Accepted lua5.4 5.4.4-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 07 Feb 2022 10:34:34 +0300
Source: lua5.4
Architecture: source
Version: 5.4.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Lua Team <pkg-lua-devel@lists.alioth.debian.org>
Changed-By: Sergei Golovan <sgolovan@debian.org>
Closes: 1000228 1004189
Changes:
lua5.4 (5.4.4-1) unstable; urgency=medium
.
* New upstream release. This release fixes the following security bugs:
- CVE-2021-43519, stack overflow in lua_resume of ldo.c in Lua
Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of
Service via a crafted script file (closes: #1000228).
- CVE-2021-44647, Lua 5.4.4 and 5.4.2 are affected by SEGV by type
confusion in funcnamefromcode function in ldebug.c which can cause
a local denial of service (closes: #1004189).
Checksums-Sha1:
6e8dfdd8b67da78258b98b98768dbef1c84c815e 2088 lua5.4_5.4.4-1.dsc
03c27684b9d5d9783fb79a7c836ba1cdc5f309cd 360876 lua5.4_5.4.4.orig.tar.gz
501f28c3b1506bfe327773d38548689c10ae8d46 8496 lua5.4_5.4.4-1.debian.tar.xz
24fbf1721a789f13aeb4fab800b4eefb2589244f 6714 lua5.4_5.4.4-1_amd64.buildinfo
Checksums-Sha256:
30f63e07e0c33d8bf805b90f11e942d6339d6576f5bffba0f152a7ac678b7764 2088 lua5.4_5.4.4-1.dsc
164c7849653b80ae67bec4b7473b884bf5cc8d2dca05653475ec2ed27b9ebf61 360876 lua5.4_5.4.4.orig.tar.gz
feca767028dd67f34d240d5e0cdc3cdd1a6efbb616b771f6c379933ebaef437b 8496 lua5.4_5.4.4-1.debian.tar.xz
182c800514460c5e1a139404a950ebe5faddb56a536bf581ad733a0c5b58e893 6714 lua5.4_5.4.4-1_amd64.buildinfo
Files:
6583b4635c8c2e3f814205ff68b85cf0 2088 interpreters optional lua5.4_5.4.4-1.dsc
bd8ce7069ff99a400efd14cf339a727b 360876 interpreters optional lua5.4_5.4.4.orig.tar.gz
4266da600ac605856a271591193cd4cb 8496 interpreters optional lua5.4_5.4.4-1.debian.tar.xz
e48d68728218ac891d28a57e0f6070a5 6714 interpreters optional lua5.4_5.4.4-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE/SYPsyDB+ShSnvc4Tyrk60tj54cFAmIAzXQACgkQTyrk60tj
54fM7BAAsdpCv35daAOpKcIsRzoCcDRMX9FFVC9tspCU67IJ6nKE4VJT555Cu4TZ
YDNAQGIOMaPCo0ERziKyn+vVXjMX46UQ7DFX+xw58Fty+Hhs7+5yAiQKjEJby2YD
EtvxUJZsMclrnwRYSydazDn19RdABMGP02AF1Jdberjbq1EYKEsdSzLaRTn2xx2c
FLTiI6wsyduUFtbr4e3f8672S0/C3YfacwG0L00+iBqkzHq1he3tJteX9ArkVtxC
D86BIG6s0jIHNju/NYPJgso2g+sHvaWOYWeTRhkRCfd3D0v1DgaFxaLXVqFXHffh
KRkuj5eygIw0p9MJeTJ8bnI9I1KVtFxTBynm8zWKzLDkMqi6wRFy1G1dOjt10bTv
5tf6DtkrXkoURPJQkAn9Yhw5hxmn9CrBPpmm0IQM+SZRAaFLsugL6bexeml+5nQm
A064/LgyPiU+GrciY7ZpQl9+/QjhqmHvbnfItEnOqdeqA76WBnprJyOmq8bNj0Ba
/V9f5f8Be+cCpYmQ3lJHegnzX943WGkUUqNNgkGdhZa6s4EV8tVl2ewZwXJ3iDB6
aOWqKRYWNnABlYClXyQu00M8oSEkNYaFJ09TN1LxsFALL7MXG8GYJlUIYkxgkt+u
Vwr0fD6ctudwsrwJ6j1dvlUnfSwKsfyngfab/7gq0leMUgwE65U=
=s+XE
-----END PGP SIGNATURE-----