Publishing details

• Published on 2023-07-13
• Copied from Primary Archive for Ubuntu by Ubuntu Archive Auto-Sync (sponsored by Ubuntu Archive Robot)
• Originally uploaded to debian sid in Primary Archive for Debian GNU/Linux

Changelog

redis (5:7.0.12-1) unstable; urgency=high

  * New upstream security release:

    - CVE-2022-24834: A specially-crafted Lua script executing in Redis could
      have triggered a heap overflow in the cjson and cmsgpack libraries and
      result in heap corruption and potentially remote code execution. The
      problem exists in all versions of Redis with Lua scripting support and
      affects only authenticated/authorised users.

    - CVE-2023-36824: Extracting key names from a command and a list of
      arguments may, in some cases, have triggered a heap overflow and result
      in reading random heap memory, heap corruption and potentially remote
      code execution. (Specifically using COMMAND GETKEYS* and validation of
      key names in ACL rules). (Closes: #1040879)

    For more information, please see:

      <https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES>

 -- Chris Lamb <email address hidden>  Wed, 12 Jul 2023 10:07:09 +0100

Builds

• amd64
• arm64
• armhf
• ppc64el
• riscv64
• s390x

Built packages

• redis Persistent key-value database with network interface (metapackage)

• redis-sentinel Persistent key-value database with network interface (monitoring)

• redis-server Persistent key-value database with network interface

• redis-tools Persistent key-value database with network interface (client)

• redis-tools-dbgsym debug symbols for redis-tools

Package files

• redis-sentinel_7.0.12-1_amd64.deb (11.9 KiB)
• redis-sentinel_7.0.12-1_arm64.deb (11.9 KiB)
• redis-sentinel_7.0.12-1_armhf.deb (11.9 KiB)
• redis-sentinel_7.0.12-1_ppc64el.deb (12.0 KiB)
• redis-sentinel_7.0.12-1_riscv64.deb (12.0 KiB)
• redis-sentinel_7.0.12-1_s390x.deb (11.9 KiB)
• redis-server_7.0.12-1_amd64.deb (50.5 KiB)
• redis-server_7.0.12-1_arm64.deb (50.5 KiB)
• redis-server_7.0.12-1_armhf.deb (50.5 KiB)
• redis-server_7.0.12-1_ppc64el.deb (50.5 KiB)
• redis-server_7.0.12-1_riscv64.deb (50.5 KiB)
• redis-server_7.0.12-1_s390x.deb (50.5 KiB)
• redis-tools-dbgsym_7.0.12-1_amd64.ddeb (3.4 MiB)
• redis-tools-dbgsym_7.0.12-1_arm64.ddeb (3.4 MiB)
• redis-tools-dbgsym_7.0.12-1_armhf.ddeb (2.5 MiB)
• redis-tools-dbgsym_7.0.12-1_ppc64el.ddeb (3.9 MiB)
• redis-tools-dbgsym_7.0.12-1_riscv64.ddeb (2.5 MiB)
• redis-tools-dbgsym_7.0.12-1_s390x.ddeb (3.3 MiB)
• redis-tools_7.0.12-1_amd64.deb (1.1 MiB)
• redis-tools_7.0.12-1_arm64.deb (1.1 MiB)
• redis-tools_7.0.12-1_armhf.deb (922.1 KiB)
• redis-tools_7.0.12-1_ppc64el.deb (1.3 MiB)
• redis-tools_7.0.12-1_riscv64.deb (939.1 KiB)
• redis-tools_7.0.12-1_s390x.deb (1.1 MiB)
• redis_7.0.12-1.debian.tar.xz (27.9 KiB)
• redis_7.0.12-1.dsc (2.2 KiB)
• redis_7.0.12-1_all.deb (2.9 KiB)
• redis_7.0.12.orig.tar.gz (2.9 MiB)