I'm sorry, I don't know what is exploitable by third parties. The obvious questions to ask include: what applications including Lua code take input which could trigger one of the bugs, of which a significant sub-question is: what applications take Lua code as input?
Clearly in principle these bugs could be exploited; whether they can be exploited in any application shipped in Ubuntu is much more difficult to answer. Again, since Lua 5.1.4 is simply a bug-fix release for 5.1.3, which fixes the bugs mentioned on the bugs.html page, and only those bugs, the simplest and safest course of action seems to be to update to it. -- Some security problems (with fixes) https://bugs.launchpad.net/bugs/241652 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs -- universe-bugs mailing list universe-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/universe-bugs
