Read Time:35 Second

FEDORA-2024-6ef42a28c9

Packages in this update:

redis-7.2.4-1.fc39

Update description:

Redis 7.2.4 Released Tue 09 Jan 2024 10:45:52 IST

Upgrade urgency SECURITY: See security fixes below.

Security fixes

(CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.

Bug fixes

Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)

ZDI-CAN-25373: Microsoft

A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus - Trend Micro Zero Day Initiative' was reported to...

September 20, 2024

DSA-5774-1 ruby-saml – security update

It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify...

September 20, 2024

USN-6968-2: PostgreSQL vulnerability

USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS....

September 19, 2024