[Buildroot] [PATCH for 2021.02.x 1/1] package/redis: security bump to v6.0.15

Peter Korsgaard peter at korsgaard.com
Fri Jul 30 16:23:19 UTC 2021


>>>>> "Titouan" == Titouan Christophe <titouanchristophe at gmail.com> writes:

 > From the release notes:
 > ================================================================================
 > Redis 6.0.15 Released Wed Jul 21 16:32:19 IDT 2021
 > ================================================================================

 > Upgrade urgency: SECURITY, contains fixes to security issues that affect
 > authenticated client connections on 32-bit versions. MODERATE otherwise.

 > Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761).
 > An integer overflow bug in Redis version 2.2 or newer can be exploited using the
 > BITFIELD command to corrupt the heap and potentially result with remote code
 > execution.

 > See https://github.com/redis/redis/blob/6.0.15/00-RELEASENOTES

 > Signed-off-by: Titouan Christophe <titouanchristophe at gmail.com>

Committed to 2021.02.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list