-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 27 Sep 2022 08:19:40 +0100 Source: redis Binary: redis redis-sentinel redis-server redis-tools redis-tools-dbgsym Built-For-Profiles: nocheck Architecture: source amd64 all Version: 5:7.0.5-1~bpo11+1 Distribution: bullseye-backports Urgency: high Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: redis - Persistent key-value database with network interface (metapackage redis-sentinel - Persistent key-value database with network interface (monitoring) redis-server - Persistent key-value database with network interface redis-tools - Persistent key-value database with network interface (client) Closes: 1020512 Changes: redis (5:7.0.5-1~bpo11+1) bullseye-backports; urgency=high . * Rebuild for bullseye-backports. . redis (5:7.0.5-1) unstable; urgency=medium . * New upstream security release: - CVE-2022-35951: Fix a heap overflow vulnerability in XAUTOCLAIM. Executing an XAUTOCLAIM command on a stream key in a specific state, with a specially crafted COUNT argument may have caused an integer overflow, a subsequent heap overflow and potentially lead to remote code execution. (Closes: #1020512) * Refresh patches. * Update debian/watch. Checksums-Sha1: 7e537acbd08c90165585d87f86650908565387c1 2298 redis_7.0.5-1~bpo11+1.dsc 77a8ae9d1ff9a09a9a6243c246443c5841287d57 2998759 redis_7.0.5.orig.tar.gz 9515c1d770454ea28fa3b308412c0aea3cf6416b 28068 redis_7.0.5-1~bpo11+1.debian.tar.xz e3b6c2b8762dcec581fb403c28f7ef8a00a24785 43772 redis-sentinel_7.0.5-1~bpo11+1_amd64.deb e05250ba1244284d522c61c9e56adbc22c85ea4f 82580 redis-server_7.0.5-1~bpo11+1_amd64.deb 41ca5f8e6b750a0ead52c4de8076db9c0699db89 2622936 redis-tools-dbgsym_7.0.5-1~bpo11+1_amd64.deb cc1493c90df4025fb223b98300af63ee10e2f4e6 992460 redis-tools_7.0.5-1~bpo11+1_amd64.deb 2c682739c24033674709d7b773b11a3f52ed9fc4 34760 redis_7.0.5-1~bpo11+1_all.deb 18b6d6e866b56da69c9c0855df4167021f06cfa0 7827 redis_7.0.5-1~bpo11+1_amd64.buildinfo Checksums-Sha256: 41a178a9fd64e748d53c8bbc8b00900f1d0af356f1e2bd16a6c82000bcaa8a6a 2298 redis_7.0.5-1~bpo11+1.dsc 40827fcaf188456ad9b3be8e27a4f403c43672b6bb6201192dc15756af6f1eae 2998759 redis_7.0.5.orig.tar.gz e7c22903cea811d994a7e9d45aa446d31c9328cfea6d3dd010ee90c8a6c1c508 28068 redis_7.0.5-1~bpo11+1.debian.tar.xz 0ebb7717744a5c8cab6e4a453aa222c620db0512e22dab32a4d023b35a659bbf 43772 redis-sentinel_7.0.5-1~bpo11+1_amd64.deb 3c11ac67b2b51091ee070c748c693930b1ebb22045b110086f87059235087a83 82580 redis-server_7.0.5-1~bpo11+1_amd64.deb edbe0913b1093d622553fdca4babc833696cfb5df9a0c0350049ff6818183a8a 2622936 redis-tools-dbgsym_7.0.5-1~bpo11+1_amd64.deb 6905ae9697b0304b4a1719821dbeb7b1f82e3b4eefbf66dec92f52ddedba5c80 992460 redis-tools_7.0.5-1~bpo11+1_amd64.deb a2e8f3ffbb60c341c87c08c4bdc2af9a020f5c272de23227ce6f1b0d0163d2f3 34760 redis_7.0.5-1~bpo11+1_all.deb f3f9dbb567c15a157f4823a423e7c8e4e5ceca95f2d5fc8265f2ab91fa11813f 7827 redis_7.0.5-1~bpo11+1_amd64.buildinfo Files: faf369e98b21d88b632c84a77839222e 2298 database optional redis_7.0.5-1~bpo11+1.dsc f9c190c3f94cd42e7a83c12e995c4e53 2998759 database optional redis_7.0.5.orig.tar.gz d8a59d574146e0f857e057e1377ad728 28068 database optional redis_7.0.5-1~bpo11+1.debian.tar.xz c2af8d6d51031c898ff853bf94efdacb 43772 database optional redis-sentinel_7.0.5-1~bpo11+1_amd64.deb 10fd9471e19052488db59a8d2dd02a19 82580 database optional redis-server_7.0.5-1~bpo11+1_amd64.deb be15625d34aa9c99fa98fc36ea0ab51e 2622936 debug optional redis-tools-dbgsym_7.0.5-1~bpo11+1_amd64.deb f6eb3e663052faf5071b0bfb03dbcdb7 992460 database optional redis-tools_7.0.5-1~bpo11+1_amd64.deb 919a6f0600c17ae9fa49724179ed5a3d 34760 database optional redis_7.0.5-1~bpo11+1_all.deb 249a85661206ad6b60c1b30fb25d229c 7827 database optional redis_7.0.5-1~bpo11+1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmMypYwACgkQHpU+J9Qx Hli0kw//VwEMcnBTQ5LcDgsTcH5k58qwtetTRMZu9CL5//p1JVQVs/mSUItD12JZ ShLSYobwwA+/HTJ8aQdwatIaOgnvOl4uLRgk+4HEhyB4aGMQFzl5DgRv48Z73t52 H+xJIc2jClW7LfOe1Dd5wWM97j2O9pmFlZCLuAm/RlGEp3pKYXYHP2MEadrwi/m6 4byYCH9cKh3gIFrfsPWiGxqdnHGf1HrduhXMN/IoPH7JQbIhNnBCSKKlFNkRbI4X TJRTjwrwncNjysnRjKltdyj395QvQr5ePNGogaWVe7snOrsYb5kBva1qZl8v5eCR w0NKxeHVuyy5O/ULV28Y4kLHXa8HDl58q9f/+/rPXeJERKwmv60vPWozMafPKxRS 0lqO5LH0j8lw1JcfFcp0vmrdxwwR4sMDj4dQjaTEk5DIX9qS8h0A3y7pvi3N+qVK KACh6vasnfRg9PvzOwWhrjaGrTed+sV5e7DX5WxYKGxz5exoYHJvO/W43HrP+JHH aq9qaUkkZS5XQqIom/sSwGyxdZnOT11rxOCjY+l6y99TdJw7FxVNBV51ieXY8LwB PLGcM9zy2KOafhNwq5Fqn2rqwfakE4GIgodRB/1IWRBsKd1VTaryK6ooZ8SnEcAE XqqMfb4TTsIUq9m2iW1Xx1MNOr7tmDi70JuNcw5W7RYmH2Grtiw= =YmOy -----END PGP SIGNATURE-----