Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:Update
patchinfo.19597
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.19597
<patchinfo incident="19597"> <issue tracker="cve" id="2021-29477"/> <issue tracker="cve" id="2021-21309"/> <issue tracker="cve" id="2021-29478"/> <issue tracker="bnc" id="1185730">VUL-0: CVE-2021-29478: redis: Integer overflow via COPY command for large intsets</issue> <issue tracker="bnc" id="1182657">VUL-0: CVE-2021-21309: redis: Integer overflow on 32-bit systems</issue> <issue tracker="bnc" id="1185729">VUL-0: CVE-2021-29477: redis: Integer overflow via STRALGO LCS command</issue> <packager>jzerebecki</packager> <rating>important</rating> <category>security</category> <summary>Security update for redis</summary> <description>This update for redis fixes the following issues: redis was updated to 6.0.13: * CVE-2021-29477: Integer overflow in STRALGO LCS command (bsc#1185729) * CVE-2021-29478: Integer overflow in COPY command for large intsets (bsc#1185730) * Cluster: Skip unnecessary check which may prevent failure detection * Fix performance regression in BRPOP on Redis 6.0 * Fix edge-case when a module client is unblocked redis 6.0.12: * Fix compilation error on non-glibc systems if jemalloc is not used redis 6.0.11: * CVE-2021-21309: Avoid 32-bit overflows when proto-max-bulk-len is set high (bsc#1182657) * Fix handling of threaded IO and CLIENT PAUSE (failover), could lead to data loss or a crash * Fix the selection of a random element from large hash tables * Fix broken protocol in client tracking tracking-redir-broken message * XINFO able to access expired keys on a replica * Fix broken protocol in redis-benchmark when used with -a or --dbnum * Avoid assertions (on older kernels) when testing arm64 CoW bug * CONFIG REWRITE should honor umask settings * Fix firstkey,lastkey,step in COMMAND command for some commands * RM_ZsetRem: Delete key if empty, the bug could leave empty zset keys - Switch systemd type of the sentinel service from notify to simple. This can be reverted when updating to 6.2 which fixes https://github.com/redis/redis/issues/7284 . </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor