Re: Lua marked as insecure by Secunia

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Lua marked as insecure by Secunia
From: Karel Tuma <kat@...>
Date: Thu, 11 Sep 2014 03:08:15 +0200

Excerpts from Rena's message of 2014-09-11 02:46:35 +0200:
> On Wed, Sep 10, 2014 at 8:40 PM, Tim Channon <tc@gpsl.net> wrote:
> > Secunia, one of the major security companies are flagging Lua 5.1.5 as
> > insecure.
> > http://secunia.com/advisories/product/35758/?task=advisories_2014
> Too bad you need to log in to see any information.

That's just automated CVE parroting spam they do (CVE-2014-5461 [1]), the bug was
fixed long ago [2].

The fact that RedHat bothered enough to get this CVEd so long past due
might be a sign Lua is now mainstream enough :)

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1132304
[2] http://lua-users.org/lists/lua-l/2013-04/msg00503.html

References:
- Lua marked as insecure by Secunia, Tim Channon
- Re: Lua marked as insecure by Secunia, Rena

Prev by Date: Re: Lua marked as insecure by Secunia
Next by Date: Re: error() or nil, 'error msg'
Previous by thread: Re: Lua marked as insecure by Secunia
Next by thread: Re: Lua marked as insecure by Secunia
Index(es):
- Date
- Thread