redis:5 security update

🗓️ 07 Aug 2019 10:40:54Reported by Rockylinux Product ErrataType

rocky

rocky🔗 errata.rockylinux.org👁 21 Views

Redis:5 security update affects Rocky Linux 8 with heap and stack buffer overflow

Reporter	Title	Published	Views	Family All 134
ALT Linux	Security fix for the ALT Linux 8 package redis version 3.0.7-alt2	27 Nov 201900:00	–	altlinux
AlpineLinux	CVE-2019-10192	11 Jul 201918:30	–	alpinelinux
AlpineLinux	CVE-2019-10193	11 Jul 201918:30	–	alpinelinux
BDU FSTEC	The vulnerability of the HyperLogLog algorithm in a resident database management system for NoSQL Redis lies in the fact that the output of the operation may exceed the buffer limits in memory. This allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.	16 Oct 201900:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the HyperLogLog algorithm in a resident database management system for NoSQL Redis lies in the fact that the output of the operation may exceed the buffer limits in memory. This allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.	16 Oct 201900:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the HyperLogLog algorithm in the resident database management system for NoSQL Redis allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.	16 Oct 201900:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the HyperLogLog algorithm in the resident database management system for NoSQL Redis allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.	16 Oct 201900:00	–	bdu_fstec
Check Point Advisories	Redis Buffer Overflow (CVE-2019-10192; CVE-2019-10193)	5 Feb 202000:00	–	checkpoint_advisories
CVE	CVE-2019-10192	11 Jul 201918:30	–	cve
CVE	CVE-2019-10193	11 Jul 201918:30	–	cve

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	8	aarch64	redis	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-0:5.0.3-2.module+el8.4.0+393+5af13779.aarch64.rpm
Rocky Linux	8	x86_64	redis	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-0:5.0.3-2.module+el8.4.0+393+5af13779.x86_64.rpm
Rocky Linux	8	aarch64	redis-debuginfo	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-debuginfo-0:5.0.3-2.module+el8.4.0+393+5af13779.aarch64.rpm
Rocky Linux	8	x86_64	redis-debuginfo	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-debuginfo-0:5.0.3-2.module+el8.4.0+393+5af13779.x86_64.rpm
Rocky Linux	8	aarch64	redis-debugsource	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-debugsource-0:5.0.3-2.module+el8.4.0+393+5af13779.aarch64.rpm
Rocky Linux	8	x86_64	redis-debugsource	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-debugsource-0:5.0.3-2.module+el8.4.0+393+5af13779.x86_64.rpm
Rocky Linux	8	aarch64	redis-devel	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-devel-0:5.0.3-2.module+el8.4.0+393+5af13779.aarch64.rpm
Rocky Linux	8	x86_64	redis-devel	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-devel-0:5.0.3-2.module+el8.4.0+393+5af13779.x86_64.rpm
Rocky Linux	8	any	redis-doc	0:5.0.3-2.module+el8.4.0+393+5af13779	redis-doc-0:5.0.3-2.module+el8.4.0+393+5af13779.noarch.rpm

07 Aug 2019 10:40Current

0.9Low risk

Vulners AI Score0.9

CVSS 26.5

CVSS 3.17.2

CVSS 37.2

EPSS0.33071

redis 5 security update rocky linux 8 heap buffer overflow stack buffer overflow