Accepted redis 5:6.0.16-1~bpo11+1 (source amd64 all) into bullseye-backports, bullseye-backports
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 07 Oct 2021 10:00:49 +0100
Source: redis
Binary: redis redis-sentinel redis-server redis-tools redis-tools-dbgsym
Built-For-Profiles: nocheck
Architecture: source amd64 all
Version: 5:6.0.16-1~bpo11+1
Distribution: bullseye-backports
Urgency: medium
Maintainer: Chris Lamb <lamby@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
redis - Persistent key-value database with network interface (metapackage
redis-sentinel - Persistent key-value database with network interface (monitoring)
redis-server - Persistent key-value database with network interface
redis-tools - Persistent key-value database with network interface (client)
Changes:
redis (5:6.0.16-1~bpo11+1) bullseye-backports; urgency=medium
.
* Rebuild for bullseye-backports.
.
redis (5:6.0.16-1) unstable; urgency=medium
.
* New upstream security release:
.
- CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
redis-sentinel parsing large multi-bulk replies on some older and less
common platforms.
.
- CVE-2021-32687: Integer to heap buffer overflow with intsets, when
set-max-intset-entries is manually configured to a non-default, very
large value.
.
- CVE-2021-32675: Denial Of Service when processing RESP request payloads
with a large number of elements on many connections.
.
- CVE-2021-32672: Random heap reading issue with Lua Debugger.
.
- CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
data types, when configuring a large, non-default value for
hash-max-ziplist-entries, hash-max-ziplist-value,
zset-max-ziplist-entries or zset-max-ziplist-value.
.
- CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
configuring a non-default, large value for proto-max-bulk-len and
client-query-buffer-limit.
.
- CVE-2021-32626: Specially crafted Lua scripts may result with Heap
buffer overflow.
.
- CVE-2021-41099: Integer to heap buffer overflow handling certain string
commands and network payloads, when proto-max-bulk-len is manually
configured to a non-default, very large value.
.
* Refresh patches.
* Bump Standards-Version to 4.6.0.
Checksums-Sha1:
2ef043fad7ef6a37517985d71440244be4661a52 2296 redis_6.0.16-1~bpo11+1.dsc
381b94558450b967c0f6fa1e66497523f3c5da76 2307243 redis_6.0.16.orig.tar.gz
16e1734be59a32fb49e47c3e7ee66b6e6c6fea18 29548 redis_6.0.16-1~bpo11+1.debian.tar.xz
eceb2119f1489373166dae627a95dfe4de8ce250 64296 redis-sentinel_6.0.16-1~bpo11+1_amd64.deb
b8b4644e7148a1cf97824065dc18eed32bb69d40 97956 redis-server_6.0.16-1~bpo11+1_amd64.deb
bc12c8b3823e963cf28bc83c9244c83eed3b302d 1634932 redis-tools-dbgsym_6.0.16-1~bpo11+1_amd64.deb
66bafadda593837e09fd5051c97001f32f1a456f 718208 redis-tools_6.0.16-1~bpo11+1_amd64.deb
130076234e310f0d94991387b1caac01fd087321 56548 redis_6.0.16-1~bpo11+1_all.deb
a842d1aa73d0bcf644f34b2ab6ed341925f90e33 7356 redis_6.0.16-1~bpo11+1_amd64.buildinfo
Checksums-Sha256:
28bcdbdcd06edb4216ddc791bea99e65757c30be544df6ca7f465e90c76c50df 2296 redis_6.0.16-1~bpo11+1.dsc
8bea58a468bb67bedc92d8c2e44c170e42e6ea02527cbc5d233e92e8d78d1b99 2307243 redis_6.0.16.orig.tar.gz
ecc6236a6005688dd8d5bd751c4557f55cd02b7a5a698f63925a1e35e828bf40 29548 redis_6.0.16-1~bpo11+1.debian.tar.xz
d58a3d376fd643676ba53bd3785dabeedf652e41c86bed03ef9c06fa50cad4e3 64296 redis-sentinel_6.0.16-1~bpo11+1_amd64.deb
e1edc90aae6dff3cb4bc886b483c14d8b78eeff4739cee1c43d1b2e864841583 97956 redis-server_6.0.16-1~bpo11+1_amd64.deb
66db80340974c664805dcf7b6e180d7aae1a979a8ea705f8fb63c3c45cdc51d9 1634932 redis-tools-dbgsym_6.0.16-1~bpo11+1_amd64.deb
3bebd9815bccc44107b4b27357a40f2392bdb1007d5ad487fa5d312f982f7d29 718208 redis-tools_6.0.16-1~bpo11+1_amd64.deb
ee6988a050c08d24f573c565acb1db17ac267aeaa0ebfa2caadbe67d2533ddcf 56548 redis_6.0.16-1~bpo11+1_all.deb
530a0f01082b678302ee9f2d66d6f99577297c9ce9f4c412b6913955424e96a0 7356 redis_6.0.16-1~bpo11+1_amd64.buildinfo
Files:
b14554809d123d238f4dab031f2512dc 2296 database optional redis_6.0.16-1~bpo11+1.dsc
cc0f506796970cf1454ee898e2bf7698 2307243 database optional redis_6.0.16.orig.tar.gz
c8719c1a2e979720f48aa0ee0f7f79bb 29548 database optional redis_6.0.16-1~bpo11+1.debian.tar.xz
097e00320186e64febf1ec14999a7a26 64296 database optional redis-sentinel_6.0.16-1~bpo11+1_amd64.deb
6f2a3eaf3ad69122e09a856bb18cc29f 97956 database optional redis-server_6.0.16-1~bpo11+1_amd64.deb
394b5144594991168005b8c9df60a1d4 1634932 debug optional redis-tools-dbgsym_6.0.16-1~bpo11+1_amd64.deb
b0e31b98cce87e37c8a9f3738ca79a06 718208 database optional redis-tools_6.0.16-1~bpo11+1_amd64.deb
dc0e5230d205fdd58109e623ecbcf282 56548 database optional redis_6.0.16-1~bpo11+1_all.deb
7bf9c9a99dd20d53a3d1dd52d6285e33 7356 database optional redis_6.0.16-1~bpo11+1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmFet/8ACgkQHpU+J9Qx
Hlidcg/+JIxP0i8y7km4Aq6CPdIjtJ/U3Ka3yJ1x5VliNTqSspyNabU0mVlTtEl/
qJHLgWjawmnKCZxfxa6Ju+4RWDPKNlsTOaunK+Rl7kQEqOp9ekNH+74+Ce38n5lz
jSccbqe6gN2bCqh/VgYdom0hnLldCde2IRzueWp3wdEBZzkv4dHtT9kMkn8Bf7w8
h3PHGPjCqDOD90uVVxwzhe5hb3z4Ata0Y6jp/E8ajmicAf0FZP/TC7+Tv+ngueyw
4mIlsDcoEadHgdVPDqsNvJaQBamf7Wxu606hgKm6e6OgcEo4J0mdA3YkHr7c5M6Z
t7N2Vzrl/hNC8lIaN+vWikHMnnUze4zKv09PeJdYGBoFjOG/3jHWrbl6DOANwMEV
HG04pLmFk4LIVxBEoQNrFKvBH0EHIlt1z7cS2DKePV8y8fEHAg+Rpcr/6NS/c0Xc
JLhnmOYsXZ0uWPDbVaGxIvIkaY16MLyN48Hn/fMHL3Xsuo6Ng40cQFH/5tPr+XpP
Yj2hKpGOJCEfABdQK0fKYMzsIN3Xvpw943PPkcXRMydmLo44gjyVMzgf5/NctNfD
pjmi+2Xdbv9WvSBZUov/RvsVSkAVUieRyXNGj3Fxc/78LM74O/XqWYTwIJgfSpTM
pneDKaj0sFo4yxWtkDYpvnctYLSN9DqrHxKUEvb+FmR1gJM/DXs=
=3uxD
-----END PGP SIGNATURE-----
Reply to: