1 files changed, 0 insertions, 42 deletions

diff --git a/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-29478.patch b/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-29478.patch
deleted file mode 100644
index ebbf6e1b94..0000000000
--- a/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-29478.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 29900d4e6bccdf3691bedf0ea9a5d84863fa3592 Mon Sep 17 00:00:00 2001
-From: Oran Agra <oran@redislabs.com>
-Date: Mon, 3 May 2021 08:27:22 +0300
-Subject: [PATCH] Fix integer overflow in intset (CVE-2021-29478)
-
-An integer overflow bug in Redis 6.2 could be exploited to corrupt the heap and
-potentially result with remote code execution.
-
-The vulnerability involves changing the default set-max-intset-entries
-configuration value, creating a large set key that consists of integer values
-and using the COPY command to duplicate it.
-
-The integer overflow bug exists in all versions of Redis starting with 2.6,
-where it could result with a corrupted RDB or DUMP payload, but not exploited
-through COPY (which did not exist before 6.2).
-
-CVE: CVE-2021-29478
-Upstream-Status: Backport
-[https://github.com/redis/redis/commit/29900d4e6bccdf3691bedf0ea9a5d84863fa3592]
-
-Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
-
----
- src/intset.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/intset.c b/src/intset.c
-index 1a64ecae8..9ba13898d 100644
---- a/src/intset.c
-+++ b/src/intset.c
-@@ -281,7 +281,7 @@ uint32_t intsetLen(const intset *is) {
- 
- /* Return intset blob size in bytes. */
- size_t intsetBlobLen(intset *is) {
--    return sizeof(intset)+intrev32ifbe(is->length)*intrev32ifbe(is->encoding);
-+    return sizeof(intset)+(size_t)intrev32ifbe(is->length)*intrev32ifbe(is->encoding);
- }
- 
- /* Validate the integrity of the data structure.
--- 
-2.32.0
-