SUSE-SU-2021:3772-1 -- SLES redisID: oval:org.secpod.oval:def:89047330 | Date: (C)2022-10-21 (M)2023-11-13 |
Class: PATCH | Family: unix |
This update for redis fixes the following issues: - CVE-2021-32627: Fixed integer to heap buffer overflows with streams . - CVE-2021-32628: Fixed integer to heap buffer overflows handling ziplist-encoded data types . - CVE-2021-32687: Fixed integer to heap buffer overflow with intsets . - CVE-2021-32762: Fixed integer to heap buffer overflow issue in redis-cli and redis-sentinel . - CVE-2021-32626: Fixed heap buffer overflow caused by specially crafted Lua scripts . - CVE-2021-32672: Fixed random heap reading issue with Lua Debugger . - CVE-2021-32675: Fixed Denial Of Service when processing RESP request payloads with a large number of elements on many connections . - CVE-2021-41099: Fixed integer to heap buffer overflow handling certain string commands and network payloads .
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |