-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 08 Sep 2023 14:04:13 -0700 Source: redis Built-For-Profiles: nocheck Architecture: source Version: 5:7.0.13-1 Distribution: unstable Urgency: high Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Chris Lamb <lamby@debian.org> Closes: 1051512 Changes: redis (5:7.0.13-1) unstable; urgency=high . * New upstream security release: . - CVE-2023-41053: Redis did not correctly identify keys accessed by `SORT_RO`, and as a result Redis may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. (Closes: #1051512) . <https://raw.githubusercontent.com/redis/redis/7.2/00-RELEASENOTES> . * Refresh patches. Checksums-Sha1: 32123c650dd9e2d4fd2c31acc040544ae2c6b447 2273 redis_7.0.13-1.dsc 74dabcac4d0e4d3880134f70277259a7e72688e5 3024891 redis_7.0.13.orig.tar.gz da1455af96bc79061b1cd9f7ccef6947076b8044 28764 redis_7.0.13-1.debian.tar.xz ac7cb9e58f7bba99533967232ac4569c94af816c 7585 redis_7.0.13-1_amd64.buildinfo Checksums-Sha256: 29221fd0b9bbc7e8dcc7688843ce39fd8b65d5d967f19d2d762f5d23332ca2dd 2273 redis_7.0.13-1.dsc 7fde08f9e66c030c68246616e59e8e1435d481a147a885c5de7a9d9a76ac2a55 3024891 redis_7.0.13.orig.tar.gz e721977648a1e03117dc1256139b5cb5480952596e652d583bc89c94a87f228d 28764 redis_7.0.13-1.debian.tar.xz d82bd304b613b9edb7e24f5bc872e57966ae77a6dd4e25aa193a115f24106955 7585 redis_7.0.13-1_amd64.buildinfo Files: c343cf5a1e06c5065087549e3e2d04b4 2273 database optional redis_7.0.13-1.dsc dbf21949daa1f31862080f510f2f16e4 3024891 database optional redis_7.0.13.orig.tar.gz f7b74b7def2b714a20e0da8e7bf507bd 28764 database optional redis_7.0.13-1.debian.tar.xz 08c2a5e2af39a52b3665acb93ba9a1fe 7585 database optional redis_7.0.13-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmT7jcsACgkQHpU+J9Qx HljlURAAtaBYBTJxSZtBeQFjQcJ1u3TUfy0FGcPtD/TSvC6gFlZIl9JJ7ICqf7rz v7Xw543e3Z8suZAfWabghN14E1ZjsrreZVY0M8XE9Qqvave2y0+J3a5uU5JhQJLK u1bC3Jq+nd73bbdxuKpfcENE8GxdxnXM9Pw3k/c75eK1CEja3qj5nGu9ORSKjpCq OvVhaRXPn65t3z5sqmXzLiqsaACPFXT94pdTh/qtpg45G6MNGSCEpY05sVvwVy4Z hBIJl5Ut8INkD+ndVxauScPzTB6As4bPcUOu4ZJfiZHvjkKSWUaxhf3uvySSwYNC 1ankmf0RcBFsLy/i+fwG7yAv5J8yPi2O/150e2W5Ek98upvK1qdMS1S+iwKX9COp FWC05UmfnAF8yhtrBha8gtXchXDG80GGc/d4VOKvYdKdY4GtyWA6/JjfZGu6OS0i lgYEtmZhde/FjlX+IYzg+XqYJQwALxVOWGn9f3gT+MLrdUnC3k9Sojamp3gKE9EZ ZAMGBy7nYzAz3JnYfjnupazOLTZmu/H5lJ/jFjxd2LMbdxIVWpyIWgD73Mgxmbv+ QhdI8gSRkFYR+Qhq7lJt8Fc00WpqQgvg0cfP6kFKdFg5QzjmnbhMkFQQZBt+AM22 vUaAwibeMiEcu75NghNxhewpCtU4AQhE31Ia9BW3ZsTRDIAgf20= =r3mr -----END PGP SIGNATURE-----