[Secure-testing-commits] r34717 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Jun 4 13:34:48 UTC 2015


Author: jmm
Date: 2015-06-04 13:34:48 +0000 (Thu, 04 Jun 2015)
New Revision: 34717

Modified:
   data/CVE/list
Log:
new redis issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-04 12:06:44 UTC (rev 34716)
+++ data/CVE/list	2015-06-04 13:34:48 UTC (rev 34717)
@@ -1,3 +1,6 @@
+CVE-2015-XXXX [Redis EVAL Lua Sandbox Escape]
+	- redis 2:3.0.2-1
+	NOTE: http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ 
 CVE-2015-XXXX [Null pointer access in inflatehd tool]
 	- nghttp2 <unfixed> (unimportant)
 	NOTE: Upstream report: https://github.com/tatsuhiro-t/nghttp2/issues/235




More information about the Secure-testing-commits mailing list