openSUSE Security Update : redis (openSUSE-2015-634)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

redis was updated to version 2.8.22 (boo#934048) to fix a LUA sandbox
update. (CVE-2015-4335) Details can be found on
http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-esc
ape/

For the other changes see in the package:
/usr/share/doc/packages/redis/00-RELEASENOTES

See also :

http://www.nessus.org/u?d07c07d6
https://bugzilla.opensuse.org/show_bug.cgi?id=934048

Solution :

Update the affected redis packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 86284 ()

Bugtraq ID:

CVE ID: CVE-2015-4335

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now