[Git][security-tracker-team/security-tracker][master] Triage CVE-2026-25243 in redis for bullseye LTS.
Chris Lamb (@lamby)
lamby at debian.org
Tue Jun 9 22:27:20 BST 2026
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e6198e92 by Chris Lamb at 2026-06-09T14:27:14-07:00
Triage CVE-2026-25243 in redis for bullseye LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25880,6 +25880,7 @@ CVE-2026-25588 (RedisTimeSeries is a time-series module for Redis. In all versio
CVE-2026-25243 (Redis is an in-memory data structure store. In versions of redis-serve ...)
[experimental] - redis 5:8.6.3-1
- redis <unfixed>
+ [bullseye] - redis <not-affected> (Vulnerable code not present; checks for dups introduced later)
NOTE: https://github.com/redis/redis/security/advisories/GHSA-c8h9-259x-jff4
NOTE: https://www.zeroday.cloud/blog/redis-cve-2026-25243-deep-dive
NOTE: Fixed by: https://github.com/redis/redis/commit/b9dde6fc25dec6191b18374335a076a7b31e3d02 (8.6.3)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6198e92df2f5c73c3f16758a83c341473429ab1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6198e92df2f5c73c3f16758a83c341473429ab1
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260609/cef13ec9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list