ELA-1404-1 hiredis security update

NULL pointer dereferences

2025-04-23
Packagehiredis
Version0.13.3-2+deb9u1 (stretch), 0.14.0-3+deb10u1 (buster)
Related CVEs CVE-2020-7105


NULL pointer dereferences due to unchecked return values of allocation functions have been fixed in hiredis, a C client library for the Redis key-value database.



For Debian 10 buster, these problems have been fixed in version 0.14.0-3+deb10u1.

For Debian 9 stretch, these problems have been fixed in version 0.13.3-2+deb9u1.

We recommend that you upgrade your hiredis packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.