Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted redis 5:6.0.16-1+deb11u8 (source) into oldoldstable-security
Date: Thu, 09 Oct 2025 17:40:20 +0000
Signed by: Chris Lamb <lamby@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 08 Oct 2025 12:00:49 -0700
Source: redis
Architecture: source
Version: 5:6.0.16-1+deb11u8
Distribution: bullseye-security
Urgency: high
Maintainer: Chris Lamb <lamby@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1117553
Changes:
 redis (5:6.0.16-1+deb11u8) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Debian LTS team.
   * CVE-2025-46817: Fix an issue where an authenticated user could have used a
     specially-crafted Lua script to cause an integer overflow and potentially
     lead to remote code execution. (Closes: #1117553)
   * CVE-2025-46819: Address a potential vulnerability where an authenticated
     user could have used a specially-crafted LUA script to read out-of-bound
     data and/or crash the server and thereby create a denial of service attack.
     (Closes: #1117553)
   * CVE-2025-49844: Fix an issue where authenticated users could have exploited
     a specially-crafted Lua script to manipulate the garbage collector, trigger
     a use-after-free and potentially lead to remote code execution.
     (Closes: #1117553)
Checksums-Sha1:
 02bdc848779e70e3d5d0160749ce9c93d9987b5f 2296 redis_6.0.16-1+deb11u8.dsc
 381b94558450b967c0f6fa1e66497523f3c5da76 2307243 redis_6.0.16.orig.tar.gz
 1d76f68788b69b0f9bd432a0b35ac716a7e16b30 46556 redis_6.0.16-1+deb11u8.debian.tar.xz
 c38073db961bb230d6ce7741e684134c2618c55c 4642 redis_6.0.16-1+deb11u8_source.buildinfo
Checksums-Sha256:
 2b272e7202fa9c38df446048a1b40c7b89f3090a5131bec10380b32e97432837 2296 redis_6.0.16-1+deb11u8.dsc
 8bea58a468bb67bedc92d8c2e44c170e42e6ea02527cbc5d233e92e8d78d1b99 2307243 redis_6.0.16.orig.tar.gz
 f7de5ef0df0993853ecf10be9426b1a89c4f2a1922abccfad139c19d6dfd5d96 46556 redis_6.0.16-1+deb11u8.debian.tar.xz
 8b78a8c6b088bbf22dc2bbc9d11393a5a46f8243d4133c8c2898e11292a9b94b 4642 redis_6.0.16-1+deb11u8_source.buildinfo
Files:
 983a61310d74a2b7ad8cfb85c66d931a 2296 database optional redis_6.0.16-1+deb11u8.dsc
 cc0f506796970cf1454ee898e2bf7698 2307243 database optional redis_6.0.16.orig.tar.gz
 9b6786fab89f5c6fbb6340f13ccd611c 46556 database optional redis_6.0.16-1+deb11u8.debian.tar.xz
 d61cceac46f311f4f5d980fa0579b367 4642 database optional redis_6.0.16-1+deb11u8_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmjn8O8ACgkQHpU+J9Qx
HljUEQ/+LIAyQXANMIErBkmJGktks9CowLC8y1NHGfKuIcpX6qZuKYCsR2yg8t2e
thOlENoRweAG0KLGk8JTzJiiZxXonMbVo4Hi3ppBZVDfA+yVOsEG5jeZD2rg8oRv
L94p01Niv4LZchshk0OrXwczhVuWovzglOYkU+dWUF9VIWbFBCtQXBYyeWCStY6h
EfMyD9yOfDrmz7/LDmHzBUSvCcOq7helU71HKezA4QSTEBASGmCOVQbNOVRb3346
VcFgUCsSFaDhV1ux4b15izEhcrkyyjgTXC3IvB0dTrg8pniHovKci74MjZeHZmgE
+MaiQ7jV0WnqHpKxNmv33nFUf4jV0c8dhE4/RuDVTod0rZhVkEeeJWmK/G7kqCwJ
c0x2303xJEJ+hktna0GFjKJjT/iGWd+vWCnYGgaSyzBUHWNJbeC2ItrMw9K4qOmv
tXC0I40pkp4k6+0WDl5TubQ0DYnVnZOziqdILtmknDUIrVna+HZlXGPdsSbAGZAI
zO3tBNUj84m8JIiEb3+/tOQax/CBGJs8lxBMPesSfOeCcL8laIGByFLvGOucIQfg
0XJr36xLf88FRIv/BjKCinSutOgZrtULQGNwsMQerFfxFL/KuyqhGMXfcHm/iqVR
KVYgeoi5wdkVvtjpU2QXpCvMgWtDaugY+FfZMkTANZA3ErEWNhE=
=wpDu
-----END PGP SIGNATURE-----
News for package redis
