Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 39: FEDORA-2024-a84c59eedc Critical: lua-mpack Buffer Overrun

fedora
Calendar Grey September 6, 2024
Dist Fedora Esm H88
To fix a buffer overrun vulnerability in lua-mpack on Fedora 39, follow the steps for updating, patching, recompiling, and testing the library
Fix buffer overrun when giving an offset to Session:receive

Summary

mpack is a small binary serialization/RPC library that implements

both the msgpack and msgpack-rpc specifications.

Update Information:

Fix buffer overrun when giving an offset to Session:receive

Topics%20covered

Topics Covered

security advisory critical software update Fedora buffer overrun advisory lua-mpack

Change Log

* Fri Aug 30 2024 Michel Lind - 1.0.12-1 - Update to version 1.0.12; Fixes: RHBZ#2263242 * Thu Jul 18 2024 Fedora Release Engineering - 1.0.11-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Thu Jan 25 2024 Fedora Release Engineering - 1.0.11-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering - 1.0.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

References


[ 1 ] Bug #2263242 - lua-mpack-1.0.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2263242

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-a84c59eedc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: lua-mpack
Product: Fedora 39
Version: 1.0.12
Release: 1.fc39
URL: https://github.com/libmpack/libmpack-lua
Summary: Implementation of MessagePack for Lua

Topics%20covered

Topics Covered

security advisory critical software update Fedora buffer overrun advisory lua-mpack

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here