diff options
| -rw-r--r-- | main/lua5.3/APKBUILD | 10 | ||||
| -rw-r--r-- | main/lua5.3/CVE-2019-6706-use-after-free-lua_upvaluejoin.patch | 24 |
2 files changed, 4 insertions, 30 deletions
diff --git a/main/lua5.3/APKBUILD b/main/lua5.3/APKBUILD index 7f27976ce0a..baee38887c9 100644 --- a/main/lua5.3/APKBUILD +++ b/main/lua5.3/APKBUILD @@ -1,9 +1,9 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=lua5.3 _pkgname=lua -pkgver=5.3.5 +pkgver=5.3.6 _luaver=${pkgname#lua} -pkgrel=6 +pkgrel=0 pkgdesc="Powerful light-weight programming language" url="https://www.lua.org/" arch="all" @@ -17,7 +17,6 @@ source="https://www.lua.org/ftp/$_pkgname-$pkgver.tar.gz lua-5.3-make.patch lua-5.3-module_paths.patch linenoise.patch - CVE-2019-6706-use-after-free-lua_upvaluejoin.patch " builddir="$srcdir/$_pkgname-$pkgver" @@ -133,8 +132,7 @@ libs() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr/ } -sha512sums="4f9516acc4659dfd0a9e911bfa00c0788f0ad9348e5724fe8fb17aac59e9c0060a64378f82be86f8534e49c6c013e7488ad17321bafcc787831d3d67406bd0f4 lua-5.3.5.tar.gz +sha512sums="ccc380d5e114d54504de0bfb0321ca25ec325d6ff1bfee44b11870b660762d1a9bf120490c027a0088128b58bb6b5271bbc648400cab84d2dc22b512c4841681 lua-5.3.6.tar.gz 1bc6c623024c1738155b30ff9c0edcce0f336edc25aa20c3a1400c859421ea2015d75175cce8d515e055ac3e96028426b74812e04022af18a0ed4c4601556027 lua-5.3-make.patch bc68772390dc8d8940176af0b9fbacc0af61891b5d27de5f1466a4e7f9b3291a1c08ba5add829bc96b789a53fa5ec2dadaa096ca6eabe54ec27724fa2810940f lua-5.3-module_paths.patch -a2edcf5a41513492edff5fa6e97652e676ceb6c66bb2c6a7e6f345570248d7646167f0172ceb07a74fd9d4a43051ed8244fbd94706dd9f5593f174075592a527 linenoise.patch -fde7f5f5a184cd393665c7c8c7ba3c728e1413df5f63dbe60855af13ddd313d9300720298534f4312638ddf59fa678a38f708bce622dd7a2298b4ed87c068ae7 CVE-2019-6706-use-after-free-lua_upvaluejoin.patch" +a2edcf5a41513492edff5fa6e97652e676ceb6c66bb2c6a7e6f345570248d7646167f0172ceb07a74fd9d4a43051ed8244fbd94706dd9f5593f174075592a527 linenoise.patch" diff --git a/main/lua5.3/CVE-2019-6706-use-after-free-lua_upvaluejoin.patch b/main/lua5.3/CVE-2019-6706-use-after-free-lua_upvaluejoin.patch deleted file mode 100644 index ea26696fda3..00000000000 --- a/main/lua5.3/CVE-2019-6706-use-after-free-lua_upvaluejoin.patch +++ /dev/null @@ -1,24 +0,0 @@ -http://lua.2524044.n2.nabble.com/CVE-2019-6706-use-after-free-in-lua-upvaluejoin-function-tc7685575.html - ---- a/src/lapi.c -+++ b/src/lapi.c -@@ -1285,14 +1285,14 @@ LUA_API void *lua_upvalueid (lua_State * - - LUA_API void lua_upvaluejoin (lua_State *L, int fidx1, int n1, - int fidx2, int n2) { -- LClosure *f1; -- UpVal **up1 = getupvalref(L, fidx1, n1, &f1); -+ UpVal **up1 = getupvalref(L, fidx1, n1, NULL); /* the last parameter not needed */ - UpVal **up2 = getupvalref(L, fidx2, n2, NULL); -+ if (*up1 == *up2) return; /* Already joined */ -+ (*up2)->refcount++; -+ if (upisopen(*up2)) (*up2)->u.open.touched = 1; -+ luaC_upvalbarrier(L, *up2); - luaC_upvdeccount(L, *up1); - *up1 = *up2; -- (*up1)->refcount++; -- if (upisopen(*up1)) (*up1)->u.open.touched = 1; -- luaC_upvalbarrier(L, *up1); - } - - |