UbuntuUpdates.org

Package "luajit"

Name: luajit

Description:

Just in time compiler for Lua programming language version 5.1

Latest version: 2.1.0~beta3+dfsg-6ubuntu0.1
Release: jammy (22.04)
Level: security
Repository: universe
Homepage: http://luajit.org

Links


Download "luajit"


Other versions of "luajit" in Jammy

Repository Area Version
base universe 2.1.0~beta3+dfsg-6
updates universe 2.1.0~beta3+dfsg-6ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.1.0~beta3+dfsg-6ubuntu0.1 2026-07-14 17:07:59 UTC

  luajit (2.1.0~beta3+dfsg-6ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: stack-buffer-overflow
    - debian/patches/CVE-2024-25176.patch: fix zero stripping in %g number
      formatting.
    - CVE-2024-25176
  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2024-25177.patch: fix unsinking of IR_FSTORE for NULL
      metatable.
    - CVE-2024-25177
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2024-25178.patch: rework stack overflow handling
    - CVE-2024-25178

 -- Paulo Flabiano Smorigo <email address hidden> Thu, 09 Jul 2026 16:39:16 +0000

CVE-2024-25176 LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.
CVE-2024-25177 LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (Do
CVE-2024-25178 LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c.



About   -   Send Feedback to @ubuntu_updates