[SECURITY] [DLA 3973-1] redis security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3973-1 debian-lts@lists.debian.org
http://www.debian.org/lts/security/ Adrian Bunk
November 28, 2024 http://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : redis
Version : 5:6.0.16-1+deb11u4
CVE ID : CVE-2022-35977 CVE-2024-31228
Debian Bug : 1084805
Multiple vulnerabilities have been fixed in the key–value database Redis.
CVE-2022-35977
integer overflows in SETRANGE and SORT
CVE-2024-31228
unbounded pattern matching DoS
For Debian 11 bullseye, these problems have been fixed in version
5:6.0.16-1+deb11u4.
We recommend that you upgrade your redis packages.
For the detailed security status of redis please refer to
its security tracker page at:
http://security-tracker.debian.org/tracker/redis
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmdI5WUACgkQiNJCh6LY
mLHghw//SmwP4qp3i8p7OuBRFVpWdVYwe+sRo69YtmiGktpn3bDsJcjrRbEy9eEX
yJ5XZTcuLRm32HqN1pvrlMtT4bz5eP9nUAMQzvgGWarT5PH0H4QL9covJbZWAedd
kq37P7+u0GZVc1LuU1M1eBUn9ryeC0p1E8ThmgefR9EDFgXyLpG+GHu8325GGsim
pT86FMi1Md09YexV/2L9X2leL3vSr5hEefk6UNu3zqUk+0MPa4d/JuGyWh8uvH41
Gqf5TP1i2rZ7g/Fccw3pJRuN2gXC2njf7Hi28mDlscg+JIP7LbMq9UftK3xgWadC
TxbJu7p/MxTFQKlmBax+uneRk0HwE0RZRXFBjLMkqx+Tlq2hykCRIUwCrQFTZ7Db
rT4Ck2TRwAI4ekJqYiD88DxINjJqY44WOB5vErfCb72VF7JaoDD5u4ZBj3M50M3F
A4OQEnsUxkm+fJ/OGH3RQ2i7xk0+3O50AAa2Py9DE/j6CCxnWpfM1Cb/1tcWSj6Z
7+PVq8ee9+8L/y71z1rOGrM3l3dWl+w+jj3QJ9vV3DBAydRq0Wl9UhwOwka3gYeW
tinfuV7jd4DQnYiSx7DeRRXTZr4WJEmgGFGBkVxwWJ47oTh16nPdLEdYzOnR1osE
YhRpzOTDbz7ny6W6VzPoO+9+csetLLLm/HI1+2D4ioo3e5GUGRg=
=NRVZ
-----END PGP SIGNATURE-----
Reply to: