1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
|
lua5.4 (5.4.8-1) unstable; urgency=medium
* New upstream release.
* Update the liblua5.4-0 symbols list.
* Bump the standards version to 4.7.2.
-- Sergei Golovan <sgolovan@debian.org> Sun, 10 Aug 2025 11:58:08 +0300
lua5.4 (5.4.7-1) unstable; urgency=medium
* New upstream release.
* Bump the standards version to 4.7.0.
-- Sergei Golovan <sgolovan@debian.org> Thu, 28 Nov 2024 12:14:18 +0300
lua5.4 (5.4.6-3) unstable; urgency=high
[ P. J. McDermott ]
* Fix completely broken C++ library missing all "lua*" function symbols.
0003-extern_C.patch was removed in 5.4.6-1 per request in #1032533,
replacing all the C symbols with C++ mangled names, but the export map
debian/version-script listed only C symbols. (closes: #1063707)
- Extend DEP-8 test to check C++ library.
* Update liblua5.4-dev Recommends from pkg-config to pkgconf.
(Fixes lintian error tag depends-on-obsolete-package)
* Add Rules-Requires-Root: no.
(Fixes lintian pedantic tag silent-on-rules-requiring-root)
* Move "-e" from "#!" line to "set" command in lua5.4 prerm script.
(Fixes lintian pedantic tag maintainer-script-without-set-e)
* Add debian/salsa-ci.yml.
-- Debian Lua Team <pkg-lua-devel@lists.alioth.debian.org> Sun, 11 Feb 2024 07:29:32 -0500
lua5.4 (5.4.6-2) unstable; urgency=medium
* Team upload
[ Lena Voytek ]
* Make some packaging improvements (closes: #1056991)
- Add DEP-8 tests for basic functionality
+ d/t/interpreter: Test lua interpreter
+ d/t/liblua: Test lua C api
- d/p/0001-build-system.patch: Use default test environment:
Instead of overriding testing with libtool which now fails with -dlopen
argument, the original ./$(LUA_T) -v is used as it is works correctly
with 5.4.6
- d/configure.ac: Remove AC_PROG_LIBTOOL entry:
AC_PROG_LIBTOOL is a deprecated macro for initializing libtool. LT_INIT
already covers this functionality so no other action is required.
- d/liblua5.4-0.symbols: Add symbols file for lua 5.4 libraries
[ Gianfranco Costamagna ]
* d/version-script: Export additional missing symbols (closes: #1034800)
* Update watch file to version 4
* Fix some copyright typos
* Drop trailing spaces and newlines
* Add R^3: no
* Use https for copyright machine readable file
* Explicit set -e on prerm and postinst files to please lintian
* Drop priority field on dbg to please lintian
* Drop unused patch to please lintian
* Drop dbg package to please lintian (closes: #1050990)
* Drop quilt and auto* dependencies, already satisfied by newer debhelper
and compat level 13
-- Lena Voytek <lena.voytek@canonical.com> Mon, 27 Nov 2023 08:23:09 -0700
lua5.4 (5.4.6-1) unstable; urgency=medium
* New upstream release (closes: #1041902).
* Remove no longer necessary patches which fixed CVE-2022-28805 and
CVE-2022-33099 in version 5.4.4.
* Refresh patches.
* Fix building the package twice (closes: #1046480).
* Bump the debhelper compatibility level to 13.
* Bump the standards version to 4.6.2.
-- Sergei Golovan <sgolovan@debian.org> Wed, 14 Jun 2023 15:52:06 +0300
lua5.4 (5.4.4-3) unstable; urgency=medium
* Add a patch from upstream which fixes CVE-2022-33099, double free
in a situation when error occurs while handling an error
(closes: #1014935).
-- Sergei Golovan <sgolovan@debian.org> Sun, 17 Jul 2022 14:56:01 +0300
lua5.4 (5.4.4-2) unstable; urgency=medium
* Add a patch from upstream which fixes CVE-2022-28805, segmentation fault
due to a heap overflow when parsing ENV with <const> (closes: #1010265).
-- Sergei Golovan <sgolovan@debian.org> Sat, 30 Apr 2022 07:38:29 +0300
lua5.4 (5.4.4-1) unstable; urgency=medium
* New upstream release. This release fixes the following security bugs:
- CVE-2021-43519, stack overflow in lua_resume of ldo.c in Lua
Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of
Service via a crafted script file (closes: #1000228).
- CVE-2021-44647, Lua 5.4.4 and 5.4.2 are affected by SEGV by type
confusion in funcnamefromcode function in ldebug.c which can cause
a local denial of service (closes: #1004189).
-- Sergei Golovan <sgolovan@debian.org> Mon, 07 Feb 2022 10:34:34 +0300
lua5.4 (5.4.3-1) unstable; urgency=medium
* New upstream release.
* Refresh patches.
-- Sergei Golovan <sgolovan@debian.org> Tue, 17 Aug 2021 10:50:26 +0300
lua5.4 (5.4.2-2) unstable; urgency=medium
* Enable readline support (thanks to Widianto Nur F).
-- Sergei Golovan <sgolovan@debian.org> Tue, 12 Jan 2021 23:02:10 +0300
lua5.4 (5.4.2-1) unstable; urgency=medium
* New upstream release.
* Refresh patches.
-- Sergei Golovan <sgolovan@debian.org> Sun, 06 Dec 2020 14:05:10 +0300
lua5.4 (5.4.1-1) unstable; urgency=medium
* New upstream release. This release fixes the following security bugs:
- CVE-2020-15888, mishandling the interaction between stack resizes
and garbage collection (closes: #972101)
- CVE-2020-24342 allowing a stack redzone cross (closes: #971012)
- CVE-2020-24369 attempting to access debug information via the line
hook of a stripped function (closes: #971013)
- CVE-2020-24370 allowing a negation overflow and segmentation fault
in getlocal and setlocal (closes: #971613)
- CVE-2020-24371 active barriers during sweep phase (closes: #971010)
* Remove no longer necessary patches.
-- Sergei Golovan <sgolovan@debian.org> Sat, 21 Nov 2020 17:58:27 +0300
lua5.4 (5.4.0-2) unstable; urgency=medium
* Add patches by upstream, which fix a few freshly introduced bugs.
-- Sergei Golovan <sgolovan@debian.org> Sat, 18 Jul 2020 18:10:14 +0300
lua5.4 (5.4.0-1) unstable; urgency=medium
* The first upstream release.
-- Sergei Golovan <sgolovan@debian.org> Tue, 30 Jun 2020 16:51:40 +0300
lua5.4 (5.4.0~rc5-1) experimental; urgency=medium
* New upstream release candidate.
-- Sergei Golovan <sgolovan@debian.org> Wed, 17 Jun 2020 12:49:10 +0300
lua5.4 (5.4.0~rc4-1) experimental; urgency=medium
* New upstream release candidate.
-- Sergei Golovan <sgolovan@debian.org> Tue, 02 Jun 2020 23:46:53 +0300
lua5.4 (5.4.0~rc3-1) experimental; urgency=medium
* New upstream release candidate.
-- Sergei Golovan <sgolovan@debian.org> Wed, 20 May 2020 10:12:52 +0300
lua5.4 (5.4.0~rc2-1) experimental; urgency=medium
* New upstream release candidate.
* Refresh patches.
* Bump the standards version to 4.5.0.
* Bump the debhelper compatibility level to 12.
-- Sergei Golovan <sgolovan@debian.org> Wed, 06 May 2020 10:33:50 +0300
lua5.4 (5.4.0~beta-1) experimental; urgency=medium
* New upstream preliminary release.
* Refresh patches.
-- Sergei Golovan <sgolovan@debian.org> Tue, 29 Oct 2019 10:23:48 +0300
lua5.4 (5.4.0~alpha-2) experimental; urgency=medium
* Fix symbols in the linker version script.
* Adapt a patch for lua5.3 by Helmut Grohne to fix FTCBFS. The patch
libtoolizes during build to avoid a dependency on libtool-bin, and
uses triplet-prefixed build tools (closes: #941649).
* Fix the Lua version release number in pkgconfig scripts.
* Add an alternatives for the lua.pc and lua-c++.pc pkgconfig scripts.
-- Sergei Golovan <sgolovan@debian.org> Sun, 13 Oct 2019 10:33:54 +0300
lua5.4 (5.4.0~alpha-1) experimental; urgency=medium
* Initial release (closes: #932316).
-- Sergei Golovan <sgolovan@debian.org> Wed, 17 Jul 2019 18:28:48 +0300
|
