A heap-based overflow vulnerability was found in the way Lua, a simple, extensible, embeddable programming language, handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution. For the stable distribution (wheezy), this problem has been fixed in version 5.1.5-4+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 5.1.5-7. We recommend that you upgrade your lua5.1 packages.
A heap-based overflow vulnerability was found in the way Lua, a simple, extensible, embeddable programming language, handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution.
For the stable distribution (wheezy), this problem has been fixed in version 5.1.5-4+deb7u1.
For the unstable distribution (sid), this problem has been fixed in version 5.1.5-7.
We recommend that you upgrade your lua5.1 packages.