Release 0.1.22 (includes security update)
New feature: added support for TCP keep-alive on connections to Redis.
Bugfix: TRACE logs were not correctly identified as such in the logs,
they should now appear with a T prefix.
Security: this is also a security update, fixing vulnerabilities found
in the OpenSSL library, installed from Alpine Linux packages (Alpine
Linus provides the base image for Webdis).
Impact: Webdis can connect to external Webdis instances over TLS.
By default, it does not use TLS to connect to Redis, but interfaces
with Redis over a local connection within the Docker container.
Please review whether these OpenSSL vulnerabilities affect your
deployment. If you do not use TLS to connect to Redis, then you should
not be affected.
openssl 3.0.8-r1 - 1 HIGH, 6 MEDIUM
pkg:apk/alpine/openssl@3.0.8-r1?os_name=alpine&os_version=3.17
* HIGH CVE-2023-2650
https://scout.docker.com/v/CVE-2023-2650
Affected range : <3.0.9-r0
Fixed version : 3.0.9-r0
* MEDIUM CVE-2023-1255
https://scout.docker.com/v/CVE-2023-1255
Affected range : <3.0.8-r4
Fixed version : 3.0.8-r4
* MEDIUM CVE-2023-3817
https://scout.docker.com/v/CVE-2023-3817
Affected range : <3.0.10-r0
Fixed version : 3.0.10-r0
* MEDIUM CVE-2023-3446
https://scout.docker.com/v/CVE-2023-3446
Affected range : <3.0.9-r3
Fixed version : 3.0.9-r3
* MEDIUM CVE-2023-2975
https://scout.docker.com/v/CVE-2023-2975
Affected range : <3.0.9-r2
Fixed version : 3.0.9-r2
* MEDIUM CVE-2023-0466
https://scout.docker.com/v/CVE-2023-0466
Affected range : <3.0.8-r3
Fixed version : 3.0.8-r3
* MEDIUM CVE-2023-0465
https://scout.docker.com/v/CVE-2023-0465
Affected range : <3.0.8-r2
Fixed version : 3.0.8-r2
openssl1.1-compat 1.1.1t-r1 -- 2 MEDIUM
pkg:apk/alpine/openssl1.1-compat@1.1.1t-r1?os_name=alpine&os_version=3.17
* MEDIUM CVE-2023-3446
https://scout.docker.com/v/CVE-2023-3446
Affected range : <1.1.1u-r1
Fixed version : 1.1.1u-r1
* MEDIUM CVE-2023-0465
https://scout.docker.com/v/CVE-2023-0465
Affected range : <1.1.1t-r2
Fixed version : 1.1.1t-r2