Bug 211709

Summary:

security/vuxml: Security vulnerability in databases/redis and redis-devel (CVE-2013-7458)

Product:

Ports & Packages

Reporter:

Sevan Janiyan <venture37>

Component:

Individual Port(s)

Assignee:

Mark Felder <feld>

Status:

Closed FIXED

Severity:

Affects Some People

CC:

feld, ports-secteam, venture37, vlad-fbsd

Priority:

---

Keywords:

patch, security

Version:

Latest

Flags:

bugzilla: maintainer-feedback? (osa)

Hardware:

Any

OS:

Any

URL:

https://github.com/antirez/redis/issues/3284

Attachments:

Description	Flags
Add entry for redis (CVE-2013-7458)	none

Description Sevan Janiyan 2016-08-09 23:20:34 UTC

CVE-2013-7458
https://bugzilla.suse.com/show_bug.cgi?id=991250

Comment 1 Sevan Janiyan 2016-08-09 23:21:24 UTC

That applies to databases/redis-devel too?

Comment 2 VK freebsd_triage

2016-10-07 09:59:12 UTC

(In reply to Sevan Janiyan from comment #1)

> That applies to databases/redis-devel too?

Yes, all variants of the port/package are affected for specific version range.

Comment 3 VK freebsd_triage

2016-10-07 10:05:25 UTC

* Fixed upstream (Jul 29th):
  https://github.com/antirez/redis/commit/71536684a788dc859e42132a2c5a2b7373414375

* Tagged 3.2.3 (Aug 2nd):
  https://github.com/antirez/redis/commit/44bf2533cdb2d753316e654c1b6dfd2298841433

VuXML patch coming up.

Comment 4 VK freebsd_triage

2016-10-07 10:24:46 UTC

Created attachment 175487 [details]
Add entry for redis (CVE-2013-7458)

Comment 5 Mark Felder freebsd_committer

2016-10-11 15:03:05 UTC

committed, thanks!

Comment 6 commit-hook freebsd_committer

2016-10-11 15:03:21 UTC

A commit references this bug:

Author: feld
Date: Tue Oct 11 15:02:52 UTC 2016
New revision: 423767
URL: https://svnweb.freebsd.org/changeset/ports/423767

Log:
  Document redis vulnerability

  PR:		211709
  Security:	CVE-2013-7458

Changes:
  head/security/vuxml/vuln.xml