Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aba0c874 by Adrian Bunk at 2025-04-21T14:55:53+03:00
Remove annotations claiming that DLA-2783-1 fixed CVE-2021-32765/hiredis
It is puzzling how a contributor managed to publish a DLA without
ever noticing that the version of the fixed package is lower than
the version of the package in the release, resulting in no user
ever receiving the update.
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -322361,7 +322361,6 @@ CVE-2021-32767 (TYPO3 is an open source PHP based web
content management system.
CVE-2021-32766 (Nextcloud Text is an open source plaintext editing application
which s ...)
NOT-FOR-US: Nextcloud Text
CVE-2021-32765 (Hiredis is a minimalistic C client library for the Redis
database. In ...)
- {DLA-2783-1}
- hiredis 0.14.1-2 (unimportant)
NOTE:
https://github.com/redis/hiredis/security/advisories/GHSA-hfm9-39pp-55p2
NOTE:
https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e
(v1.0.1)
=====================================
data/DLA/list
=====================================
@@ -4065,7 +4065,6 @@
{CVE-2020-21913}
[stretch] - icu 57.1-6+deb9u5
[12 Oct 2021] DLA-2783-1 hiredis - security update
- {CVE-2021-32765}
[stretch] - hiredis 0.13.3-1+deb9u1
[11 Oct 2021] DLA-2782-1 firefox-esr - security update
{CVE-2021-38496 CVE-2021-38500}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aba0c874508cb925453b5520fc4d14fe7bbb0a9c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aba0c874508cb925453b5520fc4d14fe7bbb0a9c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
