CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2023/07/10 19:40:18
Modified files:
databases/redis: Makefile distinfo
databases/redis/patches: patch-deps_Makefile
Log message:
Update to redis-6.2.13
Fix CVE-2022-24834: A specially crafted Lua script executing in
Redis can trigger a heap overflow in the cjson and cmsgpack
libraries, and result in heap corruption and potentially remote code
execution. The problem exists in all versions of Redis with Lua
scripting support, starting from 2.6, and affects only authenticated
and authorized users.
