-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 10 Apr 2026 12:23:59 -0400 Source: redis Built-For-Profiles: nocheck Architecture: source Version: 5:8.0.6-1 Distribution: unstable Urgency: medium Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Chris Lamb <lamby@debian.org> Closes: 1132205 Changes: redis (5:8.0.6-1) unstable; urgency=medium . * New upstream release: . - CVE-2026-21863 malicious actor with access to the clusterbus port could have sent an invalid packet to cause an out-of-bounds read, which might result in the server crashing. (Closes: #1132205) . <https://github.com/redis/redis/releases/tag/8.0.6> . * Apply a patch to fix CVE-2025-67733 where a malicious user could have used scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same connection. Checksums-Sha1: 7f2cee8752f234195d4cab46206db277345206ec 2228 redis_8.0.6-1.dsc 2494e8f34a2ffa3c0eb0f1ebde56c9f5aced1b2b 3873351 redis_8.0.6.orig.tar.gz 047882bfea42e844276cb2b3b1ff72370846a564 32052 redis_8.0.6-1.debian.tar.xz 82be6c96e548b93fb4b73ff8bc42add91e4c5bec 7305 redis_8.0.6-1_amd64.buildinfo Checksums-Sha256: 02b53181eaf74dbd90a3a4393e3beecc263f3a8ecb84509db802b8b27baaed29 2228 redis_8.0.6-1.dsc 763bf3005bcbf77c1d8145016a9627e45219665f99cf5a736bc73ec70faf0c8e 3873351 redis_8.0.6.orig.tar.gz 3576f878f6f74801aedff5f89b29ed90c61f1eced8500ae00da2adee84446234 32052 redis_8.0.6-1.debian.tar.xz c3d2b604e0e22aed1f20facd69e8bf14f2b8dcf240e604a02c67136405ce567b 7305 redis_8.0.6-1_amd64.buildinfo Files: 191bafd4e28f6441d5d300bba9542d5e 2228 database optional redis_8.0.6-1.dsc 49caf85a2b18b7cdf58e6d2d973e5010 3873351 database optional redis_8.0.6.orig.tar.gz a94f3da4a679313ee0e403e0e9918488 32052 database optional redis_8.0.6-1.debian.tar.xz a0a6713a7b080ee6a9f21086582b3f20 7305 database optional redis_8.0.6-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmnZJUIACgkQHpU+J9Qx HliyLBAAnZrH6Y9RAahH9RIzB9vjVQA7UNnDcYB4KBhWaySd38zOk8vuZPBrxbAo we/PEmsZgNHIQKjP4c+eeIEDmhfVk/iYe7WdYVc0mooUEPNoAtTZaaBe2PEYfSuf JTEmqpjxxqHreJsFqP9uMQCZeGkoldMFslsV+wJRbddT6XZMSRD0Es1SdofONFbz aUhI8kRToUQUInoyDAm6DXAgzvZ4ItMKJ+hofLIV4RKIX/78iX/R6qNmBJalcbkl 0Hbp+Wq3IA7t3UuzXpFLNiUeTM5TaRBPu9KBZFt61rz4AsiPQLtAovAQNFJPTuwr JOt6MGPINVhV3eIjO+jx76aQj3Eohdv5rghS/FxLMdSuCn1valqDEyWdy/I5F94H DIKh3nzNhY64JqdurvOnp+MxJVLtM84tklzNZlh3TEDvfcH7HkDi1Oxy0m4RC71I r49+FKkptW9ZyJDRnhHYbPS3iDVoE2tdYDFKZr6Xh9gLIptBS8zQIuAzbnp8IGOA e5mRLuPyMUqK21rYajjaH77y7bT+IBn95dvF8qAO5xd77mMwbFPTIYHtaKMvUWGo ps+VKzqAoQ5CI51H6U+P6VTqTbNuyQgCFxQ1J4vHz9M4S1LuJx4hKNDpNUuHszOD xkVFtcxTysyZMqazVnf/JiRC0U/ZS0g6kyUQIDpT9v2U0XwRqSE= =Q9wG -----END PGP SIGNATURE-----
