Debian 10261 Published by

A redis security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address a potential remote denial of service vulnerability.



ELA-838-1 redis security update

Package : redis
Version : 2:2.8.17-1+deb8u11 (jessie), 2:2.8.17-1+deb8u11 (stretch)

Related CVEs :
CVE-2023-28856

It was discovered that there was a potential remote denial of service
vulnerability in Redis, a popular NoSQL key-value database.
Authenticated users could have used the HINCRBYFLOAT command to create an
invalid hash field that would have crashed the Redis server on access.

  ELA-838-1 redis security update