Accepted redis 5:7.0.9-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted redis 5:7.0.9-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 04 Mar 2023 11:19:23 +0000
Message-id: <[🔎] E1pYPv9-00DUY6-FA@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 04 Mar 2023 11:01:59 +0000
Source: redis
Built-For-Profiles: nocheck
Architecture: source
Version: 5:7.0.9-1
Distribution: unstable
Urgency: high
Maintainer: Chris Lamb <lamby@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1032279
Changes:
 redis (5:7.0.9-1) unstable; urgency=high
 .
   * New upstream security release:
      - CVE-2023-25155: Authenticated users issuing specially crafted
        `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an
        integer overflow, resulting in a runtime assertion and termination of the
        Redis server process. (Closes: #1032279)
      - CVE-2022-36021:  Authenticated users can use string matching commands
        (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a
        denial-of-service attack on Redis, causing it to hang and consume 100%
        CPU time.
   * Refresh patches.
   * Extend our USE_SYSTEM_JEMALLOC patch to support latest version.
Checksums-Sha1:
 2ff5d24dfc8365cf05b6f040bf3044851ff4fece 2266 redis_7.0.9-1.dsc
 64e520ec359754f61e57acea4ac1ebd28491e6c2 3015419 redis_7.0.9.orig.tar.gz
 954efe368faa7c4baacc4d7eb0ba4e82bd571e58 28276 redis_7.0.9-1.debian.tar.xz
 681587799d56bfe80256ef7ff6457b65df07f9d1 7430 redis_7.0.9-1_amd64.buildinfo
Checksums-Sha256:
 2c6e787742ecd3cdccf07f2f6fc499a188e6b6aca119645da35d763019299a21 2266 redis_7.0.9-1.dsc
 535c41ba0e17004fab2394e30567a3c6b8cd541bb2b76ff67d2f16e6178d2f4d 3015419 redis_7.0.9.orig.tar.gz
 e5bb678d34ee2e30f4ebea8c4d1b8674194295c10e30e6615a65527b066eaea9 28276 redis_7.0.9-1.debian.tar.xz
 bd03dd3652503197eae2cd01d08476558653ba8eb74e15d22f09a49eadc70f22 7430 redis_7.0.9-1_amd64.buildinfo
Files:
 ef468abc7a067dd042d07987eddc17e8 2266 database optional redis_7.0.9-1.dsc
 a467ff1b531856eef99c1f2198a324cd 3015419 database optional redis_7.0.9.orig.tar.gz
 ef865bb45d1567d9eedc90dcd9d9c2b7 28276 database optional redis_7.0.9-1.debian.tar.xz
 d360d853c5079b52aa6a31ff3d9dfaf6 7430 database optional redis_7.0.9-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmQDJt0ACgkQHpU+J9Qx
HlgWNA/7BlglCG086kJr+vHtkmZ3xYWGHyB0BuG/EYAtm7cXg2OHaj7rDssLMg7N
kO/y9C51Aa1DVR077rkr4BKdfNK+8G9axaD+l5v1tl0umYHmjWYAnYOThjwJ4aBk
iyIJ4FR4jS+mZWBCSQlDAh7z2NLfpCehWq7wFZkwInOW+HmbpGGwUd1hsoh7I16i
ClkSaqWO533R9iWzCAYsj3uiglfOQYlQ/KYrADe5fyoQ3csBzQdKUo1zc81l82Ra
OorOazefACUxNOKKohn3Tg8wwXCc967O/+bUNw8SgTxcARC0DS4nNYm340uUh5Xi
w0obDpyT2FFpHLf0NBzyildhZZBuCXeq95/hmd0EeSPZms0kbGP1Y5g2TLRFQrne
CB+/WjSPumWlbnQY9M5aks/eO7VKyeAvTOF467CMFUeFFy5gwCgVnd/rLAhHNrUQ
agU1DH+w8OMNVPm7BAQwOxyc5Mv9G4D/wJATdqbUDewibRDQmiOgUcWkzNeOxJu6
ebVzOQ5zfaZ8v1Q8bZyZdQPTD6aVMPKSwqXJbygiuF9YB5fkx0tLi8TlTWFnHvVP
WI6IfxZ45PP89pjg8MFOusjEb9Di7Lmze3/a+nTcGFtu/yfe1uFBkXj6+aWp6svl
magDPK20CD2KX0wiFpthQhKy394gAZx8d3Nc4r3L2OeCGCUmgbg=
=j9vM
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted pdepend 2.13.0-1 (source) into experimental
Next by Date: Accepted qtbase-opensource-src-gles 5.15.8+dfsg-2 (source) into unstable
Previous by thread: Accepted pdepend 2.13.0-1 (source) into experimental
Next by thread: Accepted qtbase-opensource-src-gles 5.15.8+dfsg-2 (source) into unstable
Index(es):
- Date
- Thread