Updated redis packages fix security vulnerabilities
Publication date: 21 Nov 2025Modification date: 21 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-49844 , CVE-2025-46817 , CVE-2025-46818 , CVE-2025-46819
Description
A Lua script may lead to remote code execution. (CVE-2025-49844)
A Lua script may lead to integer overflow and potential RCE.
(CVE-2025-46817)
A Lua script can be executed in the context of another user.
(CVE-2025-46818)
LUA out-of-bound read. (CVE-2025-46819)
References
- https://bugs.mageia.org/show_bug.cgi?id=34650
- https://www.openwall.com/lists/oss-security/2025/10/07/2
- https://github.com/redis/redis/releases/tag/7.2.11
- https://github.com/redis/redis/releases/tag/7.2.12
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49844
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46817
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46818
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46819
SRPMS
9/core
- redis-7.2.12-1.mga9