redis: CVE-2021-32625

Debian Bug report logs - #989351
redis: CVE-2021-32625

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: "Chris Lamb" <lamby@debian.org>

To: submit@bugs.debian.org

Subject: redis: CVE-2021-32625

Date: Tue, 01 Jun 2021 16:34:25 +0100

Package: redis
Version: 5:6.0.11-1
X-Debbugs-CC: team@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for redis.

  CVE-2021-32625 [0]

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-32625
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32625


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

Message #16 received at 989351-close@bugs.debian.org (full text, mbox, reply):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>

To: 989351-close@bugs.debian.org

Subject: Bug#989351: fixed in redis 5:6.0.14-1

Date: Tue, 01 Jun 2021 16:49:14 +0000

Source: redis
Source-Version: 5:6.0.14-1
Done: Chris Lamb <lamby@debian.org>

We believe that the bug you reported is fixed in the latest version of
redis, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 989351@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb <lamby@debian.org> (supplier of updated redis package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 01 Jun 2021 17:35:19 +0100
Source: redis
Built-For-Profiles: nocheck
Architecture: source
Version: 5:6.0.14-1
Distribution: unstable
Urgency: medium
Maintainer: Chris Lamb <lamby@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 989351
Changes:
 redis (5:6.0.14-1) unstable; urgency=medium
 .
   * CVE-2021-32625: Fix a vulnerability in the STRALGO LCS command.
     (Closes: #989351)
Checksums-Sha1:
 758f6aa7424154da12c548e2e483eda5ea2e4d89 2264 redis_6.0.14-1.dsc
 c9492ebdc10c9dc8989b05289a24b4c3c601f81d 2297367 redis_6.0.14.orig.tar.gz
 72f266f728f7e6b30a79b4d9a988c752f1c4f08f 29088 redis_6.0.14-1.debian.tar.xz
 5594df59462321e1e16eb181adf47cb84cbb991b 7301 redis_6.0.14-1_amd64.buildinfo
Checksums-Sha256:
 6c15b9f195e487434c03d6d8ead536074e79cdb16fd03a491c3b3572c944c374 2264 redis_6.0.14-1.dsc
 c88dcfd2a7f21136ff96d363f5acf53753513ed00ac8a58e289700f57f46854e 2297367 redis_6.0.14.orig.tar.gz
 d9a11dca7770469f8277d8eb33496401fe422ad73233b72f967a109a4b125c51 29088 redis_6.0.14-1.debian.tar.xz
 172949fc734c0bd0da0456690ad6a614351ab43bf3575407e0896c5351eff393 7301 redis_6.0.14-1_amd64.buildinfo
Files:
 839b9a7bb27c365648c7374cd1c44b34 2264 database optional redis_6.0.14-1.dsc
 10dc3e331619e44744637bf6b3ee1ce6 2297367 database optional redis_6.0.14.orig.tar.gz
 b85010ad1a61aeac9dbf71c96ce7f26c 29088 database optional redis_6.0.14-1.debian.tar.xz
 d8c2bdb2e62930faed4234ea9ddf75d8 7301 database optional redis_6.0.14-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmC2Yg0ACgkQHpU+J9Qx
HljdPw/+JR4Zao1Mc0Un4lPtmSJFK2GmkEVjVeG4LwKEpLObsySqHywx52Mjstyz
dSzexEdl9gNJB6cVN1Q4P3AxBThG4rjqL8v5RHeNCb/agQkWowZagNrsc/JQpkMZ
1TAT7ibvlq9Mc6bApDTlHKc+PRWsL67kqFZVw++wHJNcZnpbcvqVmvYwByeWf+Ri
4h4zxeYVGlwkR6hrZkyYFfPayegFVUojjPkgjl9u7LDOzEVYzergy2dJOGTJcao0
FJrgFjOBHAiKLwt1fnmJDqiLJ2uUjBCB/5APdAhZO0MxvoUAj8REpueV774j1gZP
YfX6r7pkE7pFVoLil5avzOB/JPpLlRXUCmnxZoEoCLvSIXIqeQIDnVpBG2NRTlye
Y/ikwuVIkFfU5+zTwhnH6K/ulo6+dOSynYFqL2Sk2z1tEOYuWzK41UJDlHKyA/KO
mnP5zLwRXcTFLi39dE6ESgvKQ9kTR0y5CyHf8Bs1K+f0LHuEA4FmGDCPpYiKwko4
qvzBrUi66F4+ChGX07vk8v+jntnDsFAAPjGJtEI8QtF+9NThFCe5jjrbqxnu7jaW
QZJztKyoDQ5KsUHvtQgbvxDeWawNMUa11xImIuz1OrnKgr6FEwckfGAgBzT04zNa
JmhMH8DjkORYS1/eCrvaKCfJ3ZS/w2iD9Bb5wpzHy7XfStCHzyo=
=vEoS
-----END PGP SIGNATURE-----

Message #21 received at 989351-close@bugs.debian.org (full text, mbox, reply):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>

To: 989351-close@bugs.debian.org

Subject: Bug#989351: fixed in redis 5:6.2.4-1

Date: Tue, 01 Jun 2021 16:49:21 +0000

Source: redis
Source-Version: 5:6.2.4-1
Done: Chris Lamb <lamby@debian.org>

We believe that the bug you reported is fixed in the latest version of
redis, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 989351@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb <lamby@debian.org> (supplier of updated redis package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 01 Jun 2021 17:33:02 +0100
Source: redis
Built-For-Profiles: nocheck
Architecture: source
Version: 5:6.2.4-1
Distribution: experimental
Urgency: medium
Maintainer: Chris Lamb <lamby@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 989351
Changes:
 redis (5:6.2.4-1) experimental; urgency=medium
 .
   * CVE-2021-32625: Fix a vulnerability in the STRALGO LCS command.
     (Closes: #989351)
   * Refresh patches.
Checksums-Sha1:
 142a700f558ac2a3c500f4f5f345c9216f4ad9a8 2266 redis_6.2.4-1.dsc
 ec5e7b62158a4970310252c555e14ce9a3695096 2480860 redis_6.2.4.orig.tar.gz
 1a6e22d869fec6c50d7535ad1b510e13e9293fe4 27284 redis_6.2.4-1.debian.tar.xz
 435a95d541004c1f7f4840adfad3d528faff7a4f 7282 redis_6.2.4-1_amd64.buildinfo
Checksums-Sha256:
 611009dc0f9194ebd6f513c641de9be9c8be89bdbbaafd252680010d2f11bc80 2266 redis_6.2.4-1.dsc
 d53bb1f3e31c8893cbeda20195fa64132e35354d633231939c47b640fd401098 2480860 redis_6.2.4.orig.tar.gz
 8228495118b3067f8028fe641f98445e5171cb805a3c74be223fd45a789a4a14 27284 redis_6.2.4-1.debian.tar.xz
 1bade8e009a088d67535c9a8506ae5ed45a4fc6a3dc1e22a8d32a96f62c174c5 7282 redis_6.2.4-1_amd64.buildinfo
Files:
 d2bc42df5b028e44c2c880f068814403 2266 database optional redis_6.2.4-1.dsc
 b70a087b21582c15120ed0923f259019 2480860 database optional redis_6.2.4.orig.tar.gz
 34a8440a6534ab6d45e54d7a9dfcc1e4 27284 database optional redis_6.2.4-1.debian.tar.xz
 ccb9090697fb60d29ef51891e27cdf34 7282 database optional redis_6.2.4-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmC2YXkACgkQHpU+J9Qx
HliN+Q//WrKH1ARjwxj1kGA1fz9rpkPAWkVi6X8NY66MToMJMqa81m1pU54JI2FC
2e6gDRcLjZQqSZkxVKlv/rNQxV2/c+pDfiTt96OaMjlItncq176ZF1I+k3Mz/YTj
4srK8LEPJ1rRO20rUmLPUK06OdwNYgY7XW2FRXrlOWWdATrjitPZzrphoMVV1P1p
aHZn3eBVGl7fnboRbv6L4cRjD9aEqnN/wYR7noKbfRWew7TQhHL+jbXK8kVE/NYZ
ITJ/mYWjHM+K49poIkeRm4244KYy1t6RZ+FdNqNiUuyOvBw9QiFHj4UFfU3cBn73
G1g8+QGdXv6FeMi6m8MKMmmAMgj7fNz+ZqU5t4LtxuvOGljDi5z3vCYnaQ/N0qf7
NzRMgeasEXnEQHbUghhRuIXJepnrw9Khr4TQkXl5GS3aXLvCkdfGWNzLgVB2wJp1
olcyjL90v0TDfsywnyRdfuoUPgFzMO6BLYluhJ6JaXuNI2L575vA1fsGjqBEZly6
EnKTpdjuF9M8JE5geSkx0PDH7AstyapGe0RLqDMwODVVUFyXdZGLyawJyj3X7ziY
BFmYUDCbx3NBj4qA+49fJKBOt9ouEMthAEom0r4pHHAkqtKC2nvcLNHVo3t0cbJF
J+VYnQAlYzL8yxaWo/9ngKVHP7//MQbKRrOq/qxocmeLS1G2/co=
=rXbo
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.