-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 23 Jul 2025 13:01:37 -0700 Source: redis Binary: redis-sentinel redis-server redis-tools redis-tools-dbgsym Architecture: ppc64el Version: 5:7.0.15-1~deb12u5 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Chris Lamb Description: redis-sentinel - Persistent key-value database with network interface (monitoring) redis-server - Persistent key-value database with network interface redis-tools - Persistent key-value database with network interface (client) Closes: 1106822 1108975 1108981 Changes: redis (5:7.0.15-1~deb12u5) bookworm-security; urgency=high . * CVE-2025-27151: Fix an stack-based buffer overflow in redis-check-aof caused by the use of memcpy with strlen(filepath) when copying a user-supplied file path into a fixed-size stack buffer. This allowed an attacker to overflow the stack and potentially achieve arbitrary code execution. (Closes: #1106822) * CVE-2025-32023: An authenticated user may have used a specially-crafted string to trigger a stack/heap out-of-bounds write during hyperloglog operations, potentially leading to remote code execution. Installations that used Redis' ACL system to restrict hyperloglog "HLL" commands are unaffected by this issue. (Closes: #1108975) * CVE-2025-48367: An unauthenticated connection could have caused repeated IP protocol errors, leading to client starvation and ultimately become a Denial of Service (DoS) attack. (Closes: #1108981) Checksums-Sha1: 8395b57821706ef1c2a208cbd4d60cec8b39c0a5 34256 redis-sentinel_7.0.15-1~deb12u5_ppc64el.deb 66ac397a9362a29d8f277cdc84389b972561443b 73048 redis-server_7.0.15-1~deb12u5_ppc64el.deb a50e842e035b42efd8eb1a5d80107ffa3d77780c 2661596 redis-tools-dbgsym_7.0.15-1~deb12u5_ppc64el.deb e03fd4d6fa1d2d073ed29085de90894b7842cc42 1018680 redis-tools_7.0.15-1~deb12u5_ppc64el.deb 017b50a48b41c40764514e993ed51e5b11e4eae1 7767 redis_7.0.15-1~deb12u5_ppc64el-buildd.buildinfo Checksums-Sha256: 003efbbaae526fd55d8e9338750c29ef95bc9b4336aaf41c246f30a0be668918 34256 redis-sentinel_7.0.15-1~deb12u5_ppc64el.deb 60c0e90bc8ce027b710994c6e6b197d5228e19e11743baf6ea19fc71aa32bb7e 73048 redis-server_7.0.15-1~deb12u5_ppc64el.deb f1acd67e885b34d071ae298f925e8bd323f8d0412a61c546c48ad97910a0f50f 2661596 redis-tools-dbgsym_7.0.15-1~deb12u5_ppc64el.deb 7722fdd0a1885304c94f7a62b6466824c36c1723b8123aa0f293a0a7d614f40d 1018680 redis-tools_7.0.15-1~deb12u5_ppc64el.deb 22b09a1f9b74ede459470dc68557b1df937273b2b82a5c251b213ac10e86cc9f 7767 redis_7.0.15-1~deb12u5_ppc64el-buildd.buildinfo Files: b5f54c3cafcb8b33fb739c401ac39256 34256 database optional redis-sentinel_7.0.15-1~deb12u5_ppc64el.deb 9455ae8506119973598515518425bb8d 73048 database optional redis-server_7.0.15-1~deb12u5_ppc64el.deb b3a5853520624207330ac81df99509a5 2661596 debug optional redis-tools-dbgsym_7.0.15-1~deb12u5_ppc64el.deb 3011421117504b5be28cfdb83dfbeebc 1018680 database optional redis-tools_7.0.15-1~deb12u5_ppc64el.deb b485c4f91ceef748048602d01ee4982e 7767 database optional redis_7.0.15-1~deb12u5_ppc64el-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYo4fOZBRi9qmvTxH1PowSTJ8+YQFAmiH8kkACgkQ1PowSTJ8 +YRAshAAti1XZ2c/WEPT0yYQNHnKTisd3aeGoUepXEXOfa6Y0kd2unEF4yMuXQ+/ fiSzGksxtAo3FlnLPdPMzH+twXrNu8qjYRkm4Zd+e0vKTMXIb9ia8pY9YIwPXhzV 0HrzHEtcXDTur/RI2Fmro2scXuzHgNtvNcvxzcywYUXH4+WKhVWss/47wdBxSqEQ b0JXntn81GlFisNl6uHsqGFCqfrRGcefDBAopf+eqEYGrbrXKHQgsIM2YHxWpw71 CtCQ/jLUjH6fGyntgpOtGDrMbESYrweIOoIM9N1Dgo95q/TzNbFy9tQvngwfPOg4 BU49PoQSKrjmeaQMM5xyQI0MKc4nkA7C6fSDuOgIdCCS69CNi+A4aN9m1kw7ONkE g0knqXZmEYLq4OUBDMXcg5EavjxNdNoAkDIAqSAiYapOVL90l9T2YVV185GVJr15 2bgSSp9y6h3P25sC7CIq8DS6NRliVDMrLV2365y3GhnCWQs8HcGREqXA+yQbnVwM Ks8XTfWiVANItNYGRpLyCksvUk3+9wfQuqKDN+MnwfScMFIxAgl6G0JknlnONFyS pi8FpKYCKu2470VE4hnf/AFiP48VPeF0yK5RwP2E9dgkcwEPc9HaWU4x+LwjFLRv O+igbIE3QAYuBnlPnBuu7zRiEvZtNtfYGUaous1/7yr/nZvJZ80= =8azQ -----END PGP SIGNATURE-----