-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:144
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : lua
Date : March 29, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated lua and lua5.1 packages fix security vulnerability:
A heap-based overflow vulnerability was found in the way Lua handles
varargs functions with many fixed parameters called with few arguments,
leading to application crashes or, potentially, arbitrary code
execution (CVE-2014-5461).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461
http://advisories.mageia.org/MGASA-2014-0414.html
_________________________________________