openresty

About this tag
OpenResty is a web platform that integrates LuaJIT, a high-performance just-in-time compiler for the Lua language. A recent vulnerability, CVE-2024-25176, involves a stack-buffer-overflow in LuaJIT's number-formatting code, affecting OpenResty's luajit2 builds. Microsoft's Azure Linux distribution includes the vulnerable library, and the company has issued a patch guide for OpenResty users. This tag covers discussions about OpenResty security, patching, and its integration with Microsoft's Linux ecosystem.
  1. CVE-2024-25176: LuaJIT Stack Overflow in Azure Linux OpenResty Patch Guide

    LuaJIT — the high-performance JIT-based implementation of the Lua language — has a serious stack-buffer-overflow vulnerability (CVE-2024-25176) in the number-formatting code that affects releases through 2.1 and related OpenResty luajit2 builds. Microsoft’s initial advisory notes that the Azure...