openSUSE Security Update : redis (openSUSE-2017-1258)

This update for redis to version 4.0.2 fixes the following issues : - CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability boo1002351 The following upstream changes are included : - SLOWLOG now logs the offending client name and address - The modules native data types...

OPENSUSE-SU-2017:2994-1 Security update for redis

This update for redis to version 4.0.2 fixes the following issues: - CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability boo1002351 The following upstream changes are included: - SLOWLOG now logs the offending client name and address - The modules native data types R...

Redis CONFIG SET client-output-buffer-limit command Code Execution Vulnerability(CVE-2016-8339)

Summary An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG SET command can lead to an out of bounds write potentially resulting in code execution. Tested Versions...

CVE-2016-8339

A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG S...

CVE-2016-8339

Summary: CVE-2016-8339 is a buffer overflow in Redis 3.2.x prior to 3.2.4. The flaw occurs in the handling of the CONFIG SET option for the client-output-buffer-limit, where a crafted CONFIG SET can trigger an out-of-bounds write and potentially allow code execution. Impact (as stated in sources)...