-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 23 Jul 2025 13:01:37 -0700
Source: redis
Binary: redis-sentinel redis-server redis-tools redis-tools-dbgsym
Architecture: i386
Version: 5:7.0.15-1~deb12u5
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
 redis-sentinel - Persistent key-value database with network interface (monitoring)
 redis-server - Persistent key-value database with network interface
 redis-tools - Persistent key-value database with network interface (client)
Closes: 1106822 1108975 1108981
Changes:
 redis (5:7.0.15-1~deb12u5) bookworm-security; urgency=high
 .
   * CVE-2025-27151: Fix an stack-based buffer overflow in redis-check-aof
     caused by the use of memcpy with strlen(filepath) when copying a
     user-supplied file path into a fixed-size stack buffer. This allowed an
     attacker to overflow the stack and potentially achieve arbitrary code
     execution. (Closes: #1106822)
   * CVE-2025-32023: An authenticated user may have used a specially-crafted
     string to trigger a stack/heap out-of-bounds write during hyperloglog
     operations, potentially leading to remote code execution. Installations
     that used Redis' ACL system to restrict hyperloglog "HLL" commands are
     unaffected by this issue. (Closes: #1108975)
   * CVE-2025-48367: An unauthenticated connection could have caused repeated IP
     protocol errors, leading to client starvation and ultimately become a
     Denial of Service (DoS) attack. (Closes: #1108981)
Checksums-Sha1:
 5cb15c33f7ca76dd907ff1fbc6b9ea81d4738ca1 34252 redis-sentinel_7.0.15-1~deb12u5_i386.deb
 d72430cec8c3ced37cc89e56990124367d58ea5f 73044 redis-server_7.0.15-1~deb12u5_i386.deb
 b4029f65976f44f91779fb57a7038203fe8e0524 2452016 redis-tools-dbgsym_7.0.15-1~deb12u5_i386.deb
 803d1304701cd69f4c9e6274292047c2b785d047 1058432 redis-tools_7.0.15-1~deb12u5_i386.deb
 8478e3923a5683b4eefd7f0c7ead03463134ec0f 7661 redis_7.0.15-1~deb12u5_i386-buildd.buildinfo
Checksums-Sha256:
 4b257de9cadf595453c426e0f5e7095aef8eaf90911bfab704ab14490a26086c 34252 redis-sentinel_7.0.15-1~deb12u5_i386.deb
 25d5514a493d5772d75aa13cd1ddf2397a5a1992f11901904791d68c05299755 73044 redis-server_7.0.15-1~deb12u5_i386.deb
 26c568c990dfde07267f4118b0fb9bb403709e8a8d0656f171622da369e6946d 2452016 redis-tools-dbgsym_7.0.15-1~deb12u5_i386.deb
 246201a26ad3001840ae05e081a123eeb3860ebe4030facfcf471ef9f50b61c8 1058432 redis-tools_7.0.15-1~deb12u5_i386.deb
 379f9787e6fb958171f6f70779694da5f6d2c00223f3b236b1a9b643d994074c 7661 redis_7.0.15-1~deb12u5_i386-buildd.buildinfo
Files:
 3341d590fba7df5001b852ed02441b75 34252 database optional redis-sentinel_7.0.15-1~deb12u5_i386.deb
 384aa5be78153f1ea448a6ca036cf79d 73044 database optional redis-server_7.0.15-1~deb12u5_i386.deb
 959053e5a3e440346fa0ead9a0edfacc 2452016 debug optional redis-tools-dbgsym_7.0.15-1~deb12u5_i386.deb
 035397ee4281e2f939a0ac3a085bed7b 1058432 database optional redis-tools_7.0.15-1~deb12u5_i386.deb
 f2abf4c572540fd296e5d9cc3bddffe9 7661 database optional redis_7.0.15-1~deb12u5_i386-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXNeYFUF3FbHcrtSeIy3Pg040HrAFAmiH86UACgkQIy3Pg040
HrBY9Q/9E7m4BUzCqGmMKHJNsdkZPYTSqa+gkLp+1Scf8kGT5S02/IOLKwdjkrlW
FZlw4lxhGtnBIEQcaRQKzrkDICzrBvMZ3XJG8xtEKJy3Rnfv+KaS0oLJwL27FkfS
k7isZwvKfAnOkvo2DYFTL89fktYSQgKj3TpFBcu1LhxHM9QbeZofFYI6WcqS1gSo
Z+f5oTtmC1q6P0Fmrikf2cG7YQE3fbl3uvJBlgqnyms8EzYMqfmkifpvCXJw3ZHh
SEglHn47Yp/j2/ZInHZy+g+W/Rtdey+Hp7tdJYEqMgofuwFuIJxVxjVwY9QmMiWu
znaNdBnXWScQ78oMechwfs1TBXFlTSD21Ed1x0z1m3NY9iGVWYAHDNdkLwxXJ3f7
VrSDlMbGOrMZDl9fr2TlEbTIOOzf54jZRhEq5RZHpHQxSQZnhRDebCzqnK2fAkq1
NcNcjZaW0HzHQNoZ0F0OJWhr2qjbSTyAn0sVLcmdf7Y68gHLDg8f6fSncd6JrMoE
cBTOIOJZcpzvP1/BcVV7tKtfHilP7UDaUU5wVSueNf6/I5xWNVCHHkfkDFbwgoMK
DyJ11IdSqxGjUM1uWAeFZ/B+baBm0gKRRUYoRAYaaIKxOLzCBIjaAdfnKPk/guBC
UrV/Cas/lU7oQhO/sMgY/1i7aGbWBb8aguzQHWv1MQ6MMWlKPmE=
=6Mie
-----END PGP SIGNATURE-----