1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES.DEVE

  • Accepted redis 5:8.0.2-2 (source) into unstable

    From Debian FTP Masters@21:1/5 to All on Sat Jul 12 20:40:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Tue, 08 Jul 2025 14:02:33 -0700
    Source: redis
    Architecture: source
    Version: 5:8.0.2-2
    Distribution: unstable
    Urgency: high
    Maintainer: Chris Lamb <lamby@debian.org>
    Changed-By: Chris Lamb <lamby@debian.org>
    Closes: 1108975 1108981
    Changes:
    redis (5:8.0.2-2) unstable; urgency=high
    .
    * CVE-2025-32023: An authenticated user may have used a specially-crafted
    string to trigger a stack/heap out-of-bounds write during hyperloglog
    operations, potentially leading to remote code execution. Installations
    that used Redis' ACL system to restrict hyperloglog "HLL" commands are
    unaffected by this issue. (Closes: #1108975)
    * CVE-2025-48367: An unauthenticated connection could have caused repeated IP
    protocol errors, leading to client starvation and ultimately become a
    Denial of Service (DoS) attack. (Closes: #1108981)
    Checksums-Sha1:
    2fe36b937a374aabd2d319ed96cc56613a29a652 2228 redis_8.0.2-2.dsc
    2a80573fb0296f31f4413e8c591361006cb31d4d 3860147 redis_8.0.2.orig.tar.gz
    c5c4ac174c55ae7737b4c17ee8d254fae2df4c09 33004 redis_8.0.2-2.debian.tar.xz
    4a8d32c0fee9d5d03607fe9d76e4c449d8af79e8 5853 redis_8.0.2-2_source.buildinfo Checksums-Sha256:
    63133ff1dfa27771e3f921b9f733dfdd51949034bd8189febb0434cfa65b7191 2228 redis_8.0.2-2.dsc
    caf3c0069f06fc84c5153bd2a348b204c578de80490c73857bee01d9b5d7401f 3860147 redis_8.0.2.orig.tar.gz
    6e16503474e4627b38fe11a3a78b9d6abb8eb9f01ed28f2708526b81b913cb96 33004 redis_8.0.2-2.debian.tar.xz
    8a34ab4b24606a9cbeefb2629044eced105efb124abd1fae166afe29e282f105 5853 redis_8.0.2-2_source.buildinfo
    Files:
    6a2457425b31985a408c7e16b0348512 2228 database optional redis_8.0.2-2.dsc
    fb9874e35f105ce3b0ac998ce8f5f0db 3860147 database optional redis_8.0.2.orig.tar.gz
    7c83313b1238c6ec584ffa0273bae98e 33004 database optional redis_8.0.2-2.debian.tar.xz
    c9fd84f83b52a95bd382f5a1f10929c7 5853 database optional redis_8.0.2-2_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmhyphYACgkQHpU+J9Qx HljhFxAAvdKA2qL+jDmMrksLWAlZfkr0C+yPTmefC1i2R/NezUaZEmwatWS677I1 aeGJu5V7SxjooR+MJFSDCBZFnrxF71sSzuISgheYBezHM8shj8lKyJdbjB/y76R4 MHPhpz5smzs4f5kEv+BCiUQY/gP2m+/kpTm+9rkgv7cmvlbaZ575pR/L7ZWvmqwh 3kIOnnQ/XJ1llOXq8B/Q559jeTrBHHLmDWKfmg6uhKLU8v1XGmtZgnhxrjbIjcvS 0qHSIGkXFdgZw/yUlpJsdbEsOGYY4rBw9gHvz6SoZRpQTQ4raFM8S3zrSHMblZxE qIiwIWc3FNcPBMW3HdzrI9lnrNSJbTcTDG9rMD0SIucOffVF/v8LtkO8kb2JyJFt eVWrfH/GQADVMdpP5huA5k5bg6SPUVzPNqXabVwZ1+Ob2C+gxxy26wPXQaFcN/rx gku4o2pcWzOD3/CgsCpA0FXTg7reA/6jZOCZ1zXVOSsee7RApCrOjJV5pCeOLHAl nDX5pfdgNwvHaMuj9U3yPbmcgkYBxdJi3s5x9hZjnjS4fpho01cdIzxmmIBUIEYn UynyDvAbKQdfQUO6gRtkVLQ7VSsBDOe7HZHUNLsSZcfg4on5oErYF5feEKrfxvzG EpO5+gqt8f7WGJ8t26HrA6f1mwo8yD9RvaQ3xP5fMih0HHtg5fs=
    =F+Qe
    -----END PGP SIGNATURE-----


    --==============@80215147037011313=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaHKqogAKCRCb9qggYcy5 IVYYAP4/iPSBJDbaqXXu3SDh17gtDicx/HAhDq7lClnn3C6eDQEA2zAaSK9htPAQ ee7CgNXTzgV90xdWvtfVUNdNWfRZSwk=Cq/P
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)