========================================================================== Ubuntu Security Notice USN-4501-1 September 15, 2020 luajit vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: LuaJIT could be made crash or expose sensitive information if it received specially crafted input. Software Description: - luajit: Just in time compiler for Lua programming language version 5.1 Details: It was discovered that an out-of-bounds read existed in LuaJIT. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2020-15890) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libluajit-5.1-2 2.0.4+dfsg-1+deb9u1build0.16.04.1 libluajit-5.1-common 2.0.4+dfsg-1+deb9u1build0.16.04.1 libluajit-5.1-dev 2.0.4+dfsg-1+deb9u1build0.16.04.1 luajit 2.0.4+dfsg-1+deb9u1build0.16.04.1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4501-1 CVE-2020-15890 Package Information: https://launchpad.net/ubuntu/+source/luajit/2.0.4+dfsg-1+deb9u1build0.16.04.1