Debian 10261 Published by

A hiredis security update has been released for Debian GNU/Linux 8 Extended LTS to address an integer-overflow vulnerability.



ELA-499-1 hiredis security update


Package hiredis
Version 0.11.0-4+deb8u2
Related CVEs CVE-2021-32765

It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of ‘multi-bulk’ replies.

For Debian 8 Jessie, these problems have been fixed in version 0.11.0-4+deb8u2.

We recommend that you upgrade your hiredis packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-499-1 hiredis security update