-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 May 2026 12:00:00 +0800
Source: redis
Binary: redis
Architecture: all
Version: 5:7.0.15-1~deb12u7
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Description:
 redis      - Persistent key-value database with network interface (metapackage
Changes:
 redis (5:7.0.15-1~deb12u7) bookworm-security; urgency=high
 .
   * CVE-2025-67733: RESP protocol injection via Lua error_reply. A user
     could manipulate data read by a connection by injecting CR/LF
     sequences into a Redis error reply.
     6910256443c7 ("Strip CRLF from error and simple string replies").
   * CVE-2026-21863: Remote DoS with malformed Cluster bus message. A peer
     could send a crafted PING/PONG/MEET packet whose gossip count or
     ping-extension header exceeds the received packet length, causing
     out-of-bounds reads and a server crash.
Checksums-Sha1:
 bb1320efa5d5b9ccc5c44fff3cb39c4d5e9c2ca8 6819 redis_7.0.15-1~deb12u7_all-buildd.buildinfo
 dc8533fd84788dec1044dfc0619a9196bd21c8f7 25520 redis_7.0.15-1~deb12u7_all.deb
Checksums-Sha256:
 6d3fde11e045f003eea50f8efd3234159270cad686af246a66769884a53de462 6819 redis_7.0.15-1~deb12u7_all-buildd.buildinfo
 2f957fde6961e5dfed7428d051c4c316718e6aae3ae12c71f9e1886ccd1785f9 25520 redis_7.0.15-1~deb12u7_all.deb
Files:
 f4aca4e9871705d5eb3715a8b795fe64 6819 database optional redis_7.0.15-1~deb12u7_all-buildd.buildinfo
 9ca124e434f14ecc3d6f938586c8e6c6 25520 database optional redis_7.0.15-1~deb12u7_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmoEzXoACgkQmgPNRvTf
/zcuQQ/9FxeI36FCUfZez+cqnd30qZEhk6VDLFarWZJT4/G1beXc4XKm2MRJmlVS
YwLIZnEYQ5HxqQQsgvEEth2eZBOUcM2APqnBDFWx9cEp6rwxgENNrj376fOnvDEx
RYUGt0SsSE2T2Y/12cJ4Mv7n0CS4Pz9KG3rTKmlCqcJVj/djtR4BP5W2N7VbLHS6
yz4d7ns+CGqZl8pFKb78vj6/C71y5K/+OzHZTUl5rXyaKjBiiIJjUhW2cMuOEL5a
uWSkMP4D6hx1XW+DCVIAFHNB3S4Gs3AMxwVaKoHWf3fAGf8VHMAyZBmqAZSz36XW
xg8ShCwkpGjP0aCDKyCvBoHsgGr1G0SySEAsh7xp/6VIfBP+DbuKlVOe4zcLZyVF
dA+oq1Epmq1yDivh+Ylcly+2OpBVj84dq3kAkEaHlUXA5ChPSfKYr/7OhQTRXuSE
iUXz4JciD+ssfEORjx+fLWDJ6wgBhy0TaTQpvfWcPHz6f+tnHojxTljhbPgXlol2
A8Vme+nm+YEsgYU7adVusdKWXc1oHFHUrpYZ1T24VWtUBwSeQVRN8YXxflxsdD1h
3As2AnPdOnVtrsowZLbW3IKZYQBTzz16VDrlaIs10mE5sVxYEX/SAePnym45sKB6
/Q7Zz72SJWMSBnUZ5vXRAiWM+ifGe8CyMvmVqvfCDZKqUsR0e68=
=Lbh/
-----END PGP SIGNATURE-----