Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump hiredis version to 1.0.2 #118

Closed
jobec opened this issue Nov 4, 2021 · 1 comment · Fixed by #136
Closed

Bump hiredis version to 1.0.2 #118

jobec opened this issue Nov 4, 2021 · 1 comment · Fixed by #136

Comments

@jobec
Copy link

jobec commented Nov 4, 2021

There's a security fix available for hiredis.

See:
@illia-v
Copy link
Contributor

illia-v commented Nov 4, 2021

CVE-2021-32765 is related to a fix of a createArrayObject function.

hiredis-py defines its own version of the function. So the CVE and the fix should not touch hiredis-py, I am not sure if any similar vulnerability exists in this package though.

@illia-v illia-v mentioned this issue Apr 19, 2022
Closed
@chayim chayim mentioned this issue Dec 6, 2022
Merged
@chayim chayim closed this as completed in 861539c Dec 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Modernizing: Restoring CI, Moving to pytest chayim/hiredis-py
2 participants
@jobec @illia-v