Accepted valkey 8.1.1+dfsg1-3 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted valkey 8.1.1+dfsg1-3 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 09 Jul 2025 10:19:46 +0000
Message-id: <[🔎] E1uZRty-00BlBd-Bt@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 09 Jul 2025 05:53:22 -0300
Source: valkey
Architecture: source
Version: 8.1.1+dfsg1-3
Distribution: unstable
Urgency: medium
Maintainer: Lucas Kanashiro <kanashiro@debian.org>
Changed-By: Lucas Kanashiro <kanashiro@debian.org>
Closes: 1108978 1108982
Changes:
 valkey (8.1.1+dfsg1-3) unstable; urgency=medium
 .
   * Fix CVE-2025-32023 (Closes: #1108978)
     An authenticated user may use a specially crafted string to trigger a
     stack/heap out of bounds write on hyperloglog operations, potentially
     leading to remote code execution. The bug likely affects all Valkey
     versions with hyperloglog operations implemented.
     An additional workaround to mitigate the problem without patching the
     valkey-server executable is to prevent users from executing hyperloglog
     operations. This can be done using ACL to restrict HLL commands.
     - d/p/CVE-2025-32023.patch
   * Fix CVE-2025-48367 (Closes: #1108982)
     An unauthenticated connection can cause repeated IP protocol errors,
     leading to client starvation and, ultimately, a denial of service.
     - d/p/CVE-2025-48367.patch
   * d/copyright: fix path of the lua files, thanks to lintian!
Checksums-Sha1:
 b9671fb71fe203dbc1d4fed2f703c2bfc9664bec 2243 valkey_8.1.1+dfsg1-3.dsc
 c8327709a77cba3c0f32deaa152dbe6e5c5e46f3 21208 valkey_8.1.1+dfsg1-3.debian.tar.xz
Checksums-Sha256:
 9bbe983fc0fd6738a23a33c548bba4a93ce388d0582f83c96415d2d2535be482 2243 valkey_8.1.1+dfsg1-3.dsc
 b1f657404480b4e8a435430cbb5a6edc8507aae4276666ad43ad4629d93bf25d 21208 valkey_8.1.1+dfsg1-3.debian.tar.xz
Files:
 1ba31e09a524fbce3ed7a0eddf1d2ba1 2243 database optional valkey_8.1.1+dfsg1-3.dsc
 78d1366c185a56f042dc41bc17480548 21208 database optional valkey_8.1.1+dfsg1-3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCgAzFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAmhuO3EVHGthbmFzaGly
b0BkZWJpYW4ub3JnAAoJEPgjonKYg8l82MQQAKK/P4bcw2JxTlRmyGEqxR++Veb+
CBHVt1/WRy6dCyXjTs96sT9/tv5gnUoKuZX5XjYkp8eNbclA01P8jWkmGH1ka4k9
1X0Ess3FFf52IZUeKCS5N90orp1WrrDmktvvrDueRBw+oTQ4lMwzEZIJzt+RGcqO
2FdCW3sy4xLIOXZrwfXwPhJ/EPGhcb5vN42AQ8oHqzU9SoCOpN2vG2GhHyGZjM0O
2AdeRLn81t20QpFGv9JLMY0ZOlJgjTEQf1s30WKC8EXj39naz4H6Xdu93ZQT4aiM
c8D0qtxuCeGVhp5Sp2LkQL+6H22NX6A9+cgerIJR1uT2HjpLpXaA8nQlo1+r/Syl
6bFwBrHL86jAfhf6jVZSmowp2C+ExC9C3McdMrHHWjCrf2xOFLJALyTLZlkHkNxB
z2sNEtr8g1RyETWxqZ5mACJDbdmqhG9XlZU1C3wrYfOZYKAn0wyk0dVBdglBnNks
9cKILGmSnJOdOtuGSdLTaLJXNlLrKr0ElBXxHcF7z8tznNr60kKBAsdLdGDhZKZ7
my3gM91EB3jvRleR212g1SQGi/zI6gklmfavaW4oDjtKlrvti5qG5pbM+NJdzLBJ
sgE31lJnQIhTA9tYoTuapgFil8VpewyWnzfGu4tcJyYCta+GULSO8+zQf2Zcf5vA
bCxFB2wpe0i/7Fxb
=RWeA
-----END PGP SIGNATURE-----

Attachment: pgpSu7x9YLrfE.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted rocblas 6.4.1+dfsg-1~exp1 (source amd64 all) into experimental
Next by Date: Accepted rust-portable-atomic-util 0.2.4-1 (amd64 source) into experimental
Previous by thread: Accepted rocblas 6.4.1+dfsg-1~exp1 (source amd64 all) into experimental
Next by thread: Accepted rust-portable-atomic-util 0.2.4-1 (amd64 source) into experimental
Index(es):
- Date
- Thread