Advisories ยป MGASA-2015-0244

Updated redis package fixes security vulnerability

Publication date: 19 Jun 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-4335

Description

It was discovered that redis, a persistent key-value database, could execute
insecure Lua bytecode by way of the EVAL command. This could allow remote
attackers to break out of the Lua sandbox and execute arbitrary code
(CVE-2015-4335).
                

References

SRPMS

4/core