Package : redis
Version : 2:2.8.17-1+deb8u6
CVE IDs : CVE-2018-11218, CVE-2018-11219, CVE-2018-12326
Debian Bugs : #901495, #902410
It was discovered that there were a number of vulnerabilities in redis,
a persistent key-value database:
CVE-2018-11218, CVE-2018-11219: Multiple heap
corruption and integer overflow vulnerabilities. (#901495)
CVE-2018-12326: Buffer overflow in the "redis-cli" tool which could
have allowed an attacker to achieve code execution and/or escalate to
higher privileges via a crafted command line. (#902410)
For Debian 8 "Jessie", these issues have been fixed in redis version
2:2.8.17-1+deb8u6.
We recommend that you upgrade your redis packages.
Regards,
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | all | redis | < 2:2.8.17-1+deb8u6 | redis_2:2.8.17-1+deb8u6_all.deb |