-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 08 Oct 2021 09:26:10 +0100 Source: redis Binary: redis redis-sentinel redis-server redis-tools redis-tools-dbgsym Built-For-Profiles: nocheck Architecture: source amd64 all Version: 5:6.0.16-1~bpo10+1 Distribution: buster-backports-sloppy Urgency: medium Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: redis - Persistent key-value database with network interface (metapackage redis-sentinel - Persistent key-value database with network interface (monitoring) redis-server - Persistent key-value database with network interface redis-tools - Persistent key-value database with network interface (client) Closes: 951255 957751 958321 972683 977852 981000 981226 982504 983446 988045 989351 Changes: redis (5:6.0.16-1~bpo10+1) buster-backports-sloppy; urgency=medium . * Rebuild for bullseye-backports-sloppy. . redis (5:6.0.16-1) unstable; urgency=medium . * New upstream security release: . - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and redis-sentinel parsing large multi-bulk replies on some older and less common platforms. . - CVE-2021-32687: Integer to heap buffer overflow with intsets, when set-max-intset-entries is manually configured to a non-default, very large value. . - CVE-2021-32675: Denial Of Service when processing RESP request payloads with a large number of elements on many connections. . - CVE-2021-32672: Random heap reading issue with Lua Debugger. . - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded data types, when configuring a large, non-default value for hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value. . - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when configuring a non-default, large value for proto-max-bulk-len and client-query-buffer-limit. . - CVE-2021-32626: Specially crafted Lua scripts may result with Heap buffer overflow. . - CVE-2021-41099: Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured to a non-default, very large value. . * Refresh patches. * Bump Standards-Version to 4.6.0. . redis (5:6.0.15-1) unstable; urgency=medium . * New upstream security release. - CVE-2021-32761: Integer overflow issues with BITFIELD command on 32-bit systems. * Bump Standards-Version to 4.5.1. . redis (5:6.0.14-1) unstable; urgency=medium . * CVE-2021-32625: Fix a vulnerability in the STRALGO LCS command. (Closes: #989351) . redis (5:6.0.13-1) unstable; urgency=medium . * New upstream security release: - CVE-2021-29477: Vulnerability in the STRALGO LCS command. - CVE-2021-29478: Vulnerability in the COPY command for large intsets. (Closes: #988045) * Refresh patches. . redis (5:6.0.12-1) unstable; urgency=medium . * New upstream release. . redis (5:6.0.11-1) unstable; urgency=medium . * New upstream release, incorporating security issues. (Closes: #983446) - Refresh patches. . redis (5:6.0.10-4) unstable; urgency=medium . * New upstream release - Fix cluster access to unaligned memory on ARM architectures with hard alignment requirements such as armhf and arm64. (Closes: #982504) * wrap-and-sort -sa. . redis (5:6.0.9-4) unstable; urgency=medium . * Send systemd readiness notification when we are ready to accept connections in order to fix systemd integration when Redis is used with replicaof. Thanks to Guillem Jover for the report and patch. (Closes: #981226) . redis (5:6.0.9-3) unstable; urgency=medium . * Also remove the /etc/redis directory in purge. * Allow /etc/redis to be rewritten. Thanks to Yossi Gottlieb for the patch. (Closes: #981000) . redis (5:6.0.9-2) unstable; urgency=medium . * Enable systemd Type=notify support. Thanks to Michael Prokop for all his help in integration. (Closes: #977852) * Bump Standards-Version to 4.5.1. . redis (5:6.0.9-1) unstable; urgency=medium . * New upstream release. - Update patches. . redis (5:6.0.8-2) unstable; urgency=medium . * Apply a patch from Yossi Gottlieb to fix a crash when reporting RDB/AOF file errors. (Closes: #972683) * Refresh patches. . redis (5:6.0.8-1) unstable; urgency=medium . * New upstream release. . redis (5:6.0.7-1) unstable; urgency=medium . * New upstream release. * Refresh patches. * Set some Forwarded headers. . redis (5:6.0.6-1) unstable; urgency=medium . * New upstream release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> * Refresh patches. . redis (5:6.0.5-1) unstable; urgency=medium . * New upstream release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> . redis (5:6.0.4-1) unstable; urgency=medium . * New upstream release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> . redis (5:6.0.3-1) unstable; urgency=medium . * New upstream release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> . redis (5:6.0.1-2) unstable; urgency=medium . * Upload to unstable. . redis (5:6.0.1-1) experimental; urgency=medium . * New upstream "General Availability" release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> . redis (5:6.0.0-2) unstable; urgency=medium . * Mark 0004-redis-check-rdb as being flaky for now. * Wrap long changelog line. * Correct spelling mistake in autopkgtest comment. . redis (5:6.0.0-1) unstable; urgency=medium . * New upstream "GA" release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> - Drop 0002-Mark-extern-definition-of-SDS_NOINIT-in-sds.h.patch; merged upstream. * Upload to unstable. - Update debian/gbp.conf. . redis (5:6.0~rc4-1) experimental; urgency=medium . * New upstream beta release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> * Use the newly-package liblzf-dev package over the local version. (Closes: #958321) * Refresh patches. . redis (5:6.0~rc3-1) experimental; urgency=medium . * New upstream beta release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> . redis (5:6.0~rc2-1) experimental; urgency=medium . * New upstream beta release. <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES> * Refresh patches. . redis (5:6.0~rc1-3) experimental; urgency=medium . * Install openssl in the testsuite; required for generating test certificates. * Correct a typo in a previous changelog entry. . redis (5:6.0~rc1-2) experimental; urgency=medium . * Add support for TLS added in Redis 6.x. Thanks to Jason Perrin for the patch. (Closes: #951255) * Add a comment regarding why we export a MAKEFLAGS variable in debian/rules. * Bump Standards-Version to 4.5.0. . redis (5:6.0~rc1-1) experimental; urgency=medium . * New upstream RC1 release. <http://antirez.com/news/131> * Refresh patches. * Disable using the system hiredis for now, awaiting a a new upstream release. . redis (5:5.0.7-7) unstable; urgency=medium . * Add a sleep to ensure that the redis server has started before running the autopkgtests. . redis (5:5.0.7-6) unstable; urgency=medium . * No change sourceful upload to permit migration to testing. . redis (5:5.0.7-5) unstable; urgency=medium . * Ensure that the redis daemon is running prior to running the autopkgtests. . redis (5:5.0.7-4) unstable; urgency=medium . * Use the newly-package liblzf-dev package over the local version. (Closes: #958321) * Don't duplicate long description of the redis-server package in the metapackage. . redis (5:5.0.7-3) unstable; urgency=medium . * Fix FTBFS with GCC 10. (Closes: #957751) * Refresh all patches. . redis (5:5.0.7-2) unstable; urgency=medium . [ Christian Göttsche ] * Update systemd service to reflect new names, etc. * Create directories in postinst with correct SELinux context. . [ Chris Lamb ] * Bump Standards-Version to 4.5.0. . [ David Prévot ] * Update long description to remove duplicate information. . redis (5:5.0.7-1) unstable; urgency=medium . * New upstream bugfix release. <https://groups.google.com/forum/#!topic/redis-db/LYBeXlUKU6c> * Bump Standards-Version to 4.4.1. * Run wrap-and-sort -sa. . redis (5:5.0.6-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/qTRdgyEbyYU> * Specify "Rules-Requires-Root: no">. . redis (5:5.0.5-2) unstable; urgency=medium . * Sourceful upload to unstable to ensure testing migration. * Bump Standards-Version to 4.4.0. * Don't build release tags in gitlab-ci.yml. . redis (5:5.0.5-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/jSAtf64lIW4> . redis (5:5.0.4-1) unstable; urgency=medium . * New upstream release. <https://groups.google.com/forum/#!topic/redis-db/aXusvS8da8g> Checksums-Sha1: 04f6fde91d20d16780b9db10302b9c6d16b03ce3 2296 redis_6.0.16-1~bpo10+1.dsc 381b94558450b967c0f6fa1e66497523f3c5da76 2307243 redis_6.0.16.orig.tar.gz deb7bcbeee28c1daa95d9b69a300bed2316878f8 29548 redis_6.0.16-1~bpo10+1.debian.tar.xz f673778dd19e2c8d50da4069e14aa37ac78d569f 64288 redis-sentinel_6.0.16-1~bpo10+1_amd64.deb 482ae268b880a8330eca36087d1e1ed567c52d4f 97952 redis-server_6.0.16-1~bpo10+1_amd64.deb 5e36d2099c87f9f8595475eaacbb6dd415a9dcc6 1634904 redis-tools-dbgsym_6.0.16-1~bpo10+1_amd64.deb 464af2ac2a682f02e294fa116d0eaa93ae2019df 719076 redis-tools_6.0.16-1~bpo10+1_amd64.deb bd53892a3b659069a7605c620b6ce3a321b1467a 56540 redis_6.0.16-1~bpo10+1_all.deb e7ab5dc0a19d4121d152679b753e128cf02dbca6 7356 redis_6.0.16-1~bpo10+1_amd64.buildinfo Checksums-Sha256: 77e997c1850567dbce97684c9b0422a3ba7493a62cfc9ded7f6e7db383e66ee7 2296 redis_6.0.16-1~bpo10+1.dsc 8bea58a468bb67bedc92d8c2e44c170e42e6ea02527cbc5d233e92e8d78d1b99 2307243 redis_6.0.16.orig.tar.gz 1e66b06cd83a9dad4abce97b73c2a2c1f483e51b9c9a4dec2516aa88c983f7cb 29548 redis_6.0.16-1~bpo10+1.debian.tar.xz 4ca83d59168598a51b8e7549b0fd7cf5b12bbb8f5ecb4aa5bfa5a9bae9b20257 64288 redis-sentinel_6.0.16-1~bpo10+1_amd64.deb ed6bbdb0d9f79d20b30efb89c0e1adf10f0da10692ea23f14202efccd0dee6d9 97952 redis-server_6.0.16-1~bpo10+1_amd64.deb 7e1c5172df3b47337e9a7d27de1b51e550bb1abee9078f1dad7088a5bc98c043 1634904 redis-tools-dbgsym_6.0.16-1~bpo10+1_amd64.deb 9a88da180b43933f8b45f583517f1737d069e5f8cfebfb398a73ad50d18e299c 719076 redis-tools_6.0.16-1~bpo10+1_amd64.deb 0d22be48982196dfca730c2255d245f4491a3c242bd23c859883a1bf3311c771 56540 redis_6.0.16-1~bpo10+1_all.deb a5a444e3cd75e7246451d482e4f636bfef9aaad1d722e8ed9d8c4587c7d7812f 7356 redis_6.0.16-1~bpo10+1_amd64.buildinfo Files: 2ca1e6a6cead165c176aafef62839ce1 2296 database optional redis_6.0.16-1~bpo10+1.dsc cc0f506796970cf1454ee898e2bf7698 2307243 database optional redis_6.0.16.orig.tar.gz e8f1a9bd7c4c58f5ea490725473b2177 29548 database optional redis_6.0.16-1~bpo10+1.debian.tar.xz 5509f20f264bae134123ef34536fae0b 64288 database optional redis-sentinel_6.0.16-1~bpo10+1_amd64.deb 9a1851440089324042fdab91e200f574 97952 database optional redis-server_6.0.16-1~bpo10+1_amd64.deb fc7ece4fe9fef9b00103db8dcfd229fb 1634904 debug optional redis-tools-dbgsym_6.0.16-1~bpo10+1_amd64.deb 1fdb066ae7edd91cd00dca3480958bc3 719076 database optional redis-tools_6.0.16-1~bpo10+1_amd64.deb 43f9a4f248131ab00ebc493a0b37eb92 56540 database optional redis_6.0.16-1~bpo10+1_all.deb cbd08541c27a162b019796e1f47ca6c4 7356 database optional redis_6.0.16-1~bpo10+1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmFgB+YACgkQHpU+J9Qx HljC2hAAv4X62KEPvCVk8U+A6kjxoxXpDBX+IHhF1zY0h9YYLlsU98fM/BQetYDi cpmeqZog2QcxRKh77dpsm4TWjp2/o869CCVVWOXmSesNvZVVAk9BfH0b0v/l+Ho0 iCrpIOnrU7CtMesC2CmXRc2Ok3Tfpx77VLTG8sVorkDh4r0KPDA2Bnvg/HP8pYdX 2k7NDwquMnslrzIsjQwuO9f2UlUxOMVvqToZEdqUQBSRJpfLERofGx0ngs2LaHVN MwAuiSePPNBhMG/VEwgdOZvyzr2VCJpfTmj5p7UgCdo6R3jcspgK/eeZ5J3kLDpK PfhP6jseurKOlIf+n0PCFUv360nesrA21iF9/1Zvfl8gqNkGRma/O3nG66ng+eJW 7LGMJrWiAtkAKOzEqyQJD46PRAfyT3d+UJkyM0rEk0GPUITgKYyJV+i+bfJLxdQ9 Z5mHy2q85h4OjxuzqDeQ6ZvfWF7tEbg6WBezRjQi/kUrMromf77ERYb8/sOxXtuT eTqaSch0U33FS02//Wjqy1GcMScoVyKWfcOuDvF7enAs3Vr0DsNRUW/UZkaeyQLo ArIqjGPmEou0c3cn287yEEfFKS0UrcD57QIO6XNtrAXFVidL9uSNsvW3YqfcEL0S /jo7XRCKvXS7SZtN9EsBVlf5e+x+PPbMkub2rdVIdCqW+fpewjc= =nag6 -----END PGP SIGNATURE-----
