Redis - 6.0.17
Security
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2022-35977) Integer overflow in the Redis SETRANGE and SORT/SORT_RO
commands can drive Redis to OOM panic
Bug Fixes
- Avoid hang when client issues long SRANDMEMBER command and gets
disconnected by client output buffer limit (#11676) - Lua: fix crash on a script call with many arguments, a regression in v6.0.16 (#9809)
- Lua: Add checks for min-slave-* configs when evaluating Lua scripts (#10160)
- Fix BITFIELD overflow detection on some compilers due to undefined behavior (#9601)
Security
Details
date
Jan. 17, 2023, 1:01 p.m.
name
6.0.17
type
Patch
official page
👇
Register or login to:
- 🔍View and search all Redis releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!