[Midnightbsd-cvs] [MidnightBSD/src] 585f3b: lua 5.4.7: fix CVE-2021-43519 (C stack overflow in...
Lucas Holt
noreply at github.com
Wed Jun 10 22:14:26 EDT 2026
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: 585f3b4ae94cb8f8abc4d18f213697ad0d10989a
https://github.com/MidnightBSD/src/commit/585f3b4ae94cb8f8abc4d18f213697ad0d10989a
Author: Lucas Holt <luke at foolishgames.com>
Date: 2026-06-10 (Wed, 10 Jun 2026)
Changed paths:
M contrib/lua/README
A contrib/lua/doc/OSIApproved_100X125.png
M contrib/lua/doc/contents.html
M contrib/lua/doc/lua.1
M contrib/lua/doc/lua.css
M contrib/lua/doc/manual.html
M contrib/lua/doc/readme.html
M contrib/lua/src/Makefile
M contrib/lua/src/lapi.c
M contrib/lua/src/lapi.h
M contrib/lua/src/lauxlib.c
M contrib/lua/src/lauxlib.h
M contrib/lua/src/lbaselib.c
M contrib/lua/src/lcode.c
M contrib/lua/src/lcode.h
M contrib/lua/src/lcorolib.c
M contrib/lua/src/ldblib.c
M contrib/lua/src/ldebug.c
M contrib/lua/src/ldebug.h
M contrib/lua/src/ldo.c
M contrib/lua/src/ldo.h
M contrib/lua/src/ldump.c
M contrib/lua/src/lfunc.c
M contrib/lua/src/lfunc.h
M contrib/lua/src/lgc.c
M contrib/lua/src/lgc.h
M contrib/lua/src/liolib.c
M contrib/lua/src/llex.c
M contrib/lua/src/llimits.h
M contrib/lua/src/lmathlib.c
M contrib/lua/src/lmem.c
M contrib/lua/src/loadlib.c
M contrib/lua/src/lobject.c
M contrib/lua/src/lobject.h
M contrib/lua/src/lopcodes.h
M contrib/lua/src/loslib.c
M contrib/lua/src/lparser.c
M contrib/lua/src/lparser.h
M contrib/lua/src/lstate.c
M contrib/lua/src/lstate.h
M contrib/lua/src/lstring.c
M contrib/lua/src/lstrlib.c
M contrib/lua/src/ltable.c
M contrib/lua/src/ltable.h
M contrib/lua/src/ltablib.c
M contrib/lua/src/ltm.c
M contrib/lua/src/lua.c
M contrib/lua/src/lua.h
M contrib/lua/src/luac.c
M contrib/lua/src/luaconf.h.dist
M contrib/lua/src/lualib.h
M contrib/lua/src/lundump.c
M contrib/lua/src/lundump.h
M contrib/lua/src/lutf8lib.c
M contrib/lua/src/lvm.c
M contrib/lua/src/lvm.h
M lib/liblua/luaconf.h
M stand/liblua/luaconf.h
Log Message:
-----------
lua 5.4.7: fix CVE-2021-43519 (C stack overflow in lua_resume)
Update contrib/lua from 5.4.2 to 5.4.7. The key security fix is in
ldo.c: lua_resume() now checks for C stack overflow before resuming a
coroutine, preventing a stack overflow via maliciously crafted scripts.
Update lib/liblua/luaconf.h and stand/liblua/luaconf.h to account for
5.4.7 changes: luai_likely/luai_unlikely moved from llimits.h to
luaconf.h, and new LUA_IGMARK define added.
Co-Authored-By: Claude Sonnet 4.6 <noreply at anthropic.com>
Commit: 21fef6098a657f8903ccc8d047773b829ac23621
https://github.com/MidnightBSD/src/commit/21fef6098a657f8903ccc8d047773b829ac23621
Author: Lucas Holt <luke at foolishgames.com>
Date: 2026-06-10 (Wed, 10 Jun 2026)
Changed paths:
M UPDATING
Log Message:
-----------
UPDATING: note lua 5.4.7 CVE-2021-43519
Co-Authored-By: Claude Sonnet 4.6 <noreply at anthropic.com>
Compare: https://github.com/MidnightBSD/src/compare/c0f06b62ca31...21fef6098a65
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list