| Revision Date: | 2021-11-23 | Version: | 1 |
| Title: | Security update for redis (Important) |
| Description: |
This update for redis fixes the following issues: - CVE-2021-32627: Fixed integer to heap buffer overflows with streams (bsc#1191305). - CVE-2021-32628: Fixed integer to heap buffer overflows handling ziplist-encoded data types (bsc#1191305). - CVE-2021-32687: Fixed integer to heap buffer overflow with intsets (bsc#1191302). - CVE-2021-32762: Fixed integer to heap buffer overflow issue in redis-cli and redis-sentinel (bsc#1191300). - CVE-2021-32626: Fixed heap buffer overflow caused by specially crafted Lua scripts (bsc#1191306). - CVE-2021-32672: Fixed random heap reading issue with Lua Debugger (bsc#1191304). - CVE-2021-32675: Fixed Denial Of Service when processing RESP request payloads with a large number of elements on many connections (bsc#1191303). - CVE-2021-41099: Fixed integer to heap buffer overflow handling certain string commands and network payloads (bsc#1191299).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1191299
1191300
1191302
1191303
1191304
1191305
1191306
CVE-2021-32626
CVE-2021-32627
CVE-2021-32628
CVE-2021-32672
CVE-2021-32675
CVE-2021-32687
CVE-2021-32762
CVE-2021-41099
openSUSE-SU-2021:3772-1
|
| Platform(s): | openSUSE Leap 15.3
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.3 is installed AND redis-6.0.14-6.8.1 is installed
|