Fixes MAISTRA-2199: update lua-jit for maistra 2.0 #79
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
cherry-pick/port of ffa2f17
dependencies: bump LuaJIT to 2.1 branch HEAD @ e9af1ab. (#13474)
LuaJIT 2.1.0-beta3 has the following CVEs, which don't appear
super critical for correctly functioning Lua code but prudence dictates
we should bump anyway:
CVE-2020-15890: LuaJit through 2.1.0-beta3 has an out-of-bounds read
because __gc handler frame traversal is mishandled.
CVE-2020-24372: LuaJIT through 2.1.0-beta3 has an out-of-bounds read
in lj_err_run in lj_err.c.
There is no release version beyond 2.1.0-beta3, so using HEAD of 2.1
branch.
Risk level: Medium (if using LuaJIT).
Testing: bazel test //test/... Some unit tests required fixups due to
changes in Lua header map table ordering.
Signed-off-by: Harvey Tuch htuch@google.com
Co-authored-by: Michael Payne michael@sooper.org
Co-authored-by: William A Rowe Jr wrowe@vmware.com