FEDORA-EPEL-2016-23fa04bf1c

security update in Fedora EPEL 7 for redis

Status: stable 2 years ago

Security fix for CVE-2013-7458

Comments 10

This update has been submitted for testing by hguemar.

This update has been pushed to testing.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

Considering the number of people asking me to push that update ... It would have just gone faster if people voted ;-)

Works for me. Although 3.2.3 contains a critical security issue, see https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES

karma: +1 #1363672: +1 #1363670: +1 #1278967: +1 #1228332: +1 #1069036: +1 #923970: +1 #895121: +1

Has passed testing here as well.

karma: +1 #1363672: +1 #1363670: +1 #1228332: +1 #1069036: +1 #923970: +1 #895121: +1

We ran it in production for a few days. No issues whatsoever.

karma: +1

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#895121 redis 2.4: Insecure temporary flaw use for redis service's vm swap file [epel-all]
#923970 redis in epel is very out of date
#1069036 redis: insecure temporary file creation [epel-all]
#1228332 redis: Lua sandbox escape and arbitrary code execution [epel-all]
#1278967 CVE-2015-8080 redis: Integer wraparound in lua_struct.c causing stack-based buffer overflow [epel-all]
#1363670 CVE-2013-7458 redis: world-readable ~/.rediscli_history
#1363672 CVE-2013-7458 redis: world-readable ~/.rediscli_history [epel-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 7

0+2 #895121 redis 2.4: Insecure temporary flaw use for redis service's vm swap file [epel-all]
0+2 #923970 redis in epel is very out of date
0+2 #1069036 redis: insecure temporary file creation [epel-all]
0+2 #1228332 redis: Lua sandbox escape and arbitrary code execution [epel-all]
0+1 #1278967 CVE-2015-8080 redis: Integer wraparound in lua_struct.c causing stack-based buffer overflow [epel-all]
0+2 #1363670 CVE-2013-7458 redis: world-readable ~/.rediscli_history
0+2 #1363672 CVE-2013-7458 redis: world-readable ~/.rediscli_history [epel-all]

Automated Test Results