[SECURITY] [DLA 577-1] redis security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 577-1] redis security update
From: Chris Lamb <lamby@debian.org>
Date: Sat, 30 Jul 2016 19:23:26 +0200
Message-id: <[🔎] 1469899406.2622202.681287841.56F393D9@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : redis
Version        : 2:2.4.14-1+deb7u1
CVE ID         : CVE-2013-7458
Debian Bug     : 832460

It was discovered that the redis-cli tool in redis (an in-memory
key-value database) created world-readable history files.

For Debian 7 "Wheezy", this issue has been fixed in redis version
2:2.4.14-1+deb7u1.

We recommend that you upgrade your redis packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIbBAEBCAAGBQJXnOJpAAoJEB6VPifUMR5YAOcP92tWhHfH/jeVr4outQu/fhkJ
2Z3Gry9lwwbXSRko+IVBDfW60WGoycGB9tdSBmUvcJudF5t72MBlCJf5XE/0exYV
UGxWInRc/qhDTtmpmSwD4Gf4MTYhJxBxXKVoI2Rcqd+z/ZHhBK5UnHjHTWtvDeHf
JVIDMK1TzgXvKWbqb//I7TA8IzQHWN6XzleNBUCWxPvQ7OlZMqTHr930wl5aj+iv
4gbUEak90ihgfh5MAC4AhOWFykLrCT44xezooa2lFdiQg06VY6hKmpVWnqh0k9pT
2KwXO0g0/rTv2Ip+7n3DFTEZIzx3X/ZFIz9KKlsrxzSb/r7xV4ut5k0qczWjiFko
Y8UE7TULJ+HjU2IyYSCBr38wZ7z/VbFYVvBlrfeRQrnTZaZnVyDVkpnWkK3SNegE
X0Ran/yCINEvKH7EtHZTlWTHCE7eJyAG9//9Wu+Z5/BJQK8hwjZ1P5rZIvJLkyXx
sXwPuur+Ds7js4fADVTmGHveKDb+xrP6c+Mt/gjYzN52grWxj8WhQQ1pMmdzIKX0
+IBQBR4/7OjKn0D7Puv2Af7zzPw2Xt+C4IcgLsVD6P+OAI7aI/n7vZcJD3vIp75X
e0eh9g5VlRpZYVq7050QAID5/xNMhTsfhMxiAsFJdr1R8BjSfi4SbdH4lp9YzVsC
qpfxpRbM4ZNH8u4RxDM=
=cAU3
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 572-1] icedove security update
Next by Date: [SECURITY] [DLA 578-1] openssh security update
Previous by thread: [SECURITY] [DLA 572-1] icedove security update
Next by thread: [SECURITY] [DLA 578-1] openssh security update
Index(es):
- Date
- Thread