From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: Titouan Christophe <titouanchristophe@gmail.com>
Cc: Daniel Price <daniel.price@gmail.com>, buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 1/1] package/redis: security bump to v6.2.5
Date: Mon, 26 Jul 2021 23:08:40 +0200 [thread overview]
Message-ID: <20210726230840.4062626b@windsurf> (raw)
In-Reply-To: <20210726091635.86606-2-titouanchristophe@gmail.com>
On Mon, 26 Jul 2021 11:16:35 +0200
Titouan Christophe <titouanchristophe@gmail.com> wrote:
> From the release notes:
> ================================================================================
> Redis 6.2.5 Released Wed Jul 21 16:32:19 IDT 2021
> ================================================================================
>
> Upgrade urgency: SECURITY, contains fixes to security issues that affect
> authenticated client connections on 32-bit versions. MODERATE otherwise.
>
> Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761).
> An integer overflow bug in Redis version 2.2 or newer can be exploited using the
> BITFIELD command to corrupt the heap and potentially result with remote code
> execution.
>
> See https://github.com/redis/redis/blob/6.2.5/00-RELEASENOTES
>
> Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
> ---
> package/redis/redis.hash | 2 +-
> package/redis/redis.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
next prev parent reply other threads:[~2021-07-26 21:09 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-26 9:16 [Buildroot] [PATCH for 2021.02.x 1/1] package/redis: security bump to v6.0.15 Titouan Christophe
2021-07-26 9:16 ` [Buildroot] [PATCH 1/1] package/redis: security bump to v6.2.5 Titouan Christophe
2021-07-26 21:08 ` Thomas Petazzoni [this message]
2021-07-30 16:24 ` Peter Korsgaard
2021-07-30 16:23 ` [Buildroot] [PATCH for 2021.02.x 1/1] package/redis: security bump to v6.0.15 Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210726230840.4062626b@windsurf \
--to=thomas.petazzoni@bootlin.com \
--cc=buildroot@buildroot.org \
--cc=daniel.price@gmail.com \
--cc=titouanchristophe@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox