redis -- multiple vulnerabilities

The Redis Team reports:

CVE-2021-41099

      Integer to heap buffer overflow handling certain string commands
      and network payloads, when proto-max-bulk-len is manually configured.

CVE-2021-32762

      Integer to heap buffer overflow issue in redis-cli and redis-sentinel
      parsing large multi-bulk replies on some older and less common platforms.

CVE-2021-32687

      Integer to heap buffer overflow with intsets, when set-max-intset-entries
      is manually configured to a non-default, very large value.

CVE-2021-32675

      Denial Of Service when processing RESP request payloads with a large
      number of elements on many connections.

CVE-2021-32672

      Random heap reading issue with Lua Debugger.

CVE-2021-32628

      Integer to heap buffer overflow handling ziplist-encoded data types,
      when configuring a large, non-default value for hash-max-ziplist-entries,
      hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value.

CVE-2021-32627

      Integer to heap buffer overflow issue with streams, when configuring
      a non-default, large value for proto-max-bulk-len and
      client-query-buffer-limit.

CVE-2021-32626

      Specially crafted Lua scripts may result with Heap buffer overflow.