[ALSA-2025:7438] Important: redis security update
Type:
security
Severity:
important
Release date:
2025-05-21
Description:
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Security Fix(es): * redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client (CVE-2025-21605) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 redis-devel-6.2.18-1.el9_6.aarch64.rpm 43dd93ef2e2fb39eee2ef0ba8ef2925b953423df3ae4fc068158ac2e7f80349b
aarch64 redis-6.2.18-1.el9_6.aarch64.rpm 6241c73897abc44ae6557369b57c62a340df9f2dc2398a4ef97892e09690da31
i686 redis-devel-6.2.18-1.el9_6.i686.rpm 16e34c6bf62f8789893ecf8864d750d7ed17304f67152cd4d230da017761932f
noarch redis-doc-6.2.18-1.el9_6.noarch.rpm 93eba1abf4201f69279dacf970ad71d66d6f2b0a01c67c11612070a57824abb7
ppc64le redis-6.2.18-1.el9_6.ppc64le.rpm b500981fd62ba3edc276da794125d247470828ea215a01b15ea49d96350df81e
ppc64le redis-devel-6.2.18-1.el9_6.ppc64le.rpm cb49ce6943319c8cef6346f22fa74409dcbaec51e18354ca351e1a11d274cb8c
s390x redis-devel-6.2.18-1.el9_6.s390x.rpm 2cd19bd82599572b0b9a265e05d5cf02a7c7782a37743647165d61dc534db24f
s390x redis-6.2.18-1.el9_6.s390x.rpm d0feee595cd54500a2984799be626ac63178b848a343c68a72f559b7fbca5243
x86_64 redis-devel-6.2.18-1.el9_6.x86_64.rpm c068e18726db12ebb7edb4686ecf333e163af5f52bca0eb41d7728a061b1e0d1
x86_64 redis-6.2.18-1.el9_6.x86_64.rpm e02a6d8628dd358e947720c1a26b71a92beb18071fd2851447200bdd4ca03727
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.