-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 23 Jul 2025 13:01:37 -0700 Source: redis Binary: redis-sentinel redis-server redis-tools redis-tools-dbgsym Architecture: mips64el Version: 5:7.0.15-1~deb12u5 Distribution: bookworm-security Urgency: high Maintainer: mipsel Build Daemon (mipsel-osuosl-03) Changed-By: Chris Lamb Description: redis-sentinel - Persistent key-value database with network interface (monitoring) redis-server - Persistent key-value database with network interface redis-tools - Persistent key-value database with network interface (client) Closes: 1106822 1108975 1108981 Changes: redis (5:7.0.15-1~deb12u5) bookworm-security; urgency=high . * CVE-2025-27151: Fix an stack-based buffer overflow in redis-check-aof caused by the use of memcpy with strlen(filepath) when copying a user-supplied file path into a fixed-size stack buffer. This allowed an attacker to overflow the stack and potentially achieve arbitrary code execution. (Closes: #1106822) * CVE-2025-32023: An authenticated user may have used a specially-crafted string to trigger a stack/heap out-of-bounds write during hyperloglog operations, potentially leading to remote code execution. Installations that used Redis' ACL system to restrict hyperloglog "HLL" commands are unaffected by this issue. (Closes: #1108975) * CVE-2025-48367: An unauthenticated connection could have caused repeated IP protocol errors, leading to client starvation and ultimately become a Denial of Service (DoS) attack. (Closes: #1108981) Checksums-Sha1: 3e64da13337583fc642291b5e005833a00d277d0 34252 redis-sentinel_7.0.15-1~deb12u5_mips64el.deb 30d874078b80de0579bdb5143f04ec5555f370cc 73048 redis-server_7.0.15-1~deb12u5_mips64el.deb 7a436f7a4fa85626489fb40eb0106681a1ffbc40 2766996 redis-tools-dbgsym_7.0.15-1~deb12u5_mips64el.deb 6bbe5b3ebde3621ab4f025d5b011bece774b0a75 860180 redis-tools_7.0.15-1~deb12u5_mips64el.deb 0564313f642d4755a9d893b5e1b654a055fa7afa 7562 redis_7.0.15-1~deb12u5_mips64el-buildd.buildinfo Checksums-Sha256: 0bed2125a21a3d8b09c7de1ddad4eae1c5e9305e891c6f221266e67eeaa78a89 34252 redis-sentinel_7.0.15-1~deb12u5_mips64el.deb 8b3589d47d174d9528b9d92279c6655e85d23e4426b871631f6bcb5166425293 73048 redis-server_7.0.15-1~deb12u5_mips64el.deb 8825c28463151749c82554421e47187047ea24d9f74bdb3eb01462e2673f8486 2766996 redis-tools-dbgsym_7.0.15-1~deb12u5_mips64el.deb e082e5778908bbeab658d4dfa4bb0105cbd9c56be99d9b1cfc1ba74031f47653 860180 redis-tools_7.0.15-1~deb12u5_mips64el.deb 5949e0125c2eca7b572bc0cd78a1b5ee227423b6bf3a026bdad2f77949dfbec4 7562 redis_7.0.15-1~deb12u5_mips64el-buildd.buildinfo Files: 3783a9eda93832387f734d9a4c998703 34252 database optional redis-sentinel_7.0.15-1~deb12u5_mips64el.deb 1e4c13a91b638974f574f02709f673c4 73048 database optional redis-server_7.0.15-1~deb12u5_mips64el.deb 453c8043c6fab0ab630b0427fda6823b 2766996 debug optional redis-tools-dbgsym_7.0.15-1~deb12u5_mips64el.deb 04f31dc5a3a5ab24ca27ec6f9ea88eb0 860180 database optional redis-tools_7.0.15-1~deb12u5_mips64el.deb ffab552b9a054560a12da6bb0d24b81d 7562 database optional redis_7.0.15-1~deb12u5_mips64el-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEesE3YcWKZXIkRPMemf85J+x5/aoFAmiH9R0ACgkQmf85J+x5 /arFwA//Qk1RGYT+glF4q1VqkAZgv+2zM7rZYPV2zYTJmTFzsNH8aVwbpmGYkx9a p6e6L0UuO/yfp3tUUB5R+v1mCAcur4fvsJQaOYnQENxouzv7tmNeNzognqXMA3B7 CE32jerCrQHWQMre+M0YxZV8tlih5t0/STw5rErbJCU1sszn9tx+zpIBdaHP/6dq EsDe6JcjaGrBFG3pPeckPkXvbqvRj+7aDcAVqkdRq1VC/ErKANentpgnKAVm8Vsl Ca3iiUzLvUABAeOSnJSYuq2kXA6qKbLDe2LisuMwnAbB2aJEwOf/0k3UGJzaw+NG vP93vl28nooGTc32gnbrZe/yyKMD9/F8hxzEhDXJoiSpJ4kcY0/L2HVax88nFgUf qz0U0YzfpijqoMwp7vXEzsobOGg2Dp4n09amKuSjkddr9tRjVytnUdbGVBLFxrx2 /PQNW6xkYnkT3WonNGiikDZaG/D5TRVXy54f9vqiF4ikB9tJUqVam1jmpEt3mu1+ 1P+nnbg8xQ2+JnpJHuv9N7Bve+78HSNzGzqPZcjl3ekG2Ct3YNjrf0DULHheP6fE 01kHJB73mxkwjN4uQiFKVuUi6EdTW15Wtfrr/GVC1Zbeamcab3ZnBQ1ZGA8BYK7x JqhXTdc+GTAJt2olvSYb3OlzAVO37EFCRgDT3NiZqpLE1porsUg= =wRA9 -----END PGP SIGNATURE-----