AZL-6669 CVE-2019-6706 affecting package lua for versions less than 5.3.5-11

Lua 5.3.5 has a use-after-free in luaupvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships...