[ALSA-2022:7541] Low: redis:6 security, bug fix, and enhancement update
Type:
security
Severity:
low
Release date:
2022-11-12
Description:
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. The following packages have been upgraded to a later upstream version: redis (6.2.7). (BZ#1999873) Security Fix(es): * redis: Code injection via Lua script execution environment (CVE-2022-24735) * redis: Malformed Lua script can crash Redis (CVE-2022-24736) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 redis-6.2.7-1.module_el8.7.0+3288+a82c1b48.aarch64.rpm 8b02230737c9bdbef95da4681c40e73180f77c96b7b38b4364ca5cf4147ffdcf
aarch64 redis-devel-6.2.7-1.module_el8.7.0+3288+a82c1b48.aarch64.rpm b41931a93cd2d1b43bceed8fb1559d13859c6a705c6cae799816595c34c4dcbc
noarch redis-doc-6.2.7-1.module_el8.7.0+3288+a82c1b48.noarch.rpm 7e2788a456459c34391f9ad43639ea0a1979262177ba13bd73b23fc35dc0b52c
ppc64le redis-6.2.7-1.module_el8.7.0+3288+a82c1b48.ppc64le.rpm 4c145b91169ca247ac92291a45b611bba8067660972e3f57a4818f139c6e3278
ppc64le redis-devel-6.2.7-1.module_el8.7.0+3288+a82c1b48.ppc64le.rpm c8785a5ad5564ae04095a0baaa20a12b0585d3676032eb4b220069af179dc4c9
s390x redis-devel-6.2.7-1.module_el8.7.0+3288+a82c1b48.s390x.rpm 143a133363e7d96a8d6e48ff89b1da603ab7c3e6c65825c07ad8687145911aec
s390x redis-6.2.7-1.module_el8.7.0+3288+a82c1b48.s390x.rpm 83cc95bbfff0ff1cd94f02e53e50425a5e39285eb9d8fb467a721da639b66e6c
x86_64 redis-devel-6.2.7-1.module_el8.7.0+3288+a82c1b48.x86_64.rpm 60e2bf02485f2267b98f51152c0c16fa33865abd6227c3a21c452beffbd59513
x86_64 redis-6.2.7-1.module_el8.7.0+3288+a82c1b48.x86_64.rpm e72e7e26512237465423a8ed832397284371090e1edeaba3e3a40efa59ef4502
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.