01d787fc097ac5cff45abdf3c37dbc711d5 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 19 Jan 2022 20:38:25 +0100 Subject: Two luajit issues fixed via unstable --- data/CVE/2019.list | 2 +- data/CVE/2020.list | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index a4927cdcfe..267bad929b 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -4417,7 +4417,7 @@ CVE-2019-19393 (The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00 CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly Dot ...) NOT-FOR-US: forDNN.UsersExportImport module for DNN CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit before 2.1. ...) - - luajit (bug #946053; unimportant) + - luajit 2.1.0~beta3+git20210112+dfsg-2 (bug #946053; unimportant) NOTE: https://github.com/LuaJIT/LuaJIT/pull/526 NOTE: Negligible security impact. The debug library is unsafe per se and one is NOTE: not supposed to release an application with the debug library. diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 28d30179db..c61037d125 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -34617,7 +34617,7 @@ CVE-2020-15891 RESERVED CVE-2020-15890 (LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ...) {DLA-2296-1} - - luajit (unimportant; bug #966148) + - luajit 2.1.0~beta3+git20210112+dfsg-2 (unimportant; bug #966148) NOTE: https://github.com/LuaJIT/LuaJIT/issues/601 NOTE: https://github.com/LuaJIT/LuaJIT/commit/53f82e6e2e858a0a62fd1a2ff47e9866693382e6 NOTE: No security impact, only "exploitable" with untrusted Lua code -- cgit v1.2.3