lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


Thanks for the confirmation - I missed that, sorry.

Jakub

On 7/20/20 2:04 PM, Luiz Henrique de Figueiredo wrote:
I was recently investigating the state of CVE-2019-6706, and it seems
that while this was fixed in 5.3 branch [1], it was not forward-ported
to 5.4. Is that the case or am I missing some other change that makes
this nonissue?

The latter. See https://urldefense.com/v3/__http://lua-users.org/lists/lua-l/2020-04/msg00126.html__;!!GqivPVa7Brio!NpeBopQzMtvKoe2dKGDBQlNpFSsUheUMYxvoorCIVUTU57lIIN9nhAA97ZcMiWamiA$