Update Info

openSUSE-2017-1258


Security update for redis


Type: security
Severity: moderate
Issued: 2017-11-10
Description:
This update for redis to version 4.0.2 fixes the following issues:

- CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability (boo#1002351)

The following upstream changes are included:
   
- SLOWLOG now logs the offending client name and address
- The modules native data types RDB format changed.
- The AOF check utility is now able to deal with RDB preambles.
- GEORADIUS_RO and GEORADIUSBYMEMBER_RO variants, not supporting the STORE option,
  were added in order to allow read-only scaling of such queries.
- HSET is now variadic, and HMSET is considered deprecated
- GEORADIUS huge radius (>= ~6000 km) corner cases fixed
- HyperLogLog commands no longer crash on certain input (non HLL) strings.
- Fixed SLAVEOF inside MULTI/EXEC blocks.
- TCP binding bug fixed when only certain addresses were available for a given por
- MIGRATE could crash the server after a socket error 
  

              

Packages


  • redis-4.0.2-9.1