system/lua5.3: Patch CVE-2020-24370

1 files changed, 7 insertions, 3 deletions

diff --git a/system/lua5.3/APKBUILD b/system/lua5.3/APKBUILD
index 11e7b4e06..5786668d5 100644
--- a/system/lua5.3/APKBUILD
+++ b/system/lua5.3/APKBUILD
@@ -3,7 +3,7 @@ pkgname=lua5.3
 _pkgname=lua
 pkgver=5.3.5
 _luaver=${pkgname#lua}
-pkgrel=1
+pkgrel=2
 pkgdesc="Embeddable programming language"
 url="https://www.lua.org/"
 arch="all"
@@ -19,12 +19,15 @@ source="https://www.lua.org/ftp/$_pkgname-$pkgver.tar.gz
 	lua-5.3-module_paths.patch
 	linenoise.patch
 	CVE-2019-6706.patch
+	CVE-2020-24370.patch
 	"
 builddir="$srcdir/$_pkgname-$pkgver"
 
 # secfixes: lua
+#   5.3.5-r2:
+#     - CVE-2020-24370
 #   5.3.5-r1:
-#     - CVE-2019-6706.patch
+#     - CVE-2019-6706
 
 prepare() {
 	default_prepare
@@ -132,4 +135,5 @@ sha512sums="4f9516acc4659dfd0a9e911bfa00c0788f0ad9348e5724fe8fb17aac59e9c0060a64
 1bc6c623024c1738155b30ff9c0edcce0f336edc25aa20c3a1400c859421ea2015d75175cce8d515e055ac3e96028426b74812e04022af18a0ed4c4601556027  lua-5.3-make.patch
 bc68772390dc8d8940176af0b9fbacc0af61891b5d27de5f1466a4e7f9b3291a1c08ba5add829bc96b789a53fa5ec2dadaa096ca6eabe54ec27724fa2810940f  lua-5.3-module_paths.patch
 49880d1131b7bd2a3169a26f401769a91d9a6a62cefe68aa5a89097139289588b7ef753535a2d0ba7f45c0369c760554940fd810716b7b1353deace32432fcfe  linenoise.patch
-77755c083630d48404178012d5947230675311a15f0f5e30efa72004edf3124615fa9080b739240213c013efb015689e09ee653a41d560964a3df78a8fe0fd8d  CVE-2019-6706.patch"
+77755c083630d48404178012d5947230675311a15f0f5e30efa72004edf3124615fa9080b739240213c013efb015689e09ee653a41d560964a3df78a8fe0fd8d  CVE-2019-6706.patch
+0c28366d352e3e6660413d16c1deaa0b1c6070170c13d95ae7a48b6b39c728a16d3f2a6068f665b3ec3e17f4f69d006625af074a4ddb51c8f3845d567c0dd809  CVE-2020-24370.patch"