Luanti vulnerabilities
Published: Tue, 02 Jun 2026 12:48
Summary
Several security issues were fixed in Luanti.
Details
It was discovered that Luanti, when using LuaJIT, did not properly enforce Lua sandbox restrictions. An attacker could possibly use this issue to execute arbitrary code. (CVE-2026-40959) It was discovered that Luanti did not properly restrict access to insecure environments. An attacker could possibly use this issue to obtain unintended access to the insecure environment or HTTP API. (CVE-2026-40960)
Recommended actions per Ubuntu release
StackPatch playbook auto-generated per release codename and per affected package.
Ubuntu questing
luanti→5.10.0+dfsg-5+deb13u1build0.25.10.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y luanti
Most apt upgrades restart their service automatically. needrestart lists anything else.
luanti→5.10.0+dfsg-5+deb13u1build0.25.10.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y luanti
Most apt upgrades restart their service automatically. needrestart lists anything else.
luanti-data→5.10.0+dfsg-5+deb13u1build0.25.10.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y luanti-data
Most apt upgrades restart their service automatically. needrestart lists anything else.
luanti-server→5.10.0+dfsg-5+deb13u1build0.25.10.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y luanti-server
Most apt upgrades restart their service automatically. needrestart lists anything else.
minetest→5.10.0+dfsg-5+deb13u1build0.25.10.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y minetest
Most apt upgrades restart their service automatically. needrestart lists anything else.
minetest-data→5.10.0+dfsg-5+deb13u1build0.25.10.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y minetest-data
Most apt upgrades restart their service automatically. needrestart lists anything else.
minetest-server→5.10.0+dfsg-5+deb13u1build0.25.10.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y minetest-server
Most apt upgrades restart their service automatically. needrestart lists anything else.
Ubuntu resolute
luanti→5.10.0+dfsg-5+deb13u1build0.26.04.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y luanti
Most apt upgrades restart their service automatically. needrestart lists anything else.
luanti→5.10.0+dfsg-5+deb13u1build0.26.04.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y luanti
Most apt upgrades restart their service automatically. needrestart lists anything else.
luanti-data→5.10.0+dfsg-5+deb13u1build0.26.04.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y luanti-data
Most apt upgrades restart their service automatically. needrestart lists anything else.
luanti-server→5.10.0+dfsg-5+deb13u1build0.26.04.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y luanti-server
Most apt upgrades restart their service automatically. needrestart lists anything else.
minetest→5.10.0+dfsg-5+deb13u1build0.26.04.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y minetest
Most apt upgrades restart their service automatically. needrestart lists anything else.
minetest-data→5.10.0+dfsg-5+deb13u1build0.26.04.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y minetest-data
Most apt upgrades restart their service automatically. needrestart lists anything else.
minetest-server→5.10.0+dfsg-5+deb13u1build0.26.04.1apt_upgradeStandard apt upgrade. Install 5.10.0+dfsg-5+deb13u1build0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y minetest-server
Most apt upgrades restart their service automatically. needrestart lists anything else.
Are YOU affected by USN-8366-1?
5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8366-1 (and any other live CVE) applies. Anonymous, no signup.
curl https://mindsparkstack.com/scan.sh | bash
StackPatch runs this match against YOUR installed packages every hour
Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.