Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f365b993 by Salvatore Bonaccorso at 2025-06-02T22:44:28+02:00
Add CVE-2025-49112/valkey
Track as well redict and redis and the issue at first analysis looks
present as well there.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -229,7 +229,11 @@ CVE-2025-49113 (Roundcube Webmail before 1.5.10 and 1.6.x
before 1.6.11 allows r
NOTE:
https://github.com/roundcube/roundcubemail/commit/7408f31379666124a39f9cb1018f62bc5e2dc695
(1.5.10)
NOTE:
https://github.com/roundcube/roundcubemail/commit/c50a07d88ca38f018a0f4a0b008e9a1deb32637e
(1.5.10)
CVE-2025-49112 (setDeferredReply in networking.c in Valkey through 8.1.1 has
an intege ...)
- TODO: check
+ - redict <unfixed>
+ - redis <unfixed>
+ - valkey <unfixed>
+ NOTE: https://github.com/valkey-io/valkey/pull/2101
+ NOTE: Fixed by:
https://github.com/valkey-io/valkey/commit/374718b2a365ca69f715d542709b7d71540b1387
CVE-2025-3951 (The WP-Optimize WordPress plugin before 4.2.0 does not
properly escap ...)
NOT-FOR-US: WordPress plugin
CVE-2025-25179 (Software installed and run as a non-privileged user may
conduct improp ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f365b9933e217a1f88aa4c26456aa33233a72a5a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f365b9933e217a1f88aa4c26456aa33233a72a5a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
