[Buildroot] [PATCH 1/1] package/redis: security bump to v7.0.4
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Thu Aug 11 20:25:13 UTC 2022
On Thu, 11 Aug 2022 20:54:48 +0200
Titouan Christophe <titouanchristophe at gmail.com> wrote:
> From the release notes:
>
> ================================================================================
> Redis 7.0.4 Released Monday Jul 18 12:00:00 IST 2022
> ================================================================================
>
> Upgrade urgency: SECURITY, contains fixes to security issues.
>
> Security Fixes:
> * (CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream
> key in a specific state may result with heap overflow, and potentially
> remote code execution. The problem affects Redis versions 7.0.0 or newer.
>
> Signed-off-by: Titouan Christophe <titouanchristophe at gmail.com>
> ---
> package/redis/redis.hash | 2 +-
> package/redis/redis.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list