On Sat, Jun 16, 2018 at 04:09:04PM +0100, Chris Lamb wrote:
> Hi Moritz,
>
> > For future updates please include the git commit IDs to debian/patches
>
> Sure. I've added commit IDs to the files in debian/patches and
> uploaded redis_3.2.6-3+deb9u1_amd64.changes with those — and no
> other! — cha
Hi Moritz,
> For future updates please include the git commit IDs to debian/patches
Sure. I've added commit IDs to the files in debian/patches and
uploaded redis_3.2.6-3+deb9u1_amd64.changes with those — and no
other! — changes.
> E.g. compared to the fix from the upstream 3.2 branch,
> 0012-Sec
On Thu, Jun 14, 2018 at 02:10:27PM +0100, Chris Lamb wrote:
> Chris Lamb wrote:
>
> > > redis: multiple security issues in Lua scripting
> >
> > This has now been assigned CVE-2018-11219 & CVE-2018-11218.
>
> Security team, oermission to upload the attached to
> stretch-security?
>
> redis (3
On Sat, Jun 16, 2018 at 08:14:08AM +0100, Chris Lamb wrote:
> Chris Lamb wrote:
>
> > Security team, oermission to upload the attached to
> > stretch-security?
> >
> > redis (3:3.2.6-3+deb9u1) stretch-security; urgency=high
> >
> > * CVE-2018-11218, CVE-2018-11219: Backport patches to fix
Chris Lamb wrote:
> Security team, oermission to upload the attached to
> stretch-security?
>
> redis (3:3.2.6-3+deb9u1) stretch-security; urgency=high
>
> * CVE-2018-11218, CVE-2018-11219: Backport patches to fix multiple heap
> corruption and integer overflow vulnerabilities. (Clos
Chris Lamb wrote:
> > redis: multiple security issues in Lua scripting
>
> This has now been assigned CVE-2018-11219 & CVE-2018-11218.
Security team, oermission to upload the attached to
stretch-security?
redis (3:3.2.6-3+deb9u1) stretch-security; urgency=high
* CVE-2018-11218, CVE-2018-
Hi,
> redis: multiple security issues in Lua scripting
This has now been assigned CVE-2018-11219 & CVE-2018-11218.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Package: redis
Version: 3:3.2.6-1
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
>From https://github.com/antirez/redis/issues/5017:
> The Apple Security Team, together with Alibaba and myself,
> identified several security issues in the Lua script engine. The full
> report
8 matches
Mail list logo