[ALSA-2022:8096] Low: redis security and bug fix update
Type:
security
Severity:
low
Release date:
2022-11-18
Description:
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Security Fix(es): * redis: Code injection via Lua script execution environment (CVE-2022-24735) * redis: Malformed Lua script can crash Redis (CVE-2022-24736) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 redis-6.2.7-1.el9.aarch64.rpm 66f6158952241a26323601cfbf5f929687ad1c326488309a7393e09f1f160e41
aarch64 redis-devel-6.2.7-1.el9.aarch64.rpm ce8c061d66961a97d2fba567733884e17f854e687a024db00b2b1892634f3954
i686 redis-devel-6.2.7-1.el9.i686.rpm 7aa3e793576437268a42d168c4febef9a03d425b0d5375e0d73f189024e16528
noarch redis-doc-6.2.7-1.el9.noarch.rpm 142f8f9a73b8b4e8f94dd2bd4a7cde5f54880fe6e5dd1a54ec5c41a6bd33ac58
ppc64le redis-devel-6.2.7-1.el9.ppc64le.rpm 3b5b16457800b143b53efc37c9c80ce11d2d95f3268c84bc6d51ac07202cf96e
ppc64le redis-6.2.7-1.el9.ppc64le.rpm 9faf550f0f705ba4475994be1dfd83638f8dcd273dce46b74525dd25dbc2c2f0
s390x redis-devel-6.2.7-1.el9.s390x.rpm 17036c47134ffcbed862a422ef7d397ef1f07c8549e843c6eb2790ace8935bb8
s390x redis-6.2.7-1.el9.s390x.rpm c8fdc219bf77d509dfbc0c17c2a93e2e8be945384c9c281cc8fb22dc6bd2ba56
x86_64 redis-6.2.7-1.el9.x86_64.rpm 57a9f6a8531b7d443cba4c73032962da474d5cbc35e93ca9ab28929c32c45c68
x86_64 redis-devel-6.2.7-1.el9.x86_64.rpm 61d0783787f472866d8adf69d7ceeb80bba0f42165675efedf4f2d22bada5f9c
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.