[Git][security-tracker-team/security-tracker][master] Mark a series of src:redis CVEs as ignored in both buster and stretch to match bullseye.
Chris Lamb (@lamby)
lamby at debian.org
Wed Feb 1 20:25:10 GMT 2023
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
afd383c3 by Chris Lamb at 2023-02-01T12:24:23-08:00
Mark a series of src:redis CVEs as ignored in both buster and stretch to match bullseye.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45755,7 +45755,7 @@ CVE-2022-35978 (Minetest is a free open-source voxel game engine with easy moddi
CVE-2022-35977 (Redis is an in-memory database that persists on disk. Authenticated us ...)
- redis 5:7.0.8-1
[bullseye] - redis <ignored> (Minor issue; requires authed user)
- [buster] - redis <no-dsa> (Minor issue)
+ [buster] - redis <ignored> (Minor issue; requires authed user)
NOTE: https://github.com/redis/redis/commit/6c25c6b7da116e110e89a5db45eeae743879e7ea (7.0.8)
CVE-2022-35976 (The GitOps Tools Extension for VSCode relies on kubeconfigs in order t ...)
NOT-FOR-US: GitOps Tools Extension for VSCode
@@ -78091,16 +78091,16 @@ CVE-2022-24736 (Redis is an in-memory database that persists on disk. Prior to v
[experimental] - redis 5:7.0.0-1
- redis 5:7.0.1-4
[bullseye] - redis <ignored> (Minor issue; requires authed user; problematic to backport patch)
- [buster] - redis <no-dsa> (Minor issue)
- [stretch] - redis <no-dsa> (Minor issue, problematic to backport patch to embedded Lua engine)
+ [buster] - redis <ignored> (Minor issue; requires authed user; problematic to backport patch)
+ [stretch] - redis <ignored> (Minor issue, problematic to backport patch to embedded Lua engine)
NOTE: https://github.com/redis/redis/security/advisories/GHSA-3qpw-7686-5984
NOTE: https://github.com/redis/redis/pull/10651
CVE-2022-24735 (Redis is an in-memory database that persists on disk. By exploiting we ...)
[experimental] - redis 5:7.0.0-1
- redis 5:7.0.1-4
[bullseye] - redis <ignored> (Minor issue; requires authed user; problematic to backport patch)
- [buster] - redis <no-dsa> (Minor issue)
- [stretch] - redis <no-dsa> (Minor issue, problematic to backport patch to embedded Lua engine)
+ [buster] - redis <ignored> (Minor issue; requires authed user; problematic to backport patch)
+ [stretch] - redis <ignored> (Minor issue; requires authed user; problematic to backport patch)
NOTE: https://github.com/redis/redis/security/advisories/GHSA-647m-2wmq-qmvq
NOTE: https://github.com/redis/redis/pull/10651
CVE-2022-24734 (MyBB is a free and open source forum software. In affected versions th ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afd383c3c0ed65d80407e394213cdf4fe7a8a7ce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afd383c3c0ed65d80407e394213cdf4fe7a8a7ce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230201/99966534/attachment.htm>
More information about the debian-security-tracker-commits
mailing list