[Git][security-tracker-team/security-tracker][master] Track fixed version for redict issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Aug 3 10:56:13 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
62a62ffd by Salvatore Bonaccorso at 2025-08-03T11:55:49+02:00
Track fixed version for redict issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7848,7 +7848,7 @@ CVE-2025-4779 (lunary-ai/lunary versions prior to 1.9.24 are vulnerable to store
NOT-FOR-US: lunary-ai/lunary
CVE-2025-48367 (Redis is an open source, in-memory database that persists on disk. An ...)
{DSA-5969-1 DLA-4240-1}
- - redict <unfixed> (bug #1108980)
+ - redict 7.3.5+ds-1 (bug #1108980)
- redis 5:8.0.2-2 (bug #1108981)
- valkey 8.1.1+dfsg1-3 (bug #1108982)
NOTE: https://codeberg.org/redict/redict/issues/105
@@ -7898,7 +7898,7 @@ CVE-2025-36014 (IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulner
NOT-FOR-US: IBM
CVE-2025-32023 (Redis is an open source, in-memory database that persists on disk. Fro ...)
{DSA-5969-1 DLA-4240-1}
- - redict <unfixed> (bug #1108977)
+ - redict 7.3.5+ds-1 (bug #1108977)
- redis 5:8.0.2-2 (bug #1108975)
- valkey 8.1.1+dfsg1-3 (bug #1108978)
NOTE: https://github.com/redis/redis/security/advisories/GHSA-rp2m-q4j6-gr43
@@ -18622,7 +18622,7 @@ CVE-2025-49113 (Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows r
NOTE: https://github.com/roundcube/roundcubemail/commit/7408f31379666124a39f9cb1018f62bc5e2dc695 (1.5.10)
NOTE: https://github.com/roundcube/roundcubemail/commit/c50a07d88ca38f018a0f4a0b008e9a1deb32637e (1.5.10)
CVE-2025-49112 (setDeferredReply in networking.c in Valkey through 8.1.1 has an intege ...)
- - redict <unfixed> (bug #1107212)
+ - redict 7.3.5+ds-1 (bug #1107212)
- redis <unfixed> (bug #1107211)
[bookworm] - redis <postponed> (Minor issue; can be fixed along with next DSA)
[bullseye] - redis <postponed> (Minor issue; can be fixed along with next DLA)
@@ -19142,7 +19142,7 @@ CVE-2025-27151 (Redis is an open source, in-memory database that persists on dis
{DSA-5969-1}
- redis 5:8.0.2-2 (bug #1106822)
[bullseye] - redis <not-affected> (Vulnerable code not present)
- - redict <unfixed> (bug #1106823)
+ - redict 7.3.5+ds-1 (bug #1106823)
- valkey 8.1.1+dfsg1-1.1 (bug #1106824)
NOTE: https://github.com/redis/redis/security/advisories/GHSA-5453-q98w-cmvm
NOTE: Introcuced by: https://github.com/redis/redis/commit/a50aa29bde33f22dabc307c4a28bc2321f8acdfe (7.0-rc2)
@@ -30604,7 +30604,7 @@ CVE-2025-21605 (Redis is an open source, in-memory database that persists on dis
{DLA-4162-1}
- redis 5:7.0.15-3.1 (bug #1104010)
[bookworm] - redis 5:7.0.15-1~deb12u4
- - redict <unfixed> (bug #1104011)
+ - redict 7.3.5+ds-1 (bug #1104011)
- valkey 8.1.1+dfsg1-1 (bug #1104012)
NOTE: https://github.com/redis/redis/security/advisories/GHSA-r67f-p999-2gff
NOTE: https://github.com/valkey-io/valkey/pull/1994
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62a62ffdb8ccae91cb8ed101b410718876b216b4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62a62ffdb8ccae91cb8ed101b410718876b216b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250803/954f4fc4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list