Fedora: 33 Moderate Advisory on Redis 6.0.15 Integer Overflow

Redis is an advanced key-value store. It is often referred to as a data

structure server since keys can contain strings, hashes, lists, sets and

sorted sets.

You can run atomic operations on these types, like appending to a string;

incrementing the value in a hash; pushing to a list; computing set

intersection, union and difference; or getting the member with highest

ranking in a sorted set.

In order to achieve its outstanding performance, Redis works with an

in-memory dataset. Depending on your use case, you can persist it either

by dumping the dataset to disk every once in a while, or by appending

each command to a log.

Redis also supports trivial-to-setup master-slave replication, with very

fast non-blocking first synchronization, auto-reconnection on net split

and so forth.

Other features include Transactions, Pub/Sub, Lua scripting, Keys with a

limited time-to-live, and configuration settings to make Redis behave like

a cache.

You can use Redis from most programming languages also.

** Redis 6.0.15** - Released Wed Jul 21 16:32:19 IDT 2021 Upgrade urgency:

SECURITY, contains fixes to security issues that affect authenticated client

connections on 32-bit versions. MODERATE otherwise. Fix integer overflow in

BITFIELD on 32-bit versions (**CVE-2021-32761**). An integer overflow bug in

Redis version 2.2 or newer can be exploited using the BITFIELD command to

corrupt the heap and potentially result with remote code execution. Bug fixes

that involve behavior changes: * Change reply type for ZPOPMAX/MIN with

count in RESP3 to nested array (#8981). Was using a flat array like in RESP2

instead of a nested array like ZRANGE does. Bug fixes: * Fail EXEC command

in case a watched key is expired (#9194) * Fix SMOVE not to invalidate dest

key (WATCH and tracking) when member already exists (#9244) * Fix SINTERSTORE

not to delete dest key when getting a wrong type error (#9032) * Fix

overflows on 32-bit versions in GETBIT, SETBIT, BITCOUNT, BITPOS, and BITFIELD

(#9191) * Set TCP keepalive on inbound cluster bus connections (#9230) *

Fix ziplist length updates on big-endian platforms (#2080) * Fix diskless

replica loading to recover from RDB short read on module AUX data (#9199) *

Fix race in client side tracking (#9116) * If diskless repl child is killed,

make sure to reap the child pid (#7742) * Add a timeout mechanism for

replicas stuck in fullsync (#8762) CLI tools: * redis-cli cluster import

support source and target that require auth (#7994) * redis-cli cluster

import command may issue wrong MIGRATE command, sending COPY instead of REPLACE

(#8945) * redis-cli support for RESP3 set type in CSV and RAW output (#7338)

* Thu Jul 22 2021 Remi Collet - 6.0.15-1

- Upstream 6.0.15 release

- Fix CVE-2021-32761: 32-bit systems BITFIELD command integer overflow.

[ 1 ] Bug #1985476 - CVE-2021-32761 redis: integer overflow issues with BITFIELD command on 32-bit systems

https://bugzilla.redhat.com/show_bug.cgi?id=1985476

su -c 'dnf upgrade --advisory FEDORA-2021-76cf1653b3' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure