diff --git a/lua-5.4.0-CVE-2020-24342.patch b/lua-5.4.0-CVE-2020-24342.patch
new file mode 100644
index 0000000..c8267ec
--- /dev/null
+++ b/lua-5.4.0-CVE-2020-24342.patch
@@ -0,0 +1,22 @@
+diff -up lua-5.4.0/src/ldo.c.CVE-2020-24342 lua-5.4.0/src/ldo.c
+--- lua-5.4.0/src/ldo.c.CVE-2020-24342	2020-09-02 14:56:36.939443912 -0400
++++ lua-5.4.0/src/ldo.c	2020-09-02 14:57:47.765341519 -0400
+@@ -515,14 +515,13 @@ void luaD_call (lua_State *L, StkId func
+ 
+ /*
+ ** Similar to 'luaD_call', but does not allow yields during the call.
+-** If there is a stack overflow, freeing all CI structures will
+-** force the subsequent call to invoke 'luaE_extendCI', which then
+-** will raise any errors.
+ */
+ void luaD_callnoyield (lua_State *L, StkId func, int nResults) {
+   incXCcalls(L);
+-  if (getCcalls(L) <= CSTACKERR)  /* possible stack overflow? */
+-    luaE_freeCI(L);
++  if (getCcalls(L) <= CSTACKERR) {  /* possible C stack overflow? */
++    luaE_exitCcall(L);  /* to compensate decrement in next call */
++    luaE_enterCcall(L);  /* check properly */
++  }
+   luaD_call(L, func, nResults);
+   decXCcalls(L);
+ }
diff --git a/lua.spec b/lua.spec
index be9d603..742e56e 100644
--- a/lua.spec
+++ b/lua.spec
@@ -15,7 +15,7 @@
 
 Name:           lua
 Version:        %{major_version}.0
-Release:        6%{?dist}
+Release:        7%{?dist}
 Summary:        Powerful light-weight programming language
 License:        MIT
 URL:            http://www.lua.org/
@@ -59,6 +59,7 @@ Patch17:	%{name}-5.4.0-CVE-2020-24370.patch
 Patch18:	%{name}-5.3.5-CVE-2020-24370.patch
 # This is bug 9
 Patch19:	%{name}-5.4.0-CVE-2020-24371.patch
+Patch20:	%{name}-5.4.0-CVE-2020-24342.patch
 
 BuildRequires:  automake autoconf libtool readline-devel ncurses-devel
 Requires:       lua-libs = %{version}-%{release}
@@ -121,6 +122,7 @@ mv src/luaconf.h src/luaconf.h.template.in
 %patch16 -p1 -b .CVE-2020-24369
 %patch17 -p1 -b .CVE-2020-24370
 %patch19 -p1 -b .CVE-2020-24371
+%patch20 -p1 -b .CVE-2020-24342
 # Put proper version in configure.ac, patch0 hardcodes 5.3.0
 sed -i 's|5.3.0|%{version}|g' configure.ac
 autoreconf -ifv
@@ -246,6 +248,9 @@ install -Dpm 0644 %{SOURCE1001} $RPM_BUILD_ROOT/%{_fileattrsdir}/lua.attr
 %{_libdir}/*.a
 
 %changelog
+* Wed Sep  2 2020 Tom Callaway <spot@fedoraproject.org> - 5.4.0-7
+- apply upstream fix for CVE-2020-24342
+
 * Wed Aug 19 2020 Tom Callaway <spot@fedoraproject.org> - 5.4.0-6
 - apply upstream fix for CVE-2020-24370, CVE-2020-24371
 
@@ -266,9 +271,6 @@ install -Dpm 0644 %{SOURCE1001} $RPM_BUILD_ROOT/%{_fileattrsdir}/lua.attr
 * Mon Jun 29 2020 Tom Callaway <spot@fedoraproject.org> - 5.4.0-1
 - update to 5.4.0
 
-* Wed Oct 23 2019 Tom Callaway <spot@fedoraproject.org> - 5.4.0-0.1.beta
-- 5.4.0-beta
-
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.3.5-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild