redis-7.2.4-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:13572-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z redis-7.2.4-1.1 on GA media These are all security issues fixed in the redis-7.2.4-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-13572 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2023-41056/ SUSE CVE CVE-2023-41056 page openSUSE Tumbleweed redis-7.2.4-1.1 redis-7.2.4-1.1 as a component of openSUSE Tumbleweed Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4. CVE-2023-41056 openSUSE Tumbleweed:redis-7.2.4-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-41056.html CVE-2023-41056 https://bugzilla.suse.com/1218646 SUSE Bug 1218646