File: changelog

package info (click to toggle)
lua5.4 5.4.4-3%2Bdeb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 1,772 kB
  • sloc: ansic: 19,877; makefile: 309; sh: 35
file content (132 lines) | stat: -rw-r--r-- 4,596 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
 
lua5.4 (5.4.4-3+deb12u1) bookworm; urgency=medium

  * Non-maintainer upload.
  * debian/version-script: Export additional missing symbols for lua 5.4.4.
    (Closes: #1034800)

 -- Boyuan Yang <byang@debian.org>  Sun, 02 Jun 2024 10:34:23 -0400

lua5.4 (5.4.4-3) unstable; urgency=medium

  * Add a patch from upstream which fixes CVE-2022-33099, double free
    in a situation when error occurs while handling an error
    (closes: #1014935).

 -- Sergei Golovan <sgolovan@debian.org>  Sun, 17 Jul 2022 14:56:01 +0300

lua5.4 (5.4.4-2) unstable; urgency=medium

  * Add a patch from upstream which fixes CVE-2022-28805, segmentation fault
    due to a heap overflow when parsing ENV with <const> (closes: #1010265).

 -- Sergei Golovan <sgolovan@debian.org>  Sat, 30 Apr 2022 07:38:29 +0300

lua5.4 (5.4.4-1) unstable; urgency=medium

  * New upstream release. This release fixes the following security bugs:
    - CVE-2021-43519, stack overflow in lua_resume of ldo.c in Lua
      Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of
      Service via a crafted script file (closes: #1000228).
    - CVE-2021-44647, Lua 5.4.4 and 5.4.2 are affected by SEGV by type
      confusion in funcnamefromcode function in ldebug.c which can cause
      a local denial of service (closes: #1004189).

 -- Sergei Golovan <sgolovan@debian.org>  Mon, 07 Feb 2022 10:34:34 +0300

lua5.4 (5.4.3-1) unstable; urgency=medium

  * New upstream release.
  * Refresh patches.

 -- Sergei Golovan <sgolovan@debian.org>  Tue, 17 Aug 2021 10:50:26 +0300

lua5.4 (5.4.2-2) unstable; urgency=medium

  * Enable readline support (thanks to Widianto Nur F).

 -- Sergei Golovan <sgolovan@debian.org>  Tue, 12 Jan 2021 23:02:10 +0300

lua5.4 (5.4.2-1) unstable; urgency=medium

  * New upstream release.
  * Refresh patches.

 -- Sergei Golovan <sgolovan@debian.org>  Sun, 06 Dec 2020 14:05:10 +0300

lua5.4 (5.4.1-1) unstable; urgency=medium

  * New upstream release. This release fixes the following security bugs:
    - CVE-2020-15888, mishandling the interaction between stack resizes
      and garbage collection (closes: #972101)
    - CVE-2020-24342 allowing a stack redzone cross (closes: #971012)
    - CVE-2020-24369 attempting to access debug information via the line
      hook of a stripped function (closes: #971013)
    - CVE-2020-24370 allowing a negation overflow and segmentation fault
      in getlocal and setlocal (closes: #971613)
    - CVE-2020-24371 active barriers during sweep phase (closes: #971010)
  * Remove no longer necessary patches.

 -- Sergei Golovan <sgolovan@debian.org>  Sat, 21 Nov 2020 17:58:27 +0300

lua5.4 (5.4.0-2) unstable; urgency=medium

  * Add patches by upstream, which fix a few freshly introduced bugs.

 -- Sergei Golovan <sgolovan@debian.org>  Sat, 18 Jul 2020 18:10:14 +0300

lua5.4 (5.4.0-1) unstable; urgency=medium

  * The first upstream release.

 -- Sergei Golovan <sgolovan@debian.org>  Tue, 30 Jun 2020 16:51:40 +0300

lua5.4 (5.4.0~rc5-1) experimental; urgency=medium

  * New upstream release candidate.

 -- Sergei Golovan <sgolovan@debian.org>  Wed, 17 Jun 2020 12:49:10 +0300

lua5.4 (5.4.0~rc4-1) experimental; urgency=medium

  * New upstream release candidate.

 -- Sergei Golovan <sgolovan@debian.org>  Tue, 02 Jun 2020 23:46:53 +0300

lua5.4 (5.4.0~rc3-1) experimental; urgency=medium

  * New upstream release candidate.

 -- Sergei Golovan <sgolovan@debian.org>  Wed, 20 May 2020 10:12:52 +0300

lua5.4 (5.4.0~rc2-1) experimental; urgency=medium

  * New upstream release candidate.
  * Refresh patches.
  * Bump the standards version to 4.5.0.
  * Bump the debhelper compatibility level to 12.

 -- Sergei Golovan <sgolovan@debian.org>  Wed, 06 May 2020 10:33:50 +0300

lua5.4 (5.4.0~beta-1) experimental; urgency=medium

  * New upstream preliminary release.
  * Refresh patches.

 -- Sergei Golovan <sgolovan@debian.org>  Tue, 29 Oct 2019 10:23:48 +0300

lua5.4 (5.4.0~alpha-2) experimental; urgency=medium

  * Fix symbols in the linker version script.
  * Adapt a patch for lua5.3 by Helmut Grohne to fix FTCBFS. The patch
    libtoolizes during build to avoid a dependency on libtool-bin, and
    uses triplet-prefixed build tools (closes: #941649).
  * Fix the Lua version release number in pkgconfig scripts.
  * Add an alternatives for the lua.pc and lua-c++.pc pkgconfig scripts.

 -- Sergei Golovan <sgolovan@debian.org>  Sun, 13 Oct 2019 10:33:54 +0300

lua5.4 (5.4.0~alpha-1) experimental; urgency=medium

  * Initial release (closes: #932316).

 -- Sergei Golovan <sgolovan@debian.org>  Wed, 17 Jul 2019 18:28:48 +0300