Bug 30902

Summary: redis new security issue CVE-2022-35951
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Stig-Ørjan Smelror <smelror>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: redis-7.0.4-1.mga9.src.rpm CVE:
Status comment: Fixed upstream in 7.0.5

Description David Walser 2022-09-27 00:42:46 CEST 
Fedora has issued an advisory today (September 26):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A7INCOOFPPEAKNDBZU3TIZJPYXBULI2C/

The issue is fixed upstream in 7.0.5:
https://groups.google.com/g/redis-db/c/23rsgnLYpM0
David Walser 2022-09-27 00:43:01 CEST

Status comment: (none) => Fixed upstream in 7.0.5

Comment 1 Lewis Smith 2022-09-28 19:38:39 CEST 
By pure chance, another to assign to Stig. It is not officially your baby, but you have done several recent updates.

Assignee: bugsquad => smelror

Comment 2 Stig-Ørjan Smelror 2022-09-28 20:14:02 CEST 
------------------------------------------------------------------------
r1891395 | kekepower | 2022-09-22 07:49:25 +0200 (Thu, 22 Sep 2022) | 2 lines

- Update to version 7.0.5
Comment 3 David Walser 2022-09-28 20:30:26 CEST 
Fixed in redis-7.0.5-1.mga9.

Resolution: (none) => FIXED
Status: NEW => RESOLVED