summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/lua/lua
Commit message (Collapse)AuthorAgeFilesLines
* lua: update 5.4.4 -> 5.4.6Alexander Kanavin2023-06-272-87/+0
| | | | | | | | | | License-Update: formatting (From OE-Core rev: ae3cfdce20a88748c5ce1fcd46b34e2b88d4de9c) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lua: Backport fix for CVE-2022-33099Khem Raj2022-07-181-0/+61
| | | | | | | | | Fixes stack overflow while handling recurring errors in Lua-stack (From OE-Core rev: caad9d5f7184f0fa60fa7770e5d3da3f533647cb) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lua: Fix multilib buildpath reproducibility issuesRichard Purdie2022-07-081-3/+2
| | | | | | | | | | | | | | | The .pc we install ourselves for lua has hardcoded /lib assumptions in it which means in a multilib environment, full build paths end up in users like rpm's configuration. Fix the .pc file to use a correct includedir and libdir to resolve those reproducibility issues. (From OE-Core rev: 93bee5c74b8d181adf93de4b4101e25d24780603) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lua: fix CVE-2022-28805Steve Sakoman2022-04-191-0/+26
| | | | | | | | | | | | | singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code. https://nvd.nist.gov/vuln/detail/CVE-2022-28805 (From OE-Core rev: d2ba3b8850d461bc7b773240cdf15b22b31a3f9e) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lua: upgrade 5.4.3 -> 5.4.4Alexander Kanavin2022-02-051-43/+0
| | | | | | | (From OE-Core rev: 734cdfddd2d2a0a0e3be2b577bd4175a2abd73e5) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lua: Backport fix for CVE-2021-43396Richard Purdie2021-11-161-0/+43
| | | | | | | | | Backport the fix for CVE-2021-43396 ("C stack overflow with coroutines") from upstream. (From OE-Core rev: e74fb3f7a8171cc1293583241a9ef43a515a9320) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lua: update 5.3.6 -> 5.4.3Alexander Kanavin2021-10-114-361/+0
| | | | | | | | | | | | | Drop three backports and 0001-Allow-building-lua-without-readline-on-Linux.patch (feature added upstream, adjust the recipe accordingly). Adjust ar/ranlib flags for reproducibility on liblua.a. License-Update: lines moved around, formatting (From OE-Core rev: c2cad5ecfbbcee99b3cbe71efeeac9a875b6e5ff) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lua: add a recipe from meta-oeAlexander Kanavin2021-10-116-0/+390
Lua is a hard dependency in rpm 4.17. (From OE-Core rev: b06a2ffb5ded807dbb30078d10740ec294732cad) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>