[SECURITY] [DLA 1850-1] redis security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1850-1] redis security update
From: "Chris Lamb" <lamby@debian.org>
Date: Wed, 10 Jul 2019 10:45:53 -0300
Message-id: <[🔎] 36041d2c-2777-42cb-b39b-35b31fba0059@www.fastmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : redis
Version        : 2:2.8.17-1+deb8u7
CVE ID         : CVE-2019-10192
Debian Bug     : #931625

It was discovered that there were two heap buffer overflows in the
Hyperloglog functionality provided by the Redis in-memory key-value
database.

For Debian 8 "Jessie", these issues have been fixed in redis version
2:2.8.17-1+deb8u7.

We recommend that you upgrade your redis packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl0l62gACgkQHpU+J9Qx
HljXhBAAgF3QSHp4fKi26snD7axsBLJGxXg38crHQQQ3VtGK0KNXeDvpoS0dwicD
qhKsQhuM2AlRZEWCfptcIlQfAKtJv5ODOJ5f7S0KeIUN6MZwVhIrntdGe/X9xG1V
vbIbdK1iDgDAw3CRLVU6T1f8ewquwTz8imv4XqD0YFeybuqX2/p+BdWecHXpyGae
wYAKENNg8tFtYc3p8Eg3qSKfkDZQ/Yt4bWkkME8alaaY2mwPH7toEya+Wig/YMcj
Eg4LA/XuC7F2R06D2bWv3tnYTtUsrz86IzCHD2oexW+KqNZqjqr3u3FsRFt+d2WG
nkRZy11Ctaf+VUuVjMDgUByW9Kn2E+MHkvBsAo0cN8H2J8ie2/UGyhRTjj1c6gbX
vM6/BY42CICmelec4KOmfKgjsvRm0DjKfKDzGdHTOsU2gUs1rQJf3TxBrIEJrmLU
ktajFE9ov3S9mrQQqyyHWtM2YWmVofLCDOryf639LMC+qlZAFpmqb67hCKkFgHAq
uK7REbxtPMp0JzBqS8MymX/H+gnUA8MAkrizVGMoafBDV6/m8ZnH2ISXwEqpESzR
BLpK6nYLH25w8gfQMvJgh52E9GkzH7T9j0pueSjCqzYXIgbga9apU7xn5nfSFajx
JfQZKLDH+9++Yq5bAjZuLM8y2q1XrUAdfIzWNsciR02gyd28rDM=
=TFgm
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1848-1] libspring-security-2.0-java security update
Next by Date: [SECURITY] [DLA 1851-1] openjpeg2 security update
Previous by thread: [SECURITY] [DLA 1848-1] libspring-security-2.0-java security update
Next by thread: [SECURITY] [DLA 1851-1] openjpeg2 security update
Index(es):
- Date
- Thread