Redis is an advanced key-value store. It is often referred to as a data
structure server because keys can contain strings, hashes, lists, sets, or
sorted sets.
An integer-wraparound flaw leading to a stack-based overflow was found in
Redis. A user with access to run Lua code in a Redis session could possibly
use this flaw to crash the server (denial of service) or gain code
execution outside of the Lua sandbox. (CVE-2015-8080)
All users of redis are advised to upgrade to these updated packages, which
correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | x86_64 | redis | < 2.8.24-1.el7ost | redis-2.8.24-1.el7ost.x86_64.rpm |
RedHat | 7 | src | redis | < 2.8.24-1.el7ost | redis-2.8.24-1.el7ost.src.rpm |
RedHat | 7 | x86_64 | redis-debuginfo | < 2.8.24-1.el7ost | redis-debuginfo-2.8.24-1.el7ost.x86_64.rpm |