CVE-2022-24834 - A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson and cmsgpack libraries, and result in heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. CVE-2023-36824 - Extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Specifically: using COMMAND GETKEYS* and validation of key names in ACL rules.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7f005e9cd9e670ac80d75587af5072475ebb5b7a commit 7f005e9cd9e670ac80d75587af5072475ebb5b7a Author: Petr Vaněk <arkamar@atlas.cz> AuthorDate: 2023-07-10 12:17:51 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-07-12 06:59:52 +0000 dev-db/redis: add 6.2.13 Bug: https://bugs.gentoo.org/910191 Signed-off-by: Petr Vaněk <arkamar@atlas.cz> Closes: https://github.com/gentoo/gentoo/pull/31823 Signed-off-by: Sam James <sam@gentoo.org> dev-db/redis/Manifest | 1 + dev-db/redis/redis-6.2.13.ebuild | 195 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 196 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b0d749c9b237cdd6ce76e18151dc4abd070352f6 commit b0d749c9b237cdd6ce76e18151dc4abd070352f6 Author: Petr Vaněk <arkamar@atlas.cz> AuthorDate: 2023-07-10 12:14:52 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-07-12 06:59:52 +0000 dev-db/redis: add 7.0.12 Bug: https://bugs.gentoo.org/910191 Signed-off-by: Petr Vaněk <arkamar@atlas.cz> Signed-off-by: Sam James <sam@gentoo.org> dev-db/redis/Manifest | 1 + dev-db/redis/redis-7.0.12.ebuild | 187 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 188 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c951a17cd1fe9cae75a262fbda6128bbb24d24b6 commit c951a17cd1fe9cae75a262fbda6128bbb24d24b6 Author: Petr Vaněk <arkamar@atlas.cz> AuthorDate: 2023-07-15 07:56:12 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-07-25 04:56:32 +0000 dev-db/redis: drop 6.2.12, 7.0.11 Bug: https://bugs.gentoo.org/910191 Signed-off-by: Petr Vaněk <arkamar@atlas.cz> Closes: https://github.com/gentoo/gentoo/pull/31895 Signed-off-by: John Helmert III <ajak@gentoo.org> dev-db/redis/Manifest | 2 - dev-db/redis/redis-6.2.12.ebuild | 195 --------------------------------------- dev-db/redis/redis-7.0.11.ebuild | 187 ------------------------------------- 3 files changed, 384 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=218682a12e5fc6cb8ca1052687aaf19180093122 commit 218682a12e5fc6cb8ca1052687aaf19180093122 Author: Petr Vaněk <arkamar@atlas.cz> AuthorDate: 2023-07-15 07:53:24 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-07-25 04:56:27 +0000 dev-db/redis: drop 7.0.10 Bug: https://bugs.gentoo.org/904486 Bug: https://bugs.gentoo.org/910191 Signed-off-by: Petr Vaněk <arkamar@atlas.cz> Signed-off-by: John Helmert III <ajak@gentoo.org> dev-db/redis/Manifest | 1 - dev-db/redis/redis-7.0.10.ebuild | 187 --------------------------------------- 2 files changed, 188 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40f0aeee0d9ab31c81a869f258821733048f7423 commit 40f0aeee0d9ab31c81a869f258821733048f7423 Author: Petr Vaněk <arkamar@gentoo.org> AuthorDate: 2024-01-09 14:12:04 +0000 Commit: Petr Vaněk <arkamar@gentoo.org> CommitDate: 2024-01-09 14:23:54 +0000 dev-db/redis: drop versions This commit drops most of vulnerable versions, however, security cleanups are still blocked because of 7.0.5 which is the last stable version for arm. Bug: https://bugs.gentoo.org/891169 Bug: https://bugs.gentoo.org/898464 Bug: https://bugs.gentoo.org/902501 Bug: https://bugs.gentoo.org/904486 Bug: https://bugs.gentoo.org/910191 Bug: https://bugs.gentoo.org/913741 Bug: https://bugs.gentoo.org/915989 Bug: https://bugs.gentoo.org/921662 Signed-off-by: Petr Vaněk <arkamar@gentoo.org> dev-db/redis/Manifest | 7 - dev-db/redis/files/redis-6.2.7-cve-2022-3647.patch | 173 ------------------ dev-db/redis/redis-6.2.11.ebuild | 195 -------------------- dev-db/redis/redis-6.2.13.ebuild | 195 -------------------- dev-db/redis/redis-6.2.7-r2.ebuild | 198 -------------------- dev-db/redis/redis-7.0.12.ebuild | 187 ------------------- dev-db/redis/redis-7.0.13.ebuild | 187 ------------------- dev-db/redis/redis-7.0.9.ebuild | 187 ------------------- dev-db/redis/redis-7.2.2.ebuild | 200 --------------------- 9 files changed, 1529 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a7e6b8769400cbbd7e4f3161d8c7dfdd62af8af commit 3a7e6b8769400cbbd7e4f3161d8c7dfdd62af8af Author: Petr Vaněk <arkamar@gentoo.org> AuthorDate: 2024-01-10 10:05:04 +0000 Commit: Petr Vaněk <arkamar@gentoo.org> CommitDate: 2024-01-10 10:16:11 +0000 dev-db/redis: destabilize 7.0.5-r1 for ~arm Dropping the stable keyword for arm architecture due to a lack of security stabilization for over a year. Bug: https://bugs.gentoo.org/891169 Bug: https://bugs.gentoo.org/898464 Bug: https://bugs.gentoo.org/902501 Bug: https://bugs.gentoo.org/904486 Bug: https://bugs.gentoo.org/910191 Bug: https://bugs.gentoo.org/913741 Bug: https://bugs.gentoo.org/915548#c6 Bug: https://bugs.gentoo.org/915989 Bug: https://bugs.gentoo.org/918847 Bug: https://bugs.gentoo.org/921662 Signed-off-by: Petr Vaněk <arkamar@gentoo.org> dev-db/redis/redis-7.0.5-r1.ebuild | 4 ++-- profiles/arch/arm/package.use.stable.mask | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8942d96c5ff1a45db0922d9e5e4403b050494bf6 commit 8942d96c5ff1a45db0922d9e5e4403b050494bf6 Author: Petr Vaněk <arkamar@gentoo.org> AuthorDate: 2024-01-10 12:25:59 +0000 Commit: Petr Vaněk <arkamar@gentoo.org> CommitDate: 2024-01-10 12:27:32 +0000 dev-db/redis: drop 7.0.5-r1 Bug: https://bugs.gentoo.org/891169 Bug: https://bugs.gentoo.org/898464 Bug: https://bugs.gentoo.org/902501 Bug: https://bugs.gentoo.org/904486 Bug: https://bugs.gentoo.org/910191 Bug: https://bugs.gentoo.org/913741 Bug: https://bugs.gentoo.org/915989 Bug: https://bugs.gentoo.org/921662 Signed-off-by: Petr Vaněk <arkamar@gentoo.org> dev-db/redis/Manifest | 1 - .../files/redis-7.0.4-replica-tests-fix.patch | 61 ------- dev-db/redis/files/redis-7.0.5-cve-2022-3647.patch | 173 ------------------- dev-db/redis/redis-7.0.5-r1.ebuild | 191 --------------------- 4 files changed, 426 deletions(-)
