Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP2
patchinfo.21742
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.21742
<patchinfo incident="21742"> <issue tracker="cve" id="2021-41099"/> <issue tracker="cve" id="2021-32687"/> <issue tracker="cve" id="2021-32628"/> <issue tracker="cve" id="2021-32626"/> <issue tracker="cve" id="2021-32672"/> <issue tracker="cve" id="2021-32762"/> <issue tracker="cve" id="2021-32627"/> <issue tracker="cve" id="2021-32675"/> <issue tracker="bnc" id="1191299">VUL-0: CVE-2021-41099: redis: Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured to a non-default, very large value</issue> <issue tracker="bnc" id="1191303">VUL-0: CVE-2021-32675: redis: Denial Of Service when processing RESP request payloads with a large number of elements on many connections</issue> <issue tracker="bnc" id="1191304">VUL-0: CVE-2021-32672: redis: Random heap reading issue with Lua Debugger</issue> <issue tracker="bnc" id="1191306">VUL-0: CVE-2021-32626: redis: Specially crafted Lua scripts may result with Heap buffer overflow</issue> <issue tracker="bnc" id="1191305">VUL-0: CVE-2021-32627,CVE-2021-32628: redis: Integer to heap buffer overflows</issue> <issue tracker="bnc" id="1191302">VUL-0: CVE-2021-32687: redis: Integer to heap buffer overflow with intsets, when set-max-intset-entries is manually configured to a non-default, very large value</issue> <issue tracker="bnc" id="1191300">VUL-0: CVE-2021-32762: redis: Integer to heap buffer overflow issue in redis-cli and redis-sentinel parsing large multi-bulk replies on some older and less common platforms</issue> <packager>dspinella</packager> <rating>important</rating> <category>security</category> <summary>Security update for redis</summary> <description>This update for redis fixes the following issues: - CVE-2021-32627: Fixed integer to heap buffer overflows with streams (bsc#1191305). - CVE-2021-32628: Fixed integer to heap buffer overflows handling ziplist-encoded data types (bsc#1191305). - CVE-2021-32687: Fixed integer to heap buffer overflow with intsets (bsc#1191302). - CVE-2021-32762: Fixed integer to heap buffer overflow issue in redis-cli and redis-sentinel (bsc#1191300). - CVE-2021-32626: Fixed heap buffer overflow caused by specially crafted Lua scripts (bsc#1191306). - CVE-2021-32672: Fixed random heap reading issue with Lua Debugger (bsc#1191304). - CVE-2021-32675: Fixed Denial Of Service when processing RESP request payloads with a large number of elements on many connections (bsc#1191303). - CVE-2021-41099: Fixed integer to heap buffer overflow handling certain string commands and network payloads (bsc#1191299). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
