[Secure-testing-commits] r34718 - data/CVE
Alessandro Ghedini
ghedo at moszumanska.debian.org
Thu Jun 4 13:48:34 UTC 2015
Author: ghedo
Date: 2015-06-04 13:48:34 +0000 (Thu, 04 Jun 2015)
New Revision: 34718
Modified:
data/CVE/list
Log:
Add more links to redis issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-04 13:34:48 UTC (rev 34717)
+++ data/CVE/list 2015-06-04 13:48:34 UTC (rev 34718)
@@ -1,6 +1,8 @@
CVE-2015-XXXX [Redis EVAL Lua Sandbox Escape]
- redis 2:3.0.2-1
NOTE: http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/
+ NOTE: Patch: https://github.com/antirez/redis/commit/fdf9d455098f54f7666c702ae464e6ea21e25411
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/04/8
CVE-2015-XXXX [Null pointer access in inflatehd tool]
- nghttp2 <unfixed> (unimportant)
NOTE: Upstream report: https://github.com/tatsuhiro-t/nghttp2/issues/235
More information about the Secure-testing-commits
mailing list