Oval Definition:oval:org.opensuse.security:def:1605
Revision Date:2021-05-19Version:1
Title:Security update for redis (Important)
Description:

This update for redis fixes the following issues:

redis was updated to 6.0.13:

CVE-2021-29477: Integer overflow in STRALGO LCS command (bsc#1185729) * CVE-2021-29478: Integer overflow in COPY command for large intsets (bsc#1185730) * Cluster: Skip unnecessary check which may prevent failure detection * Fix performance regression in BRPOP on Redis 6.0 * Fix edge-case when a module client is unblocked

redis 6.0.12:

Fix compilation error on non-glibc systems if jemalloc is not used

redis 6.0.11:

CVE-2021-21309: Avoid 32-bit overflows when proto-max-bulk-len is set high (bsc#1182657) * Fix handling of threaded IO and CLIENT PAUSE (failover), could lead to data loss or a crash * Fix the selection of a random element from large hash tables * Fix broken protocol in client tracking tracking-redir-broken message * XINFO able to access expired keys on a replica * Fix broken protocol in redis-benchmark when used with -a or --dbnum * Avoid assertions (on older kernels) when testing arm64 CoW bug * CONFIG REWRITE should honor umask settings * Fix firstkey,lastkey,step in COMMAND command for some commands * RM_ZsetRem: Delete key if empty, the bug could leave empty zset keys

- Switch systemd type of the sentinel service from notify to simple. This can be reverted when updating to 6.2 which fixes https://github.com/redis/redis/issues/7284 .
Family:unixClass:patch
Status:Reference(s):1145092
1182657
1185729
1185730
CVE-2016-2399
CVE-2017-6507
CVE-2017-9122
CVE-2017-9123
CVE-2017-9124
CVE-2017-9125
CVE-2017-9126
CVE-2017-9127
CVE-2017-9128
CVE-2019-10208
CVE-2019-10208
CVE-2021-21309
CVE-2021-29477
CVE-2021-29478
SUSE-SU-2019:2707-1
SUSE-SU-2021:1652-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP3
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Storage 7
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • gnutls-3.2.15-11 is installed
  • OR libgnutls28-3.2.15-11 is installed
  • OR libgnutls28-32bit-3.2.15-11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-33 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-33 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-33 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-33 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-33 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-70 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-70 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • libquicktime-1.2.4+git20180804.fff99cd-1.19 is installed
  • OR libquicktime-devel-1.2.4+git20180804.fff99cd-1.19 is installed
  • OR libquicktime0-1.2.4+git20180804.fff99cd-1.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND Package Information
  • libpacemaker-devel-1.1.18+20180430.b12c320f5-3.9 is installed
  • OR libpacemaker3-1.1.18+20180430.b12c320f5-3.9 is installed
  • OR pacemaker-1.1.18+20180430.b12c320f5-3.9 is installed
  • OR pacemaker-cli-1.1.18+20180430.b12c320f5-3.9 is installed
  • OR pacemaker-cts-1.1.18+20180430.b12c320f5-3.9 is installed
  • OR pacemaker-remote-1.1.18+20180430.b12c320f5-3.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • ctdb-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-4.9.5+git.176.375e1f05788-3.6 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND redis-6.0.13-1.10.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libpq5-10.10-8.6 is installed
  • OR postgresql10-10.10-8.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • typelib-1_0-JavaScriptCore-4_0-2.20.3-3.3 is installed
  • OR typelib-1_0-WebKit2-4_0-2.20.3-3.3 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.20.3-3.3 is installed
  • OR webkit2gtk3-2.20.3-3.3 is installed
  • OR webkit2gtk3-devel-2.20.3-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-60.7.0-3.40 is installed
  • OR MozillaFirefox-devel-60.7.0-3.40 is installed
  • OR MozillaFirefox-translations-common-60.7.0-3.40 is installed
  • OR MozillaFirefox-translations-other-60.7.0-3.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND mercurial-4.5.2-3.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • graphviz-addons-2.40.1-6.3 is installed
  • OR graphviz-perl-2.40.1-6.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • binutils-2.31-6.3 is installed
  • OR binutils-gold-2.31-6.3 is installed
  • OR cross-arm-binutils-2.31-6.3 is installed
  • OR cross-avr-binutils-2.31-6.3 is installed
  • OR cross-epiphany-binutils-2.31-6.3 is installed
  • OR cross-hppa-binutils-2.31-6.3 is installed
  • OR cross-hppa64-binutils-2.31-6.3 is installed
  • OR cross-i386-binutils-2.31-6.3 is installed
  • OR cross-ia64-binutils-2.31-6.3 is installed
  • OR cross-m68k-binutils-2.31-6.3 is installed
  • OR cross-mips-binutils-2.31-6.3 is installed
  • OR cross-ppc-binutils-2.31-6.3 is installed
  • OR cross-ppc64-binutils-2.31-6.3 is installed
  • OR cross-riscv64-binutils-2.31-6.3 is installed
  • OR cross-rx-binutils-2.31-6.3 is installed
  • OR cross-s390-binutils-2.31-6.3 is installed
  • OR cross-sparc-binutils-2.31-6.3 is installed
  • OR cross-sparc64-binutils-2.31-6.3 is installed
  • OR cross-spu-binutils-2.31-6.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • apache2-2.4.33-3.21 is installed
  • OR apache2-devel-2.4.33-3.21 is installed
  • OR apache2-doc-2.4.33-3.21 is installed
  • OR apache2-prefork-2.4.33-3.21 is installed
  • OR apache2-utils-2.4.33-3.21 is installed
  • OR apache2-worker-2.4.33-3.21 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND apache2-mod_apparmor-2.13.4-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • nodejs10-10.16.0-1.9 is installed
  • OR nodejs10-devel-10.16.0-1.9 is installed
  • OR nodejs10-docs-10.16.0-1.9 is installed
  • OR npm10-10.16.0-1.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND apache-commons-beanutils-1.9.2-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • ntp-4.2.8p4-1 is installed
  • OR ntp-doc-4.2.8p4-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • sysvinit-tools-2.88+-96.1 is installed
  • OR whois-5.1.1-1.17 is installed
  • BACK