[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted redis 5:6.0.16-1+deb11u7 (source) into oldstable-security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 12 Jul 2025 08:58:07 -0700
Source: redis
Architecture: source
Version: 5:6.0.16-1+deb11u7
Distribution: bullseye-security
Urgency: high
Maintainer: Chris Lamb <lamby@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1108975 1108981
Changes:
 redis (5:6.0.16-1+deb11u7) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Debian LTS team.
   * CVE-2025-32023: An authenticated user may have used a specially-crafted
     string to trigger a stack/heap out-of-bounds write during hyperloglog
     operations, potentially leading to remote code execution. Installations
     that used Redis' ACL system to restrict hyperloglog "HLL" commands are
     unaffected by this issue. (Closes: #1108975)
   * CVE-2025-48367: An unauthenticated connection could have caused repeated IP
     protocol errors, leading to client starvation and ultimately become a
     Denial of Service (DoS) attack. (Closes: #1108981)
   * Correct naming/ordering of existing patches.
Checksums-Sha1:
 35d1891848481b6de6ca52e0797f87a5e3e4a1dd 2296 redis_6.0.16-1+deb11u7.dsc
 381b94558450b967c0f6fa1e66497523f3c5da76 2307243 redis_6.0.16.orig.tar.gz
 7c141ad17e766ccd354d42d38647035ccbca4d83 43668 redis_6.0.16-1+deb11u7.debian.tar.xz
 4bc4ca339fc678372da9d4aa451a72c3fe5065c3 5914 redis_6.0.16-1+deb11u7_source.buildinfo
Checksums-Sha256:
 301b63a2ee61a7dedd77f67e3dde13e5cc67cab2736a98ec71447f42a1664dc5 2296 redis_6.0.16-1+deb11u7.dsc
 8bea58a468bb67bedc92d8c2e44c170e42e6ea02527cbc5d233e92e8d78d1b99 2307243 redis_6.0.16.orig.tar.gz
 a65c11ceebd7bd241806067f3a2fa694459041d2d39b5706faef445e71d0571e 43668 redis_6.0.16-1+deb11u7.debian.tar.xz
 450ad87286b6819beecb4629a7c072ef10defa75e3693092317b15e7d3227d6b 5914 redis_6.0.16-1+deb11u7_source.buildinfo
Files:
 ce835d8f9868102d522a92e511b2dd7f 2296 database optional redis_6.0.16-1+deb11u7.dsc
 cc0f506796970cf1454ee898e2bf7698 2307243 database optional redis_6.0.16.orig.tar.gz
 36b1907f381854a2a4575a74b9f8acfb 43668 database optional redis_6.0.16-1+deb11u7.debian.tar.xz
 8698bebbde46211057f7b4a5e0211a2e 5914 database optional redis_6.0.16-1+deb11u7_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmhy1ZEACgkQHpU+J9Qx
HlgdTBAAmNu4yyXBtLXxjdJbzk019YhbS5EwNyZsiauXmrXB9hfBtuZJSZtYCT6C
Fdtu0gEHmfT37s4rUU70WICK1B9ksb3+sRuzOVZAh6jKvcGaqt0toUG90WBN91hf
qyjn5Y24LaxLvZXfWFtJHvE84n2Pni6ANN5FnMMZtQRy6VJueLoWB0rpxYqm5jt+
u5jrUKIeRpLW8sB/LdklAZmd2ZRBjTH2acJ/+U8K4WdZRbE8hN4QzIXIYB7hEADa
xwvNHfDqWvRtxCAmva2A/nxWZmdX5kdj/ByAkT9MKCp1KM5XrxIzMUB0li+Q+yl2
HxBy67K2kJpexTnz+hGrSdbRHmTue1TwB19jXGqGZaPvvGRmBCLO9L6wCmLTm8C+
bOJhjTi7K9A4yhxes3s/7nhf8FcU2B9k7n3vDo+dNM42K+zhX+6LmurBcTLMWMQC
w+iqJIeO3MEKxR5Sct7iU9jAnFAPWa+8J4uWKNAAew1Op6DbPx4wuWP5U1PoKYt3
umqMZOsEGWdV275ry1GYFOCrgOtTbz45zEA8OG+M/iBLkmdsKIUtnMa438o4FMKz
ezi//p+M7B18bhSnLcr78y6mvX+UBNhOyTAjowpZCGOcsaplYf/bfg47m9d5caIT
Mo17xQDATl6BpCflSUR2LwSyYJWCugZI2OJ5Op+rM8OIy4Zk+QY=
=LnYC
-----END PGP SIGNATURE-----

Attachment: pgpufqpuZzOTM.pgp
Description: PGP signature

Reply to: