USN-4061-1: Redis vulnerabilities
USN-4061-1: Redis vulnerabilities redis vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in Redis. Software Description redis – Persistent key-value database with network interface Details It was discovered that Redis incorrectly handled the hyperloglog data structure. An attacker could use this issue to cause Redis to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 redis – 5:5.0.3-4ubuntu0.1 redis-tools – 5:5.0.3-4ubuntu0.1 Ubuntu 18.04 LTS redis – 5:4.0.9-1ubuntu0.2 redis-tools – 5:4.0.9-1ubuntu0.2 Ubuntu 16.04 LTS redis-tools – 2:3.0.6-1ubuntu0.4 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2019-10192 CVE-2019-10193 Source: [ more… ]
