1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted redis 5:6.0.16-1+deb11u2 (source amd64 all) into proposed-upda

    From Debian FTP Masters@21:1/5 to All on Sat Feb 19 18:10:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Mon, 14 Feb 2022 14:45:00 -0800
    Source: redis
    Binary: redis redis-sentinel redis-server redis-tools redis-tools-dbgsym Built-For-Profiles: nocheck
    Architecture: source amd64 all
    Version: 5:6.0.16-1+deb11u2
    Distribution: bullseye-security
    Urgency: high
    Maintainer: Chris Lamb <lamby@debian.org>
    Changed-By: Chris Lamb <lamby@debian.org>
    Description:
    redis - Persistent key-value database with network interface (metapackage
    redis-sentinel - Persistent key-value database with network interface (monitoring)
    redis-server - Persistent key-value database with network interface
    redis-tools - Persistent key-value database with network interface (client) Closes: 1005787
    Changes:
    redis (5:6.0.16-1+deb11u2) bullseye-security; urgency=high
    .
    * CVE-2022-0543: Prevent a Debian-specific Lua sandbox escape vulnerability.
    .
    This vulnerability existed because the Lua library in Debian is provided as
    a dynamic library. A "package" variable was automatically populated that
    in turn permitted access to arbitrary Lua functionality. As this extended
    to, for example, the "execute" function from the "os" module, an attacker
    with the ability to execute arbitrary Lua code could potentially execute
    arbitrary shell commands.
    .
    Thanks to Reginaldo Silva <https://www.ubercomp.com> for discovering and
    reporting this issue. (Closes: #1005787)
    Checksums-Sha1:
    73a12dedee6e1510def455590526af17ccf56a24 2296 redis_6.0.16-1+deb11u2.dsc
    cd9e181eef1125b7c7eb9cd1198791ac0a9f24ae 29764 redis_6.0.16-1+deb11u2.debian.tar.xz
    b750091b586a44eb6a208b5b0fd772943c0e323b 64540 redis-sentinel_6.0.16-1+deb11u2_amd64.deb
    8e424ccd6768ead6b953c3b0438dc75fbf5ac1e4 98212 redis-server_6.0.16-1+deb11u2_amd64.deb
    752ff3b7355ae569dd88e990c6ef5fb67abd7bf0 1760540 redis-tools-dbgsym_6.0.16-1+deb11u2_amd64.deb
    52750a0022140b2d0f051cce4df742727411f759 741308 redis-tools_6.0.16-1+deb11u2_amd64.deb
    d9921bfcfa27a7825ffed9b112b10b8e49063180 56796 redis_6.0.16-1+deb11u2_all.deb
    c271c00ede79a4f5a45983efe0350d1efe7ccd1f 7482 redis_6.0.16-1+deb11u2_amd64.buildinfo
    Checksums-Sha256:
    fbce4f2cb4b5c7d1e4371b74dfd54066de592080f398be148c274c7b116060fc 2296 redis_6.0.16-1+deb11u2.dsc
    11dd7e429818fa7a4595849bc3223f4a23055d4e83b474e54102e5eeb922ad0d 29764 redis_6.0.16-1+deb11u2.debian.tar.xz
    cec84029bd00b54bb7ee425c1561336141bfcdc626e87a32001e84e93510a923 64540 redis-sentinel_6.0.16-1+deb11u2_amd64.deb
    d7d3d93e00d414982eef09b57de3ad39db5ab61c16aef58241dedb75db0105fc 98212 redis-server_6.0.16-1+deb11u2_amd64.deb
    e3198c1a058b1dc0f795ff81f1b6346d39edbafa736e0ed36653c4f2546e1d38 1760540 redis-tools-dbgsym_6.0.16-1+deb11u2_amd64.deb
    0329056b6cf1cc65ec1069a66bb0825ddb8307d1c6c5c93ab022fb19187138fd 741308 redis-tools_6.0.16-1+deb11u2_amd64.deb
    9f671ecd20d9c60cb5548cf0608b9d259b89cbf55ba96f888c31a4477a0d351e 56796 redis_6.0.16-1+deb11u2_all.deb
    66986056b626ba113fd77911d6e3bb86b95f04a15dcb3b0bf6500321fab19350 7482 redis_6.0.16-1+deb11u2_amd64.buildinfo
    Files:
    39239e8d8292c0c73daa176405380215 2296 database optional redis_6.0.16-1+deb11u2.dsc
    33786e9d93c01b16352b2b25372a69b4 29764 database optional redis_6.0.16-1+deb11u2.debian.tar.xz
    9ad5ac71ee63206022820e1ea82e24dd 64540 database optional redis-sentinel_6.0.16-1+deb11u2_amd64.deb
    5ce11a294ed67a34a59f5ecc612bc45d 98212 database optional redis-server_6.0.16-1+deb11u2_amd64.deb
    27b40d97fa17552a2aa2e1268232c738 1760540 debug optional redis-tools-dbgsym_6.0.16-1+deb11u2_amd64.deb
    94004e20ad4918c55b15d633f019f3b9 741308 database optional redis-tools_6.0.16-1+deb11u2_amd64.deb
    05d1e4d3be7b82c80396fc23d2611b47 56796 database optional redis_6.0.16-1+deb11u2_all.deb
    8339e96b1f51b7306e624952b9b1a1ef 7482 database optional redis_6.0.16-1+deb11u2_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmINc7kACgkQHpU+J9Qx HlgZgw//YSjcO3JSSvbZFP3GqYl8jYysHBMMJtqGb3vnkRuq2jgxDr1ZgDN1DAKz a2+j+nES56Y1lny6TdbhQk9rLV9c2yVVrdcaO3P41goii9SSOUO4/IMuzPHqil39 7ApnuORI07MZ5SbpKKRDdzy4mfE2fOcSkCkxyD0IslkO32vxR95/nCLXG1lW7Hmp FRnLJwDa1fLiUQNyAWEQSGaZzEDO3MOofQzHLrSWMkj4lBWi8mOsvKRzIiy55+j+ GeCYsDJKTLmtoGxrHIbz3dnexTp/Zc2o3cBecgpgIfgUJphHpgNP76cugXchjJ6S YPXUyc5OvSjyEtBYAWdVEwCBw8w59yZhkOJO8LR3l/Ho+u39OSFO5VN54bRJ5I3o 58tCTIFlE7H9Vr6G9T9tk/u4AnwzPeBJ09/nH+58vTgnall/mSw4s49d/07y9jAP IpKTY0tD3RkJ2zew674WZbfAxicVtOWqvQErhT7Y9Oa6w7edg4UPrLRus1UP3VBJ aX5Td00D/GeW+VxIkel/cBxb2pTZlXuzCKm55tcUJ6M81THXlmlHedaqzbvHAmkO W9cfu4TH49jUauoCPJ5eBZiNvqeRN0Dr6xTJGut6Q8dZ/zBCHpbN/7/xKSF84JI7 i+fNJLiRK7DFnOl+LZBwsCPj6Zws5QeFF9X9t2mKKisaw9tlOUM=
    =K53A
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)