UbuntuUpdates.org

Package "redis"

Name: redis

Description:

Persistent key-value database with network interface (metapackage)

Latest version: 5:4.0.9-1ubuntu0.1
Release: bionic (18.04)
Level: security
Repository: universe
Homepage: http://redis.io/

Links

Save this URL for the latest version of "redis": https://www.ubuntuupdates.org/redis


Download "redis"


Other versions of "redis" in Bionic

Repository Area Version
base universe 5:4.0.9-1
updates universe 5:4.0.9-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5:4.0.9-1ubuntu0.1 2018-12-07 00:06:54 UTC

  redis (5:4.0.9-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2018-11218.patch: fix in
      deps/lua/src/lua_cmsgpack.c.
    - CVE-2018-11218
  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2018-11219-*.patch: fix in
      deps/lua/src/lua_struct.c.
    - CVE-2018-11219
  * SECURITY UPDATE: Buffer overflow in the redis-cli
    - debian/patches/CVE-2018-12326.patch: fix in
      redis-cli.c.
    - CVE-2018-12326

 -- Julian Andres Klode <email address hidden> Thu, 29 Nov 2018 11:37:34 +0100

CVE-2018-11218 Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 becau
CVE-2018-11219 An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2
CVE-2018-12326 Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privil



About   -   Send Feedback to @ubuntu_updates