Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2024-10869

Опубликовано: 06 дек. 2024
Источник: oracle-oval
Платформа: Oracle Linux 9

Описание

ELSA-2024-10869: redis:7 security update (MODERATE)

[7.2.6-1]

  • rebase to 7.2.6 RHEL-26628

[7.0.12-1]

  • rebase to 7.0.12 #2221899

[7.0.11-1]

  • rebase to 7.0.11 for new redis:7 stream #2129826

[7.0.11-1]

  • Upstream 7.0.11 release.

[7.0.10-2]

  • fix modules directory ownership and permissions #2176173
  • drop redis-shutdown helper and rely on systemd #2181181

[7.0.10-1]

  • Upstream 7.0.10 release.

[7.0.9-1]

  • Upstream 7.0.9 release.

[7.0.8-2]

[7.0.8-1]

  • Upstream 7.0.8 release.

[7.0.7-2]

  • Upstream 7.0.7 release.
  • refresh documentation

[7.0.6-1]

  • Upstream 7.0.6 release.

[7.0.5-2]

  • Port makefile to C99 mode

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

Module redis:7 is enabled

redis

7.2.6-1.module+el9.5.0+90455+91264f59

redis-devel

7.2.6-1.module+el9.5.0+90455+91264f59

redis-doc

7.2.6-1.module+el9.5.0+90455+91264f59

Oracle Linux x86_64

Module redis:7 is enabled

redis

7.2.6-1.module+el9.5.0+90455+91264f59

redis-devel

7.2.6-1.module+el9.5.0+90455+91264f59

redis-doc

7.2.6-1.module+el9.5.0+90455+91264f59

Связанные CVE

CVE-2023-41053
CVE-2023-45145
CVE-2024-31227
CVE-2024-31449
CVE-2024-31228

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2023-41053

CVSS3: 3.3
ubuntu
почти 2 года назад

Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been fixed in Redis 7.0.13 and 7.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

redhat логотип

CVE-2023-41053

CVSS3: 3.3
redhat
почти 2 года назад

Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been fixed in Redis 7.0.13 and 7.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

nvd логотип

CVE-2023-41053

CVSS3: 3.3
nvd
почти 2 года назад

Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been fixed in Redis 7.0.13 and 7.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

debian логотип

CVE-2023-41053

CVSS3: 3.3
debian
почти 2 года назад

Redis is an in-memory database that persists on disk. Redis does not c ...

oracle-oval логотип

ELSA-2025-0693

oracle-oval
5 месяцев назад

ELSA-2025-0693: redis security update (IMPORTANT)