UNCLASSIFIED - NO CUI

Skip to content

Resolve "Redis, CVE-2025-49844 (Anchore Team Inquiry)"

Kayvan Montakhabrequested to merge
238-redis-cve-2025-49844-anchore-team-inquiry into main

General MR

Umbrella Branch

anchore_update_ui-redis_upstream

Summary

clean install has warning from out-dated postgres tag. . Not worried about that for now.

image

update redis to address CVE-2025-49844

Relevant logs/screenshots

See comments

Linked Issue

[issue] #238 (closed)

Upgrade Notices

This release upgrades the Big Bang Redis chart which requires a clean upgrade. We have enabled the cleanUpgrade option by default for this release. See big-bang/product/maintained/redis!198 (merged) for additional information.

Since Redis is only used by Anchore as a cache layer and for session state, it's in-cluster contents should be able to be removed without causing any issues.

If you use Anchor's Redis store for anything else, you will want to backup and restore your redis database.

Platform One does not support running Anchore Enterprise with our internal Redis store. This option should only be used for development or CI pipelines.

Closes #238 (closed)

Edited by Michael Martin

Merge request reports

UNCLASSIFIED - NO CUI