| Summary: |
<dev-db/redis-6.0.9: Potential heap overflow with non-standard heap allocator |
| Product: |
Gentoo Security
|
Reporter: |
Tomáš Mózes <hydrapolic> |
| Component: |
Vulnerabilities | Assignee: |
Gentoo Security <security> |
| Status: |
RESOLVED
FIXED
|
|
|
| Severity: |
minor
|
CC: |
denis7774, robbat2
|
| Priority: |
Normal
|
Keywords: |
CC-ARCHES |
| Version: |
unspecified | Flags: |
nattka:
sanity-check-
|
| Hardware: |
All | |
|
| OS: |
Linux | |
|
| See Also: |
https://github.com/gentoo/gentoo/pull/18200
|
| Whiteboard: |
C3 [noglsa] |
|
Package list:
|
dev-db/redis-6.0.9
|
Runtime testing required:
|
---
|
|---|
Affected: <5.0.10 <6.0.9 ================================================================================ Redis 6.0.9 Released Mon Oct 26 10:37:47 IST 2020 ================================================================================ Upgrade urgency: SECURITY if you use an affected platform (see below). Otherwise the upgrade urgency is MODERATE. This release fixes a potential heap overflow when using a heap allocator other than jemalloc or glibc's malloc. See: https://github.com/redis/redis/pull/7963