A redis security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address a potential remote denial of service vulnerability.
ELA-838-1 redis security update
Package : redis
ELA-838-1 redis security update
Version : 2:2.8.17-1+deb8u11 (jessie), 2:2.8.17-1+deb8u11 (stretch)
Related CVEs :
CVE-2023-28856
It was discovered that there was a potential remote denial of service
vulnerability in Redis, a popular NoSQL key-value database.
Authenticated users could have used the HINCRBYFLOAT command to create an
invalid hash field that would have crashed the Redis server on access.
