Package: redis
Version: 5:6.0.16-1+deb11u2
X-Debbugs-CC: team@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for redis.

CVE-2023-41056[0]:
Buffer overflow in certain payloads may lead to remote code execution

Info just unembargoed, so links may time some time to update.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-41056
https://www.cve.org/CVERecord?id=CVE-2023-41056


Regards,

--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is a multi-part message in MIME format...

Your message dated Tue, 09 Jan 2024 14:55:20 +0000
with message-id <E1rNDVg-007qyO-Dg@fasolo.debian.org>
and subject line Bug#1060316: fixed in redis 5:7.0.15-1
has caused the Debian Bug report #1060316,
regarding redis: CVE-2023-41056
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


--
1060316: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060316
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

Received: (at submit) by bugs.debian.org; 9 Jan 2024 13:42:36 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
(2021-04-09) on buxtehude.debian.org
X-Spam-Level:
X-Spam-Status: No, score=-13.8 required=4.0 tests=BAYES_00,
BODY_INCLUDES_PACKAGE,DKIM_SIGNED,DKIM_VALID,FROMDEVELOPER,HAS_PACKAGE,
RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,
SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no
version=3.4.6-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 23; hammy, 121; neutral, 32; spammy,
0. spammytokens: hammytokens:0.000-+--HX-ME-Sender:xms,
0.000-+--U*lamby, 0.000-+--sk:lambyd, 0.000-+--sk:lamby@d,
0.000-+--lamby@debian.org
Return-path: <lamby@debian.org>
Received: from out5-smtp.messagingengine.com ([66.111.4.29]:48639)
by buxtehude.debian.org with esmtps (TLS1

This is a multi-part message in MIME format...

Your message dated Tue, 09 Jan 2024 15:06:18 +0000
with message-id <E1rNDgI-007tL7-PZ@fasolo.debian.org>
and subject line Bug#1060316: fixed in redis 5:7.2.4-1
has caused the Debian Bug report #1060316,
regarding redis: CVE-2023-41056
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


--
1060316: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060316
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

Received: (at submit) by bugs.debian.org; 9 Jan 2024 13:42:36 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
(2021-04-09) on buxtehude.debian.org
X-Spam-Level:
X-Spam-Status: No, score=-13.8 required=4.0 tests=BAYES_00,
BODY_INCLUDES_PACKAGE,DKIM_SIGNED,DKIM_VALID,FROMDEVELOPER,HAS_PACKAGE,
RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,
SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no
version=3.4.6-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 23; hammy, 121; neutral, 32; spammy,
0. spammytokens: hammytokens:0.000-+--HX-ME-Sender:xms,
0.000-+--U*lamby, 0.000-+--sk:lambyd, 0.000-+--sk:lamby@d,
0.000-+--lamby@debian.org
Return-path: <lamby@debian.org>
Received: from out5-smtp.messagingengine.com ([66.111.4.29]:48639)
by buxtehude.debian.org with esmtps (TLS1