Bug 1175339 - (CVE-2020-24342) VUL-1: CVE-2020-24342: lua,lua51,lua53,lua54: a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row
(CVE-2020-24342)
VUL-1: CVE-2020-24342: lua,lua51,lua53,lua54: a stack redzone cross in luaO_p...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.3
Other Other
: P4 - Low : Minor (vote)
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/265279/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-08-17 09:07 UTC by Robert Frohl
Modified: 2020-10-27 16:19 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Robert Frohl 2020-08-17 09:09:00 UTC
Only affects Tumbleweed, the older versions do not yet carry the affected code.
Comment 2 Callum Farmer 2020-08-17 09:33:46 UTC
OK will be fixed.

CF
Comment 3 OBSbugzilla Bot 2020-08-17 10:40:06 UTC
This is an autogenerated message for OBS integration:
This bug (1175339) was mentioned in
https://build.opensuse.org/request/show/827296 Factory / lua54
Comment 4 OBSbugzilla Bot 2020-08-18 14:50:06 UTC
This is an autogenerated message for OBS integration:
This bug (1175339) was mentioned in
https://build.opensuse.org/request/show/827610 Factory / lua54
Comment 5 OBSbugzilla Bot 2020-08-18 15:30:12 UTC
This is an autogenerated message for OBS integration:
This bug (1175339) was mentioned in
https://build.opensuse.org/request/show/827619 Factory / lua54
Comment 6 Callum Farmer 2020-08-21 09:21:04 UTC
COMPLETED
Comment 7 Callum Farmer 2020-09-23 12:38:03 UTC
COMPLETED
Comment 8 Alexandros Toptsoglou 2020-10-27 16:19:25 UTC
Done