Robin H. Johnson – Gentoo Packages

dev-lang/lua: Multiple vulnerabilities (CVE-2019-6706, CVE-2020-{15945,15888,15889,24342,24369,24370,24371})
717780 - Assigned to Gentoo Security
<dev-lang/lua-5.4.4: UAF leading to sandbox escape
835340 - Assigned to Gentoo Security
<dev-util/re2c-3.1: infinite recursion
836372 - Assigned to Gentoo Security
<dev-lang/lua-5.4.6: heap buffer overflow in recursive errors
856463 - Assigned to Gentoo Security
app-backup/rdedup: 'cargo audit' reports one or more bundled CRATES as vulnerable
863992 - Assigned to Gentoo Security
<app-backup/amanda-3.5.4: multiple vulnerabilities
870037 - Assigned to Gentoo Security
dev-lang/lua: heap buffer overread
905319 - Assigned to Gentoo Security
<net-misc/memcached-1.6.22: multiple vulnerabilities
916510 - Assigned to Gentoo Security
<dev-vcs/git-{2.39.4, 2.41.1, 2.43.4, 2.44.1, 2.45.1}: Multiple vulnerabilities
931941 - Assigned to Gentoo Security
<dev-vcs/git-2.45.3: Multiple vulnerabilities
948111 - Assigned to Gentoo Security

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.

Gentoo DeveloperRobin H. Johnson