[Git][security-tracker-team/security-tracker][master] Update note for CVE-2025-49112
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 23 21:45:49 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7353cedf by Salvatore Bonaccorso at 2025-07-23T22:45:30+02:00
Update note for CVE-2025-49112
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15996,7 +15996,8 @@ CVE-2025-49112 (setDeferredReply in networking.c in Valkey through 8.1.1 has an
NOTE: https://github.com/redis/redis/issues/14199
NOTE: https://github.com/valkey-io/valkey/pull/2101
NOTE: Fixed by: https://github.com/valkey-io/valkey/commit/374718b2a365ca69f715d542709b7d71540b1387
- NOTE: Redis contesting status (see issue link)
+ NOTE: Redis upstream considers this issue only defensive programming / hardening, cf.
+ NOTE: https://github.com/redis/redis/issues/14199#issuecomment-3076467634
CVE-2025-3951 (The WP-Optimize WordPress plugin before 4.2.0 does not properly escap ...)
NOT-FOR-US: WordPress plugin
CVE-2025-25179 (Software installed and run as a non-privileged user may conduct improp ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7353cedf356b67bea7737025c2bae52b7bdb489f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7353cedf356b67bea7737025c2bae52b7bdb489f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250723/fdf465a0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list