5.0.13
版本发布时间: 2021-07-22 02:08:51
redis/redis最新发布版本:8.0-m02(2024-11-04 17:16:21)
Upgrade urgency: SECURITY, contains fixes to security issues that affect authenticated client connections on 32-bit versions. MODERATE otherwise.
Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761). An integer overflow bug in Redis version 2.2 or newer can be exploited using the BITFIELD command to corrupt the heap and potentially result with remote code execution.
Bug fixes:
- Fix overflows on 32-bit versions in GETBIT, SETBIT, BITCOUNT, BITPOS, and BITFIELD (#9191)
- Fix ziplist length updates on big-endian platforms (#2080)