Fedora 42: lua-http CVE-2023-4540 Critical DoS Mitigation

fedora

June 4, 2025

lua-http fix of CVE-2023-4540

Summary

lua-http is an efficient, capable HTTP and WebSocket library for Lua.

Update Information:

lua-http fix of CVE-2023-4540

Topics Covered

security advisory update Fedora DoS attack CVE fix lua-http

Change Log

* Mon May 26 2025 Jakub RuÅ¾iÄka - 0.3-17 - Fix CVE-2023-4540 (rhbz#2237419)

References

[ 1 ] Bug #2237419 - CVE-2023-4540 lua-http: lua-http library allows Excessive Allocation and a denial of service (DoS) attack https://bugzilla.redhat.com/show_bug.cgi?id=2237419

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-82090f2bcc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: lua-http

Product: Fedora 42

Version: 0.3

Release: 17.fc42

URL: https://github.com/daurnimator/lua-http

Summary: HTTP library for Lua

Topics Covered

security advisory update Fedora DoS attack CVE fix lua-http

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Fedora 42: lua-http CVE-2023-4540 Critical DoS Mitigation

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Fedora 42: lua-http CVE-2023-4540 Critical DoS Mitigation

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!