[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Lua marked as insecure by Secunia
- From: Karel Tuma <kat@...>
- Date: Thu, 11 Sep 2014 03:08:15 +0200
Excerpts from Rena's message of 2014-09-11 02:46:35 +0200:
> On Wed, Sep 10, 2014 at 8:40 PM, Tim Channon <tc@gpsl.net> wrote:
> > Secunia, one of the major security companies are flagging Lua 5.1.5 as
> > insecure.
> > http://secunia.com/advisories/product/35758/?task=advisories_2014
> Too bad you need to log in to see any information.
That's just automated CVE parroting spam they do (CVE-2014-5461 [1]), the bug was
fixed long ago [2].
The fact that RedHat bothered enough to get this CVEd so long past due
might be a sign Lua is now mainstream enough :)
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1132304
[2] http://lua-users.org/lists/lua-l/2013-04/msg00503.html