File _patchinfo of Package patchinfo.28794

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.28794

<patchinfo incident="28794">
  <issue tracker="cve" id="2022-36021"/>
  <issue tracker="cve" id="2023-28856"/>
  <issue tracker="cve" id="2023-25155"/>
  <issue tracker="bnc" id="1208790">VUL-0: CVE-2022-36021: redis: redis: Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow</issue>
  <issue tracker="bnc" id="1210548">VUL-0: CVE-2023-28856: redis: HINCRBYFLOAT invalid key crash</issue>
  <issue tracker="bnc" id="1208793">VUL-0: CVE-2023-25155: redis: Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow</issue>
  <packager>ateixeira</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for redis</summary>
  <description>This update for redis fixes the following issues:

- CVE-2022-36021: Fixed possible integer overflow via specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands (bsc#1208790).
- CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field (bsc#1210548).
- CVE-2023-25155: Fixed integer overflow in RAND commands that can lead to assertion (bsc#1208793).
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.28794

Places