[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug#991691: Possible CVE-2014-5461 in grub2
From: |
Daniel Kiper |
Subject: |
Re: Bug#991691: Possible CVE-2014-5461 in grub2 |
Date: |
Mon, 9 Aug 2021 13:58:04 +0200 |
User-agent: |
NeoMutt/20170113 (1.7.2) |
Hi,
On Fri, Jul 30, 2021 at 08:55:06PM +0400, Movses Tovmasyan wrote:
> Package: grub2
> Version: 2.02~beta3-5+deb9u2
> Tags: patch
>
> grub2 uses the obsolete version of minilua
> (single-file port of Lua) which has CVE-2014-5461
> Patch attached below.
Thanks for the report. This patch does not apply to the GRUB upstream
because it does not contain the Lua support.
Daniel
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: Bug#991691: Possible CVE-2014-5461 in grub2,
Daniel Kiper <=