SUSE-SU-2023:2925-1 -- SLES redis7ID: oval:org.secpod.oval:def:89049130 | Date: (C)2023-08-30 (M)2024-05-22 |
Class: PATCH | Family: unix |
This update for redis7 fixes the following issues: * CVE-2022-24834: Fixed heap overflow in the cjson and cmsgpack libraries . * CVE-2023-28856: Fixed HINCRBYFLOAT invalid key crash . * CVE-2022-36021: Fixed integer overflow via Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD . * CVE-2023-25155: Fixed Integer Overflow in RAND commands . * CVE-2023-28425: Fixed denial-of-service via Specially crafted MSETNX command . * CVE-2023-36824: Fixed heap overflow in COMMAND GETKEYS and ACL evaluation .
Platform: |
SUSE Linux Enterprise Server 15 SP5 |