[Git][security-tracker-team/security-tracker][master] 2 commits: Remove redis.git reference; canonical repo is https://salsa.debian.org/lamby/pkg-redis.

Wed Feb 1 19:36:58 GMT 2023


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
81ed9068 by Chris Lamb at 2023-02-01T11:32:03-08:00
Remove redis.git reference; canonical repo is https://salsa.debian.org/lamby/pkg-redis.

- - - - -
ef0d90ee by Chris Lamb at 2023-02-01T11:34:06-08:00
Triage CVE-2022-35977 in redis for buster LTS.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -45692,6 +45692,7 @@ CVE-2022-35978 (Minetest is a free open-source voxel game engine with easy moddi
 CVE-2022-35977 (Redis is an in-memory database that persists on disk. Authenticated us ...)
 	- redis 5:7.0.8-1
 	[bullseye] - redis <ignored> (Minor issue; requires authed user)
+	[buster] - redis <no-dsa> (Minor issue)
 	NOTE: https://github.com/redis/redis/commit/6c25c6b7da116e110e89a5db45eeae743879e7ea (7.0.8)
 CVE-2022-35976 (The GitOps Tools Extension for VSCode relies on kubeconfigs in order t ...)
 	NOT-FOR-US: GitOps Tools Extension for VSCode


=====================================
data/dla-needed.txt
=====================================
@@ -233,10 +233,6 @@ rainloop
   NOTE: 20220913: also there's an unofficial one for CVE-2022-29360;
   NOTE: 20220913: Evaluate the situation and decide whether we should support or EOL this package (Beuc/front-desk)
 --
-redis (Chris Lamb)
-  NOTE: 20230130: Programming language: C
-  NOTE: 20230130: VCS: https://salsa.debian.org/lts-team/packages/redis.git
---
 ring
   NOTE: 20221120: Programming language: C.
   NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/ring.git



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/696a72962fd90820a00c7c36aae166c54e26416e...ef0d90eedaba475705b2f7b5507269f39210e91a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/696a72962fd90820a00c7c36aae166c54e26416e...ef0d90eedaba475705b2f7b5507269f39210e91a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230201/f2cfac70/attachment.htm>
