lua: Security fix for CVE-2019-6706

Source: lua.org MR: 97553 Type: Security Fix Disposition: Backport from http://lua.2524044.n2.nabble.com/CVE-2019-6706-use-after-free-in-lua-upvaluejoin-function-tc7685575.html ChangeID: c939b7edcb54274ab0aeebcb7e3dc9f17cc09c2d Description: Affects < 5.3.5 Fixes: CVE-2019-6706 Signed-off-by: Armin Kuster <akuster808@gmail.com>
2026-06-14 05:49:57 +00:00 · 2019-05-31 18:00:01 -07:00
parent 05360c2a74
commit aaa6eb0bb5
2 changed files with 33 additions and 0 deletions
@@ -7,6 +7,7 @@ HOMEPAGE = "http://www.lua.org/"
 DEPENDS = "readline"
 SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \
           file://lua.pc.in \
+           file://CVE-2019-6706.patch \
           "
 SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', \
           'http://www.lua.org/tests/lua-${PV}-tests.tar.gz;name=tarballtest \