[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-49844/{redis,redict,valkey}

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
26e68a7b by Salvatore Bonaccorso at 2025-10-05T21:17:20+02:00
Update status for CVE-2025-49844/{redis,redict,valkey}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -896,9 +896,11 @@ CVE-2025-52424 (A NULL pointer dereference vulnerability has been reported to af
 	NOT-FOR-US: QNAP
 CVE-2025-49844 (Redis is an open source, in-memory database that persists on disk. Ver ...)
 	- redis <unfixed>
+	- redict <unfixed>
+	- valkey <unfixed>
 	NOTE: https://github.com/redis/redis/security/advisories/GHSA-4789-qfc9-5f9q
 	NOTE: https://github.com/redis/redis/commit/d5728cb5795c966c5b5b1e0f0ac576a7e69af539 (8.2.2)
-	TODO: check redict and valkey forks
+	NOTE: https://github.com/valkey-io/valkey/commit/6dd003e88feace83e55491f32376f6927896e31e
 CVE-2025-49641 (A regular Zabbix user with no permission to the Monitoring -> Problems ...)
 	- zabbix <unfixed>
 	NOTE: https://support.zabbix.com/browse/ZBX-27063



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26e68a7bf6a52bdd7df3a89faed6715ffbcbd364

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26e68a7bf6a52bdd7df3a89faed6715ffbcbd364
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251005/496cc53e/attachment.htm>