Release date:
2026-05-12 20:05:04 UTC
Description:
- CVE-2026-23631: use-after-free in readSyncBulkPayload when a full resync
happens while a timed-out script is still running on the replica
- CVE-2026-25243: heap corruption and out-of-bounds reads in the RESTORE
command deserialization path (rdb.c, sds.c, zipmap.c)
Updated packages:
-
redis-6.2.20-1.el9_6.tuxcare.els2.x86_64.rpm
sha:fab41f9c420af13855689ddbe1598f34057aa1e5cf4b884d8bf48bf3f445b8aa
-
redis-devel-6.2.20-1.el9_6.tuxcare.els2.i686.rpm
sha:82d6fca07d1022234a8c61169774be87dc0d70d5f75ae5df9dddb993aadef3f7
-
redis-devel-6.2.20-1.el9_6.tuxcare.els2.x86_64.rpm
sha:38848b7ebbbc912f85059116a06a8b9fd74edc74845b778a9642742776cf37ee
-
redis-doc-6.2.20-1.el9_6.tuxcare.els2.noarch.rpm
sha:0f446566cdec237ad39cea72393de2a3f28b53124fcde69a0ac53606c8a31fee
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
