Your message dated Tue, 04 May 2021 10:03:29 +0000 with message-id <e1ldrtp-0003y7...@fasolo.debian.org> and subject line Bug#988045: fixed in redis 5:6.2.3-1 has caused the Debian Bug report #988045, regarding redis: CVE-2021-29477 & CVE-2021-29478 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988045: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988045 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: redis Version: 3:3.2.6-3+deb9u3 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for redis. CVE-2021-29477[0]: Vulnerability in the STRALGO LCS command CVE-2021-29478[1]: Vulnerability in the COPY command for large intsets If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-29477 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29477 [1] https://security-tracker.debian.org/tracker/CVE-2021-29478 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29478 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
--- End Message ---
--- Begin Message ---Source: redis Source-Version: 5:6.2.3-1 Done: Chris Lamb <la...@debian.org> We believe that the bug you reported is fixed in the latest version of redis, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chris Lamb <la...@debian.org> (supplier of updated redis package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 04 May 2021 11:00:25 +0100 Source: redis Built-For-Profiles: nocheck Architecture: source Version: 5:6.2.3-1 Distribution: experimental Urgency: medium Maintainer: Chris Lamb <la...@debian.org> Changed-By: Chris Lamb <la...@debian.org> Closes: 988045 Changes: redis (5:6.2.3-1) experimental; urgency=medium . * New upstream security release: - CVE-2021-29477: Vulnerability in the STRALGO LCS command. - CVE-2021-29478: Vulnerability in the COPY command for large intsets. (Closes: #988045) * Refresh patches. Checksums-Sha1: 44542c4195cfbd0feb495a5a3c3ba547e962003d 2266 redis_6.2.3-1.dsc 97677eff0c3feef4f5a81f4f18140f5446a142b2 2479034 redis_6.2.3.orig.tar.gz 4254d91808e293668305030be823bf9d8b29b32a 27280 redis_6.2.3-1.debian.tar.xz daa870f7350e2b624f78921b2e5bf33e840369f5 7288 redis_6.2.3-1_amd64.buildinfo Checksums-Sha256: e7bcadea10364e146c6a0e74db48e151c31328c3eab6e8a348659a6bedf9a23c 2266 redis_6.2.3-1.dsc 0a3df8ec14bf1e4f91a32d1dd1742a1573a906d72308fe8ce7b652800273fee1 2479034 redis_6.2.3.orig.tar.gz a5cc6293ead23c52958263c393b5e331fb84b4074201b000c21dcbfd887b9760 27280 redis_6.2.3-1.debian.tar.xz b3036360248c642a04862ebddade4ff50830ff02c2c869fbd562fd164045d131 7288 redis_6.2.3-1_amd64.buildinfo Files: 81107cd3637e641e162242061c7d4f06 2266 database optional redis_6.2.3-1.dsc 03c829e1f0755638963e473847d4ceaf 2479034 database optional redis_6.2.3.orig.tar.gz 8d1b9581be37c21ad1321603665f7d36 27280 database optional redis_6.2.3-1.debian.tar.xz 4f1e0825cb755537a38dd978d185e397 7288 database optional redis_6.2.3-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmCRG4MACgkQHpU+J9Qx HljjRg/9H/cWnfsyJ3pbsd/uEHtrlXryXEQcgixjXz8CFydAum96ObVllWrUDNjS E8fnk26i1xeIlovPPaeb2LaHIoeownN5WrQGApldQ+8drf2teEkn/EGKS5D1YnVc XFe2/giDQfti9NbJ54wpv5pvgJhYBA6DS+Ai6rvBrshCQ2Ua6s9JWFCCAO8vJMQ5 NaQMDyPDzWMrl9DNpHC41OQDc+hwzbx9BNH4w1hIL7Yk2N9pgxMp2aFYx2PuA8Yt zEFtpOJ+K13FJUS8R7XzDN6i+KsyD1+uMb4qy5cG6rJSdcYiW4U02PBgLlayjvd3 dGgNCPUYdxsUqZDlMTGI8xmZZYltje/58PaaIyXG7pQ2JcLVhbh8IA2Xqlba7Rjy iZUyppGnHpXtRs6B6IragjGQdlX4w3kPVANuC0duKsOsd5ZbpfnMFGr2bHiD1ZQG EUFKyAGPiQ6Cl+8ELY5jLnsiCZSfIEkVyKN9tN24EOTUIXF5zlQFKI1mzV3PZ6do 0kU1op9ychGwsRgFCDIgfKDUM3fowkV6oTynJJGEDVQBG0/e5HXxTY4KiUMn5MjR 3lqrJx0/VCGgB5GLTHSry2M3CS7T6UyhX6+OEZ9Yvq+/hLIpTH6h6j8MDyagE/5I 33B2h8GVEjaipbBWaIEw/ad5HU5q+8ewpeYieSOJU27Bu/jn30g= =IF8j -----END PGP SIGNATURE-----
--- End Message ---
