Re: Is CVE-2019-6706 in Lua 5.4 fixed?

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Is CVE-2019-6706 in Lua 5.4 fixed?
From: Luiz Henrique de Figueiredo <lhf@...>
Date: Mon, 20 Jul 2020 09:04:58 -0300

> I was recently investigating the state of CVE-2019-6706, and it seems
> that while this was fixed in 5.3 branch [1], it was not forward-ported
> to 5.4. Is that the case or am I missing some other change that makes
> this nonissue?

The latter. See http://lua-users.org/lists/lua-l/2020-04/msg00126.html

Follow-Ups:
- Re: Is CVE-2019-6706 in Lua 5.4 fixed?, jakub . kulik

References:
- Is CVE-2019-6706 in Lua 5.4 fixed?, jakub . kulik

Prev by Date: Is CVE-2019-6706 in Lua 5.4 fixed?
Next by Date: Re: Firefox support for Lua?
Previous by thread: Is CVE-2019-6706 in Lua 5.4 fixed?
Next by thread: Re: Is CVE-2019-6706 in Lua 5.4 fixed?
Index(es):
- Date
- Thread