redis: fix CVE-2021-32625 - meta-openembedded - Collection of OpenEmbedded layers

diff options

author	Tony Tascioglu <tony.tascioglu@windriver.com>	2021-08-10 11:51:45 -0700
committer	Armin Kuster <akuster808@gmail.com>	2021-08-14 11:43:12 -0700
commit	acf5769aff4edb67b187d70ac339a6484e1cc527 (patch)
tree	e8f514fc0cfa31537d3d5de0a5335c63a6eeb3b5 /meta-xfce
parent	b2c8972406a263fac9e8b8f3a41251b6d451ef10 (diff)
download	meta-openembedded-acf5769aff4edb67b187d70ac339a6484e1cc527.tar.gz

redis: fix CVE-2021-32625

CVE: CVE-2021-32625 Upstream-Status: Backport [e9a1438ac4c52aa68dfa2a8324b6419356842116] Fix integer overflow in STRALGO LCS (CVE-2021-32625) (#9011) An integer overflow bug in Redis version 6.0 or newer can be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-xfce')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: