[Git][security-tracker-team/security-tracker][master] Reserve DLA-3973-1 for redis
Adrian Bunk (@bunk)
bunk at debian.org
Thu Nov 28 21:31:48 GMT 2024
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker
Commits:
412b509b by Adrian Bunk at 2024-11-28T23:31:35+02:00
Reserve DLA-3973-1 for redis
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -194013,7 +194013,6 @@ CVE-2022-35978 (Minetest is a free open-source voxel game engine with easy moddi
NOTE: https://github.com/minetest/minetest/commit/da71e86633d0b27cd02d7aac9fdac625d141ca13 (5.6.0)
CVE-2022-35977 (Redis is an in-memory database that persists on disk. Authenticated us ...)
- redis 5:7.0.8-1
- [bullseye] - redis <ignored> (Minor issue; requires authed user)
[buster] - redis <ignored> (Minor issue; requires authed user)
NOTE: https://github.com/redis/redis/commit/6c25c6b7da116e110e89a5db45eeae743879e7ea (7.0.8)
CVE-2022-35976 (The GitOps Tools Extension for VSCode relies on kubeconfigs in order t ...)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Nov 2024] DLA-3973-1 redis - security update
+ {CVE-2022-35977 CVE-2024-31228}
+ [bullseye] - redis 5:6.0.16-1+deb11u4
[28 Nov 2024] DLA-3972-1 tzdata - new timezone database
[bullseye] - tzdata 2024b-0+deb11u1
[28 Nov 2024] DLA-3971-1 firefox-esr - security update
=====================================
data/dla-needed.txt
=====================================
@@ -168,11 +168,6 @@ qemu (santiago)
NOTE: 20240815: CVE-2024-4467 fix also proposed for 12.7 (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076504)
NOTE: 20241119: Bookworm PU in progress https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086572
--
-redis (Adrian Bunk)
- NOTE: 20241020: Added by Front-Desk (santiago)
- NOTE: 20241020: Ideally sync with a bookworm update please (santiago/front-desk)
- NOTE: 20241125: DLA pending (bunk)
---
ruby-sinatra (Chris Lamb)
NOTE: 20241110: Added by Front-Desk (apo)
NOTE: 20241122: Was awaiting approved upstream fix; still working on package. (lamby)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/412b509b15e579d177f9ee88579efe5c8fd00aeb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/412b509b15e579d177f9ee88579efe5c8fd00aeb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241128/0ffc67e9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list