FEDORA-EPEL-2016-23fa04bf1c created by hguemar 3 years ago for Fedora EPEL 7
stable

Security fix for CVE-2013-7458

This update has been submitted for testing by hguemar. 3 years ago
This update has been pushed to testing. 3 years ago
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes 3 years ago
User Icon hguemar commented & provided feedback 2 years ago

Considering the number of people asking me to push that update ... It would have just gone faster if people voted ;-)

User Icon prupert commented & provided feedback 2 years ago
karma

Works for me. Although 3.2.3 contains a critical security issue, see https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES

BZ#1363672 CVE-2013-7458 redis: world-readable ~/.rediscli_history [epel-all]
BZ#1363670 CVE-2013-7458 redis: world-readable ~/.rediscli_history
BZ#1278967 CVE-2015-8080 redis: Integer wraparound in lua_struct.c causing stack-based buffer overflow [epel-all]
BZ#1228332 redis: Lua sandbox escape and arbitrary code execution [epel-all]
BZ#1069036 redis: insecure temporary file creation [epel-all]
BZ#923970 redis in epel is very out of date
BZ#895121 redis 2.4: Insecure temporary flaw use for redis service's vm swap file [epel-all]
User Icon anonymous commented & provided feedback 2 years ago

Has passed testing here as well.

karma: +1

BZ#1363672 CVE-2013-7458 redis: world-readable ~/.rediscli_history [epel-all]
BZ#1363670 CVE-2013-7458 redis: world-readable ~/.rediscli_history
BZ#1228332 redis: Lua sandbox escape and arbitrary code execution [epel-all]
BZ#1069036 redis: insecure temporary file creation [epel-all]
BZ#923970 redis in epel is very out of date
BZ#895121 redis 2.4: Insecure temporary flaw use for redis service's vm swap file [epel-all]
User Icon leoluk commented & provided feedback 2 years ago
karma

We ran it in production for a few days. No issues whatsoever.

karma
This update has been submitted for stable by bodhi. 2 years ago
This update has been pushed to stable. 2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
3 years ago
in testing
3 years ago
in stable
2 years ago
BZ#895121 redis 2.4: Insecure temporary flaw use for redis service's vm swap file [epel-all]
0
2
BZ#923970 redis in epel is very out of date
0
2
BZ#1069036 redis: insecure temporary file creation [epel-all]
0
2
BZ#1228332 redis: Lua sandbox escape and arbitrary code execution [epel-all]
0
2
BZ#1278967 CVE-2015-8080 redis: Integer wraparound in lua_struct.c causing stack-based buffer overflow [epel-all]
0
1
BZ#1363670 CVE-2013-7458 redis: world-readable ~/.rediscli_history
0
2
BZ#1363672 CVE-2013-7458 redis: world-readable ~/.rediscli_history [epel-all]
0
2

Automated Test Results