Hi Moritz,
> Why? The patch was already shipped in DSA 4230
> (0009-Security-fix-redis-cli..),
> only the CVE ID wasn't known at the time.
^^^
Ah, this is probably what is confusing me. I'll check everything and
be in touch if necessary :)
Regards,
--
Hi Chris,
On Tue, Jun 26, 2018 at 10:15:07PM +0100, Chris Lamb wrote:
> Hi security-team,
>
> Not sure why but in an automatic update of data/CVE/list,
> CVE-2018-12326 was marked as being fixed in DSA-4230-1. However, this
> only fixes CVE-2018-11218 & CVE-2018-11219.
Why? The patch was already
Hi security-team,
Not sure why but in an automatic update of data/CVE/list,
CVE-2018-12326 was marked as being fixed in DSA-4230-1. However, this
only fixes CVE-2018-11218 & CVE-2018-11219.
As I understand it, this therefore means we need to do the following:
a) Release 3:3.2.6-3+deb9u2 with th
Package: redis
Version: 2:2.8.17-1+deb8u5
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for redis.
CVE-2018-12326[0]:
| Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0
| RC3 allows an attacker to achieve
4 matches
Mail list logo
