| Release | Version |
|---|---|
| stretch | 5.3.3-1 |
| stretch (security) | 5.3.3-1+deb9u1 |
| buster | 5.3.3-1.1 |
| bullseye | 5.3.3-1.1 |
| sid | 5.3.3-1.1 |
| Bug | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|
| CVE-2020-24370 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation faul ... |
| CVE-2019-6706 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable | Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For examp ... |
| Bug | Description |
|---|---|
| CVE-2020-24371 | lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the ... |
| CVE-2020-15945 | Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c ... |
| DSA / DLA | Description |
|---|---|
| DLA-2381-1 | lua5.3 - security update |