131 matches found
OPENSUSE-SU-2021:0841-1 Security update for redis
This update for redis fixes the following issues: redis was updated to 6.0.14: CVE-2021-32625: An integer overflow bug could be exploited by using the STRALGO LCS command to cause remote remote code execution boo1186722 Fix crash in UNLINK on a stream key with deleted consumer groups SINTERSTORE:...
SUSE-SU-2021:1652-1 Security update for redis
This update for redis fixes the following issues: redis was updated to 6.0.13: CVE-2021-29477: Integer overflow in STRALGO LCS command bsc1185729 CVE-2021-29478: Integer overflow in COPY command for large intsets bsc1185730 Cluster: Skip unnecessary check which may prevent failure detection Fix...
OPENSUSE-SU-2021:0682-1 Security update for redis
This update for redis fixes the following issues: redis 6.0.13 CVE-2021-29477: Integer overflow in STRALGO LCS command boo1185729 CVE-2021-29478: Integer overflow in COPY command for large intsets boo1185730 Cluster: Skip unnecessary check which may prevent failure detection Fix performance...
DLA-2576-1 redis - security update
Bulletin has no description...
New research shows 75% of ‘open’ Redis servers infected
Since our initial report on the RedisWannaMine attack that propagates through open Redis and Windows servers, we’ve been hearing about more and more attacks on Redis servers. Redis is a great tool, it can serve as in-memory distributed database, cache or a message broker and is widely popular...
OPENSUSE-SU-2018:0228-1 Security update for redis
This update for redis to version 4.0.6 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-15047: Buffer overflows occurring reading redis.conf bsc1061967 The following bugs are fixed: - Several PSYNC2 bugs could cause data corruption...
OPENSUSE-SU-2018:0225-1 Security update for redis
This update for redis to version 4.0.6 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-15047: Buffer overflows occurring reading redis.conf bsc1061967 The following bugs are fixed: - Several PSYNC2 bugs could cause data corruption...
OPENSUSE-SU-2017:2984-1 Security update for redis
This update for redis to version 4.0.2 fixes the following issues: - CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability boo1002351 The following upstream changes are included: - SLOWLOG now logs the offending client name and address - The modules native data types R...
OPENSUSE-SU-2017:2994-1 Security update for redis
This update for redis to version 4.0.2 fixes the following issues: - CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability boo1002351 The following upstream changes are included: - SLOWLOG now logs the offending client name and address - The modules native data types R...
Insecure Redis Instances at Core of Attacks Against Linux Servers
A recent run of attacks against Linux servers called Fairware has been traced to insecure internet-facing Redis installations that hackers have abused to delete web folders and, in some cases, install malicious code. Redis is an open source tool used by web application developers for the purpose ...
OPENSUSE-SU-2016:1980-1 Security update for redis
This update for redis fixes the following issues: - CVE-2013-7458: unsafe permissions of command line history boo991250...