Skip to content

6.0.20
Compare
Choose a tag to compare
@oranagra oranagra released this 10 Jul 11:42
6.0.20
de0d963

Upgrade urgency SECURITY: See security fixes below.

Security Fixes:

  • (CVE-2022-24834) A specially crafted Lua script executing in Redis can trigger
    a heap overflow in the cjson and cmsgpack libraries, and result in heap
    corruption and potentially remote code execution. The problem exists in all
    versions of Redis with Lua scripting support, starting from 2.6, and affects
    only authenticated and authorized users.

Bug Fixes

  • Re-enable downscale rehashing while there is a fork child (#12276)
Assets 2