Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 635
Alerts This Week
Warning Icon 1 635

Mageia 6: MGASA-2019-0226 Critical Redis Buffer Overflow Advisory

mageia
Calendar Grey August 18, 2019
Dist Mageia Esm H88
A new Redis security patch addresses heap and stack buffer overflow vulnerabilities found in Mageia 6. Refer to the update notes for detailed info on fixes and security risks tackled
This update fixes 2 security issues

Summary

This update fixes 2 security issues.
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure (CVE-2019-10192).
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure (CVE-2019-10193).

References

- https://bugs.mageia.org/show_bug.cgi?id=25278

- https://lists.debian.org/debian-security-announce/2019/msg00128.html

- https://ubuntu.com/security/notices/USN-4061-1

- https://www.cve.org/CVERecord?id=CVE-2019-10192

- https://www.cve.org/CVERecord?id=CVE-2019-10193

Resolution

SRPMS

- 6/core/redis-4.0.14-1.mga6

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 18 Aug 2019
URL: https://advisories.mageia.org/MGASA-2019-0226.html
Type: security
CVE: CVE-2019-10192, CVE-2019-10193

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.