Amazon Linux 1 Security Advisory: ALAS-2014-402
Advisory Release Date: 2014-09-17 21:44 Pacific
Advisory Updated Date: 2014-09-19 12:01 Pacific
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.
Affected Packages:
lua
Issue Correction:
Run yum update lua to update your system.
i686:
lua-5.1.4-4.1.9.amzn1.i686
lua-devel-5.1.4-4.1.9.amzn1.i686
lua-debuginfo-5.1.4-4.1.9.amzn1.i686
lua-static-5.1.4-4.1.9.amzn1.i686
src:
lua-5.1.4-4.1.9.amzn1.src
x86_64:
lua-devel-5.1.4-4.1.9.amzn1.x86_64
lua-debuginfo-5.1.4-4.1.9.amzn1.x86_64
lua-static-5.1.4-4.1.9.amzn1.x86_64
lua-5.1.4-4.1.9.amzn1.x86_64