openSUSE Optional Update: Security update for moonjit ______________________________________________________________________________ Announcement ID: openSUSE-OU-2020:0225-1 Rating: low References: Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for moonjit fixes the following issues: - Ship fork of luajit with more active upstream - Obsolete/provide lua51-luajit as it was the old luajit name - Version 2.1.2 building on top of 2.1.0-beta3 with following goodies: * fix for CVE-2019-19391 * Support for ppc64 ppc64le s390 s390x - Still carry the patch luajit-lua-versioned.patch to mark it as compatible with lua 5.1, future 2.2 release should contain support for 5.2 and 5.3 release of LUA Patch Instructions: To install this openSUSE Optional Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2020-225=1 Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 s390x x86_64): libluajit-5_1-2-2.1.2-2.1 moonjit-2.1.2-2.1 moonjit-devel-2.1.2-2.1 References: https://www.suse.com/security/cve/CVE-2019-19391.html