Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Monitor
Service Desk
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
alpine
aports
Commits
cb41109f
Commit
cb41109f
authored
4 years ago
by
Leo
Browse files
Options
Downloads
Patches
Plain Diff
main/luajit: fix CVE-2020-15890
see
#11872
parent
e8e43fb9
No related branches found
No related tags found
1 merge request
!15574
main/luajit: fix CVE-2020-15890
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
main/luajit/APKBUILD
+10
-3
10 additions, 3 deletions
main/luajit/APKBUILD
main/luajit/CVE-2020-15890.patch
+22
-0
22 additions, 0 deletions
main/luajit/CVE-2020-15890.patch
with
32 additions
and
3 deletions
main/luajit/APKBUILD
+
10
−
3
View file @
cb41109f
...
...
@@ -3,7 +3,7 @@
pkgname
=
luajit
_pkgname
=
moonjit
pkgver
=
2.2.0
pkgrel
=
2
pkgrel
=
3
pkgdesc
=
"Integration fork of the original LuaJIT"
url
=
"https://github.com/moonjit/moonjit"
arch
=
"all"
...
...
@@ -12,9 +12,15 @@ provides="lua"
subpackages
=
"
$pkgname
-dev
$pkgname
-doc"
source
=
"
$_pkgname
-
$pkgver
.tar.gz::https://github.com/moonjit/moonjit/archive/
$pkgver
.tar.gz
10-module-paths.patch
20-src-lib_string.patch"
20-src-lib_string.patch
CVE-2020-15890.patch
"
builddir
=
"
$srcdir
/
$_pkgname
-
$pkgver
"
# secfixes:
# 2.2.0-r3:
# - CVE-2020-15890
build
()
{
make amalg
PREFIX
=
/usr
}
...
...
@@ -43,4 +49,5 @@ package() {
sha512sums
=
"a940dd9973801f7067e376d62ec70ab5fbf635f59c648dcb45072f55290a6752abb3b1fa307bdd81d4bf05c719338e8fbda143f62861c61cb66b34cc9e8e7d54 moonjit-2.2.0.tar.gz
9c6c410e142838c5128c70570e66beb53cc5422df5ecfb8ab0b5f362637b21ab5978c00f19bc1759165df162fd6438a2ed43e25020400011b7bb14014d87c62e 10-module-paths.patch
9d87e944580fe7a3c24e043012dbdacf5141bafb5ea83dc141c42f6641b8df117d1779c3c50ee9fccc58e625a0bc04c64dd75ab0c1815bbbf2a2e645ec0ff85e 20-src-lib_string.patch"
9d87e944580fe7a3c24e043012dbdacf5141bafb5ea83dc141c42f6641b8df117d1779c3c50ee9fccc58e625a0bc04c64dd75ab0c1815bbbf2a2e645ec0ff85e 20-src-lib_string.patch
d227f22f1b7776f36b8a1e1471e6fcb3a2442037e09fcd0f4d489c3853a5cb2916b02cd6ab0194105989502b76bcb03e97ea1825d21212a534344afe96e3448c CVE-2020-15890.patch"
This diff is collapsed.
Click to expand it.
main/luajit/CVE-2020-15890.patch
0 → 100644
+
22
−
0
View file @
cb41109f
From 53f82e6e2e858a0a62fd1a2ff47e9866693382e6 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Sun, 12 Jul 2020 14:30:34 +0200
Subject: [PATCH] Fix frame traversal for __gc handler frames.
Reported by Changochen.
---
src/lj_err.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/lj_err.c b/src/lj_err.c
index caa7487f2..e3e0c2eb7 100644
--- a/src/lj_err.c
+++ b/src/lj_err.c
@@ -529,6 +529,7 @@
static ptrdiff_t finderrfunc(lua_State *L)
if (cframe_canyield(cf)) return 0;
if (cframe_errfunc(cf) >= 0)
return cframe_errfunc(cf);
+ cf = cframe_prev(cf);
frame = frame_prevd(frame);
break;
case FRAME_PCALL:
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
