fluidB
/
webdiss
1
0
Fork 0
Code Pull Requests Activity

Release 0.1.22 (includes security update)

Browse Source 
New feature: added support for TCP keep-alive on connections to Redis.

Bugfix: TRACE logs were not correctly identified as such in the logs,
        they should now appear with a T prefix.

Security: this is also a security update, fixing vulnerabilities found
in the OpenSSL library, installed from Alpine Linux packages (Alpine
Linus provides the base image for Webdis).

Impact: Webdis can connect to external Webdis instances over TLS.
By default, it does not use TLS to connect to Redis, but interfaces
with Redis over a local connection within the Docker container.
Please review whether these OpenSSL vulnerabilities affect your
deployment. If you do not use TLS to connect to Redis, then you should
not be affected.

openssl 3.0.8-r1 - 1 HIGH, 6 MEDIUM
pkg:apk/alpine/openssl@3.0.8-r1?os_name=alpine&os_version=3.17

    * HIGH CVE-2023-2650
      https://scout.docker.com/v/CVE-2023-2650
      Affected range : <3.0.9-r0
      Fixed version  : 3.0.9-r0

    * MEDIUM CVE-2023-1255
      https://scout.docker.com/v/CVE-2023-1255
      Affected range : <3.0.8-r4
      Fixed version  : 3.0.8-r4

    * MEDIUM CVE-2023-3817
      https://scout.docker.com/v/CVE-2023-3817
      Affected range : <3.0.10-r0
      Fixed version  : 3.0.10-r0

    * MEDIUM CVE-2023-3446
      https://scout.docker.com/v/CVE-2023-3446
      Affected range : <3.0.9-r3
      Fixed version  : 3.0.9-r3

    * MEDIUM CVE-2023-2975
      https://scout.docker.com/v/CVE-2023-2975
      Affected range : <3.0.9-r2
      Fixed version  : 3.0.9-r2

    * MEDIUM CVE-2023-0466
      https://scout.docker.com/v/CVE-2023-0466
      Affected range : <3.0.8-r3
      Fixed version  : 3.0.8-r3

    * MEDIUM CVE-2023-0465
      https://scout.docker.com/v/CVE-2023-0465
      Affected range : <3.0.8-r2
      Fixed version  : 3.0.8-r2

openssl1.1-compat 1.1.1t-r1 -- 2 MEDIUM
pkg:apk/alpine/openssl1.1-compat@1.1.1t-r1?os_name=alpine&os_version=3.17

    * MEDIUM CVE-2023-3446
      https://scout.docker.com/v/CVE-2023-3446
      Affected range : <1.1.1u-r1
      Fixed version  : 1.1.1u-r1

    * MEDIUM CVE-2023-0465
      https://scout.docker.com/v/CVE-2023-0465
      Affected range : <1.1.1t-r2
      Fixed version  : 1.1.1t-r2
master
Nicolas Favre-Felix 1 year ago
parent 032e5152c6
commit e82a64beef
No known key found for this signature in database
GPG Key ID: C04E7AA8B6F73372
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/version.h
Unescape Escape View File

@ -2,7 +2,7 @@
#define VERSION_H
#ifndef WEBDIS_VERSION
#define WEBDIS_VERSION "0.1.22-dev"
#define WEBDIS_VERSION "0.1.22"
#endif
#endif /* VERSION_H */

Write Preview
Loading…
Cancel
Save