MGASA-2020-0362 - Updated lua and lua5.3 packages fix security vulnerability

Publication date: 04 Sep 2020
URL: https://advisories.mageia.org/MGASA-2020-0362.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-24370

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault
in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
(CVE-2020-24370)

References:
- https://bugs.mageia.org/show_bug.cgi?id=27213
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24370

SRPMS:
- 7/core/lua-5.2.4-3.1.mga7
- 7/core/lua5.3-5.3.5-2.1.mga7