Release 0.1.22 (includes security update)
New feature: added support for TCP keep-alive on connections to Redis. Bugfix: TRACE logs were not correctly identified as such in the logs, they should now appear with a T prefix. Security: this is also a security update, fixing vulnerabilities found in the OpenSSL library, installed from Alpine Linux packages (Alpine Linus provides the base image for Webdis). Impact: Webdis can connect to external Webdis instances over TLS. By default, it does not use TLS to connect to Redis, but interfaces with Redis over a local connection within the Docker container. Please review whether these OpenSSL vulnerabilities affect your deployment. If you do not use TLS to connect to Redis, then you should not be affected. openssl 3.0.8-r1 - 1 HIGH, 6 MEDIUM pkg:apk/alpine/openssl@3.0.8-r1?os_name=alpine&os_version=3.17 * HIGH CVE-2023-2650 https://scout.docker.com/v/CVE-2023-2650 Affected range : <3.0.9-r0 Fixed version : 3.0.9-r0 * MEDIUM CVE-2023-1255 https://scout.docker.com/v/CVE-2023-1255 Affected range : <3.0.8-r4 Fixed version : 3.0.8-r4 * MEDIUM CVE-2023-3817 https://scout.docker.com/v/CVE-2023-3817 Affected range : <3.0.10-r0 Fixed version : 3.0.10-r0 * MEDIUM CVE-2023-3446 https://scout.docker.com/v/CVE-2023-3446 Affected range : <3.0.9-r3 Fixed version : 3.0.9-r3 * MEDIUM CVE-2023-2975 https://scout.docker.com/v/CVE-2023-2975 Affected range : <3.0.9-r2 Fixed version : 3.0.9-r2 * MEDIUM CVE-2023-0466 https://scout.docker.com/v/CVE-2023-0466 Affected range : <3.0.8-r3 Fixed version : 3.0.8-r3 * MEDIUM CVE-2023-0465 https://scout.docker.com/v/CVE-2023-0465 Affected range : <3.0.8-r2 Fixed version : 3.0.8-r2 openssl1.1-compat 1.1.1t-r1 -- 2 MEDIUM pkg:apk/alpine/openssl1.1-compat@1.1.1t-r1?os_name=alpine&os_version=3.17 * MEDIUM CVE-2023-3446 https://scout.docker.com/v/CVE-2023-3446 Affected range : <1.1.1u-r1 Fixed version : 1.1.1u-r1 * MEDIUM CVE-2023-0465 https://scout.docker.com/v/CVE-2023-0465 Affected range : <1.1.1t-r2 Fixed version : 1.1.1t-r2master
parent
032e5152c6
commit
e82a64beef
Loading…
Reference in New Issue