Update version of 'lua' and 'lua5' attributes to lua 5.2.

@vcunat kindly pointed out that earlier versions are vulnerable to
CVE-2014-5461. There remain a whole lot of packages that have hard-coded
use of version 5.1, unfortunately.