Hi Moritz,
> given that this only affects 32 bit archs and only with an inherently insecure
> setup (opening up the default bulk size to such high values might impact all
> kinds of stability / availability I guess) I don't think this needs a DSA.
> So s-p-u or piggybacking with the next DSA
Am Wed, Feb 24, 2021 at 11:17:55AM + schrieb Chris Lamb:
> Chris Lamb wrote:
>
> > Package: redis
> > Version: 3:3.2.6-3+deb9u3
> [..]
> > CVE-2021-21309:
> > https://groups.google.com/g/redis-db/c/fV7cI3GSgoQ/m/ocwV-MlzAgAJ
>
> Security team, would you like an upload to stretch-security or
Chris Lamb wrote:
> Package: redis
> Version: 3:3.2.6-3+deb9u3
[..]
> CVE-2021-21309:
> https://groups.google.com/g/redis-db/c/fV7cI3GSgoQ/m/ocwV-MlzAgAJ
Security team, would you like an upload to stretch-security or should
this go via s-p-u? I mention that option specifically as the s-p-u route
Package: redis
Version: 3:3.2.6-3+deb9u3
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for redis.
CVE-2021-21309:
https://groups.google.com/g/redis-db/c/fV7cI3GSgoQ/m/ocwV-MlzAgAJ
If you fix the vulnerability please also
4 matches
Mail list logo
