Univention Bugzilla – Bug 35770
lua50: Buffer overflow (3.2)
Last modified: 2015-03-31 14:48:58 CEST
CVE-2014-5461 A buffer overflow in Lua's function parsing allows the execution of arbitrary and as a consequence the breakout of the sandbox.
r13930 | Packport lua51/debian/patches/0004-Fix-stack-overflow-in-vararg-functions.dpatch Package: lua50 Version: 5.0.3-4.13.201410282352 Branch: ucs_3.2-0 Scope: errata3.2-3 r55060 | Bug #35770 LUA: CVE-2014-5461 2014-10-28-lua50.yaml OK: errata-test 10.200.17.X lua50 # amd64 i386
ucs-test: OK YAML: OK Code review: OK UCS 4.0 merge: The package has not been fixed in Debian wheezy. I've cloned this bug: Bug #36332 Test: OK
http://errata.univention.de/ucs/3.2/233.html