* CVE-2021-29477 Description: "An integer overflow bug in Redis version 6.0 or newer could be exploited using the STRALGO LCS command to corrupt the heap and potentially result in remote code execution. The integer overflow bug exists in all versions of Redis starting with 6.0." * CVE-2021-29478 Description: "An integer overflow bug in Redis 6.2 could be exploited to corrupt the heap and potentially result in remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration value, creating a large set key that consists of integer values and using the COPY command to duplicate it. The integer overflow bug exists in all versions of Redis starting with 2.6, where it could result with a corrupted RDB or DUMP payload, but not exploited through COPY (which did not exist before 6.2)."
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8427ef73ba9e6ad18fbf873e1f07f607edc88392 commit 8427ef73ba9e6ad18fbf873e1f07f607edc88392 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-05-04 21:41:02 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-05-04 21:41:35 +0000 dev-db/redis: add 6.2.3 Bug: https://bugs.gentoo.org/788211 Signed-off-by: Sam James <sam@gentoo.org> dev-db/redis/Manifest | 1 + dev-db/redis/files/redis-6.2.3-ppc-atomic.patch | 19 +++ dev-db/redis/redis-6.2.3.ebuild | 185 ++++++++++++++++++++++++ 3 files changed, 205 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ef7b16d19bf872152a85bd352741c6816298901a commit ef7b16d19bf872152a85bd352741c6816298901a Author: Sam James <sam@gentoo.org> AuthorDate: 2021-05-04 21:34:13 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-05-04 21:41:34 +0000 dev-db/redis: add 6.0.13 Bug: https://bugs.gentoo.org/788211 Signed-off-by: Sam James <sam@gentoo.org> dev-db/redis/Manifest | 1 + dev-db/redis/redis-6.0.13.ebuild | 185 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 186 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5fecb01174e866e6ddfc305dd8ae8f9066c5d518 commit 5fecb01174e866e6ddfc305dd8ae8f9066c5d518 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-05-05 14:49:30 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-05-06 10:02:02 +0000 dev-db/redis: pass systemd flag to make Bug: https://bugs.gentoo.org/788211 Signed-off-by: Sam James <sam@gentoo.org> dev-db/redis/{redis-6.0.13.ebuild => redis-6.0.13-r1.ebuild} | 2 ++ dev-db/redis/{redis-6.2.3.ebuild => redis-6.2.3-r1.ebuild} | 2 ++ 2 files changed, 4 insertions(+)
Unable to check for sanity: > no match for package: dev-db/redis-6.0.13
arm done
arm64 done
ppc64 done
ppc done
amd64 done
x86 done
sparc stable
Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7486aa16a7b0f330f7b6fdbe2284a53dbf4c0446 commit 7486aa16a7b0f330f7b6fdbe2284a53dbf4c0446 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-06-11 01:10:35 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-06-11 01:10:51 +0000 dev-db/redis: drop 6.0.12, 6.0.13-r1, 6.2.1, 6.2.3-r1 Bug: https://bugs.gentoo.org/773328 Bug: https://bugs.gentoo.org/788211 Signed-off-by: Sam James <sam@gentoo.org> dev-db/redis/Manifest | 4 - dev-db/redis/redis-6.0.12.ebuild | 184 ----------------------------------- dev-db/redis/redis-6.0.13-r1.ebuild | 187 ------------------------------------ dev-db/redis/redis-6.2.1.ebuild | 184 ----------------------------------- dev-db/redis/redis-6.2.3-r1.ebuild | 187 ------------------------------------ 5 files changed, 746 deletions(-)
Unable to check for sanity: > no match for package: dev-db/redis-6.0.13-r1
This issue was resolved and addressed in GLSA 202107-20 at https://security.gentoo.org/glsa/202107-20 by GLSA coordinator Sam James (sam_c).
