> > Another bug report by @denisvm, this time on the linenoise library:
> > https://github.com/antirez/linenoise/issues/121
>
> Indeed this looks like it might affect some other packages in Debian:
>
> https://codesearch.debian.net/search?q=int+linenoiseHistorySave&perpkg=1
>
> Can you check th
> Another bug report by @denisvm, this time on the linenoise library:
> https://github.com/antirez/linenoise/issues/121
Indeed this looks like it might affect some other packages in Debian:
https://codesearch.debian.net/search?q=int+linenoiseHistorySave&perpkg=1
Can you check these? I'm about t
> > I've contacted upstream on 2016-05-30 without any reaction at all and
> > discovered this bug was first reported 3 years ago, still unfixed.
> > @RedisLabs keeps referring to their paid support on twitter.
>
> Boo. Is there an upstream bug# for this or was this reported privately?
My report:
> I've contacted upstream on 2016-05-30 without any reaction at all and
> discovered this bug was first reported 3 years ago, still unfixed.
> @RedisLabs keeps referring to their paid support on twitter.
Boo. Is there an upstream bug# for this or was this reported privately?
Regards,
--
Package: redis-tools
Version: 2.8.17-1+deb8u3
Severity: grave
Tags: security
redis-cli stores its history in ~/.rediscli_history, this file is
created with permissions 0644. Home folders are world readable as well
in debian, so any user can access other users redis history, including
AUTH commands
5 matches
Mail list logo
