• Accepted redis 5:6.0.16-1+deb11u1 (source amd64 all) into proposed-upda

    From Debian FTP Masters@21:1/5 to All on Sat Nov 6 20:10:03 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Mon, 04 Oct 2021 14:37:24 +0100
    Source: redis
    Binary: redis redis-sentinel redis-server redis-tools redis-tools-dbgsym Built-For-Profiles: nocheck
    Architecture: source amd64 all
    Version: 5:6.0.16-1+deb11u1
    Distribution: bullseye-security
    Urgency: high
    Maintainer: Chris Lamb <lamby@debian.org>
    Changed-By: Chris Lamb <lamby@debian.org>
    Description:
    redis - Persistent key-value database with network interface (metapackage
    redis-sentinel - Persistent key-value database with network interface (monitoring)
    redis-server - Persistent key-value database with network interface
    redis-tools - Persistent key-value database with network interface (client) Changes:
    redis (5:6.0.16-1+deb11u1) bullseye-security; urgency=high
    .
    * New upstream security release:
    .
    - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
    redis-sentinel parsing large multi-bulk replies on some older and less
    common platforms.
    .
    - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
    set-max-intset-entries is manually configured to a non-default, very
    large value.
    .
    - CVE-2021-32675: Denial Of Service when processing RESP request payloads
    with a large number of elements on many connections.
    .
    - CVE-2021-32672: Random heap reading issue with Lua Debugger.
    .
    - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
    data types, when configuring a large, non-default value for
    hash-max-ziplist-entries, hash-max-ziplist-value,
    zset-max-ziplist-entries or zset-max-ziplist-value.
    .
    - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
    configuring a non-default, large value for proto-max-bulk-len and
    client-query-buffer-limit.
    .
    - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
    buffer overflow.
    .
    - CVE-2021-41099: Integer to heap buffer overflow handling certain string
    commands and network payloads, when proto-max-bulk-len is manually
    configured to a non-default, very large value.
    Checksums-Sha1:
    696ade6da3307025acd2fab77fa3a02b7076a306 2296 redis_6.0.16-1+deb11u1.dsc
    381b94558450b967c0f6fa1e66497523f3c5da76 2307243 redis_6.0.16.orig.tar.gz
    87c42c4141bb6d2283a7497095825baa5b6b89c4 29508 redis_6.0.16-1+deb11u1.debian.tar.xz
    bcbcd349947d4f38d59be4b72b35ab7dd0f49b57 64308 redis-sentinel_6.0.16-1+deb11u1_amd64.deb
    92784ef41558973ac6ba9b7e18b064a20e0dee41 97980 redis-server_6.0.16-1+deb11u1_amd64.deb
    5b973bbdab14a1dfdbfff4ca1245c396bc2bf57d 1760784 redis-tools-dbgsym_6.0.16-1+deb11u1_amd64.deb
    00b85bd85a111caeac2335a5f9aa1a92417b674e 741740 redis-tools_6.0.16-1+deb11u1_amd64.deb
    dc5755af47c85af85b09ab62867241c68df06150 56556 redis_6.0.16-1+deb11u1_all.deb
    f5fd6470f489072a6ac853105a1f258f873b7d1c 7482 redis_6.0.16-1+deb11u1_amd64.buildinfo
    Checksums-Sha256:
    e2da071c82d478d42dcdf52db700c009f2b9e4c8f86ff066dadea507e9c8c9fe 2296 redis_6.0.16-1+deb11u1.dsc
    8bea58a468bb67bedc92d8c2e44c170e42e6ea02527cbc5d233e92e8d78d1b99 2307243 redis_6.0.16.orig.tar.gz
    048be7d3405c565c85060df6a2907a01e2782a5e90c5a78ec5f63fc48ddcdc78 29508 redis_6.0.16-1+deb11u1.debian.tar.xz
    08e3eac56a8510ebf8756bb256785c23bae1a66f49d7bab1c7347b4720f438c3 64308 redis-sentinel_6.0.16-1+deb11u1_amd64.deb
    539a84929d64a2e9e5a5bcb2d9e98972e2b2bfe623144d14578cf4d1797717fd 97980 redis-server_6.0.16-1+deb11u1_amd64.deb
    13306e31c7b99350475d9e6b3a1f86885d431224c487cdd5c0acbe3566307341 1760784 redis-tools-dbgsym_6.0.16-1+deb11u1_amd64.deb
    7991d13620b17d28e2ccc574d528737a5a728f160ce661e285132fb817f73f0e 741740 redis-tools_6.0.16-1+deb11u1_amd64.deb
    7ee2530a89241d087d575bbe0c8f250f0052675cd53ec0b628edc3f8729618c3 56556 redis_6.0.16-1+deb11u1_all.deb
    ed590e9b7a37b7ad2aed617c670058911dabf88fc134e0ad9cb71b5576a0d4b5 7482 redis_6.0.16-1+deb11u1_amd64.buildinfo
    Files:
    3d584c54e051a230fd294a8b00d00a35 2296 database optional redis_6.0.16-1+deb11u1.dsc
    cc0f506796970cf1454ee898e2bf7698 2307243 database optional redis_6.0.16.orig.tar.gz
    392fcfd8391d8175d2688046d13fcf3d 29508 database optional redis_6.0.16-1+deb11u1.debian.tar.xz
    45b78b827896a8d3fc046490b296312e 64308 database optional redis-sentinel_6.0.16-1+deb11u1_amd64.deb
    86cd5b545f229d56a1adb78cca67cb21 97980 database optional redis-server_6.0.16-1+deb11u1_amd64.deb
    eb7260ed68a10086400a7411a78410c2 1760784 debug optional redis-tools-dbgsym_6.0.16-1+deb11u1_amd64.deb
    dba8a24ff87588b18ea8c54020f8a6cd 741740 database optional redis-tools_6.0.16-1+deb11u1_amd64.deb
    9dee0f8549c8e16a8b7bd6714599f970 56556 database optional redis_6.0.16-1+deb11u1_all.deb
    22eba998139914a1853527d64b378ff9 7482 database optional redis_6.0.16-1+deb11u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmGEHYgACgkQHpU+J9Qx HlgjZw/9FO3fWhkeXvaiONWWSyJENIwylIGaZj3HLtmW1m1W6IX+YvCLos0gMGja iizyctkSnD6iZAOrEYoMB0vwRvzJo+j29pZ5PG8gbNo0na/Va6XCxc9TR6zIs5AZ 5JiPxy4aKtiNaTk8tBF7Dw9BS94OwXgAf4EgH+/1Gqg2s2Sm3RTzkd5UzNtwAjQh HXN6LDJ+xR4ZyEeX+g1agWmZpLex7MFEvo48fuN7feN7pNFGZ2EcIt1iKmdOq74j 3oqy99fqiUYXHxCyM0bQalPqzzP+oHg7W3YZB0phKMmlO60jOix9UH5VZPHIP6gK 12p5jG6m/UCqcgn6AXZUf9uUVbTM7ijniP0FqRwPLLdAaTeaDs27eIRWgtZDxkKV IYNFwjiW+V35qZi9QlCkx6m6raes6a21h97HppMHC/STTVnWodHnyoxKYNwulgFN NWUoG1vavDcckxKikoDKsQkV4kGO48OZlMxI1oXhWRgnecwp8v4ao7DzOXboCMku O/OaoN7mCn8kRYrTdA742RiVysrkttsXqqQpkyxlSzL26ZpjNggoaLikaN3OO4W5 x76+ZSHVMh5g+MWT3psUTe/5F0FtHf93PqH1HwbIicvITuoEzYv3uaD1HDPZyeE6 yIAfECwAPqcDcilnz5r8LxtQeoLDX1/6TgHxGJ1tj7vfyQbsUl4=
    =1Zin
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)