Bug#1035328: unblock: redis/5:7.0.11-1

To: submit@bugs.debian.org
Subject: Bug#1035328: unblock: redis/5:7.0.11-1
From: "Chris Lamb" <lamby@debian.org>
Date: Sun, 30 Apr 2023 15:53:08 -0700
Message-id: <[🔎] 168289508873.17401.8390680827190706299@copycat>
Reply-to: "Chris Lamb" <lamby@debian.org>, 1035328@bugs.debian.org

Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear Release Team,

Please consider unblocking redis 5:7.0.11-1 for testing. It fixes a
single a CVE; the refreshing of patches listed in the changelog below
are merely changes to the "index 80a95aa..e8ffe7d 100644" in order to
keep gbp-pq happy:

§
  
  redis (5:7.0.11-1) unstable; urgency=high
  
    * New upstream security release: 
      - CVE-2023-28856: Authenticated users could have used the HINCRBYFLOAT
        command to create an invalid hash field that would have crashed the Redis
        server on access. (Closes: #1034613)  

      For more information, please see:  
        https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES
  
    * Refresh patches.

§

The full debdiff is attached.


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

Attachment: debdiff
Description: Binary data

Reply to:

Prev by Date: Bug#1035310: bullseye-pu: package xz-utils/5.2.11-0~deb11u1
Next by Date: Bug#1032899: unblock: rocm-hipamd/5.2.3-6
Previous by thread: Processed: tagging 1035316
Next by thread: Bug#1035330: unblock: postgrey/1.37-2
Index(es):
- Date
- Thread