[Secure-testing-commits] r34729 - data/CVE
Alessandro Ghedini
ghedo at moszumanska.debian.org
Fri Jun 5 11:39:21 UTC 2015
Author: ghedo
Date: 2015-06-05 11:39:21 +0000 (Fri, 05 Jun 2015)
New Revision: 34729
Modified:
data/CVE/list
Log:
Mark wheezy and squeeze as n/a for CVE-2015-4335/redis
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-05 11:18:28 UTC (rev 34728)
+++ data/CVE/list 2015-06-05 11:39:21 UTC (rev 34729)
@@ -1,5 +1,7 @@
CVE-2015-4335 [Redis EVAL Lua Sandbox Escape]
- redis 2:3.0.2-1
+ [wheezy] - redis <not-affected> (Lua support introduced in version 2.6.0)
+ [squeeze] - redis <not-affected> (Lua support introduced in version 2.6.0)
NOTE: http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/
NOTE: Patch: https://github.com/antirez/redis/commit/fdf9d455098f54f7666c702ae464e6ea21e25411
NOTE: http://www.openwall.com/lists/oss-security/2015/06/05/3
More information about the Secure-testing-commits
mailing list