Ubuntu
redis package

Change log for redis package in Ubuntu

175 of 170 results FirstPreviousLast
Published in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
redis (5:7.0.15-1build2) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- William Grant <email address hidden>  Mon, 01 Apr 2024 18:33:49 +1100
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
redis (5:7.0.15-1build1) noble; urgency=medium

  * No-change rebuild against libssl3t64

 -- Steve Langasek <email address hidden>  Mon, 04 Mar 2024 21:11:16 +0000
Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
redis (5:7.0.15-1) unstable; urgency=medium

  * New upstream security release:

    - CVE-2023-41056: In some cases, Redis may incorrectly handle resizing of
      memory buffers which can result in incorrect accounting of buffer sizes
      and lead to heap overflow and potential remote code execution.
      (Closes: #1060316)

    - For more information, please see:
      <https://raw.githubusercontent.com/redis/redis/7.2/00-RELEASENOTES>

  * Refresh patches.

 -- Chris Lamb <email address hidden>  Tue, 09 Jan 2024 13:42:30 +0000

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
redis (5:7.0.14-2) unstable; urgency=medium

  * Drop ProcSubset=pid hardening flag from the systemd unit files it appears
    to cause crashes with memory allocation errors. A huge thanks to Arnaud
    Rebillout <email address hidden> for the extensive investigation.
    (Closes: #1055039)

 -- Chris Lamb <email address hidden>  Tue, 31 Oct 2023 16:34:25 +0100

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
redis (5:7.0.14-1) unstable; urgency=high

  * New upstream security release:

    - CVE-2023-45145: On startup, Redis began listening on a Unix socket before
      adjusting its permissions to the user-provided configuration. If a
      permissive umask(2) was used, this created a race condition that enabled,
      during a short period of time, another process to establish an otherwise
      unauthorized connection. (Closes: #1054225)

  * Refresh patches.

 -- Chris Lamb <email address hidden>  Thu, 19 Oct 2023 15:50:56 +0100

Available diffs

Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
redis (5:7.0.12-1) unstable; urgency=high

  * New upstream security release:

    - CVE-2022-24834: A specially-crafted Lua script executing in Redis could
      have triggered a heap overflow in the cjson and cmsgpack libraries and
      result in heap corruption and potentially remote code execution. The
      problem exists in all versions of Redis with Lua scripting support and
      affects only authenticated/authorised users.

    - CVE-2023-36824: Extracting key names from a command and a list of
      arguments may, in some cases, have triggered a heap overflow and result
      in reading random heap memory, heap corruption and potentially remote
      code execution. (Specifically using COMMAND GETKEYS* and validation of
      key names in ACL rules). (Closes: #1040879)

    For more information, please see:

      <https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES>

 -- Chris Lamb <email address hidden>  Wed, 12 Jul 2023 10:07:09 +0100

Available diffs

Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
redis (5:7.0.11-1) unstable; urgency=high

  * New upstream security release:

    - CVE-2023-28856: Authenticated users could have used the HINCRBYFLOAT
      command to create an invalid hash field that would have crashed the Redis
      server on access. (Closes: #1034613)

    For more information, please see:

      https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES

  * Refresh patches.

 -- Chris Lamb <email address hidden>  Thu, 20 Apr 2023 07:38:23 +0100

Available diffs

Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
redis (5:7.0.8-4) unstable; urgency=medium

  * Correct "delaycompress" typo in redis-server.logrotate, not just
    redis-sentinel.logrotate. (Closes: #1031750)

 -- Chris Lamb <email address hidden>  Tue, 21 Feb 2023 16:48:01 -0800

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
redis (5:7.0.8-3) unstable; urgency=medium

  * Correct "delaycompress" typo. (Closes: #1031206)

 -- Chris Lamb <email address hidden>  Mon, 13 Feb 2023 08:39:23 -0800

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
redis (5:7.0.8-2) unstable; urgency=medium

  * Add delaycompess to logrotate configuration. Thanks, Marc Haber.
    (Closes: #1029844)

 -- Chris Lamb <email address hidden>  Mon, 30 Jan 2023 08:11:34 -0800

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
redis (5:7.0.8-1) unstable; urgency=high

  * New upstream release.
    <https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES>
  * CVE-2023-22458: Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER
    commands may have led to denial-of-service. (Closes: #1029363)
  * CVE-2022-35977: Integer overflow in the Redis SETRANGE and SORT/SORT_RO
    commands could have driven Redis to an OOM panic.

 -- Chris Lamb <email address hidden>  Sun, 22 Jan 2023 08:46:14 -0800

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
redis (5:7.0.7-1) unstable; urgency=medium

  * New upstream release.
  * Refresh patches.

 -- Chris Lamb <email address hidden>  Sat, 17 Dec 2022 10:21:39 +0000

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
redis (5:7.0.5-1) unstable; urgency=medium

  * New upstream security release:
    - CVE-2022-35951: Fix a heap overflow vulnerability in XAUTOCLAIM.
      Executing an XAUTOCLAIM command on a stream key in a specific state, with
      a specially crafted COUNT argument may have caused an integer overflow, a
      subsequent heap overflow and potentially lead to remote code execution.
      (Closes: #1020512)
  * Refresh patches.
  * Update debian/watch.

 -- Chris Lamb <email address hidden>  Fri, 23 Sep 2022 11:12:24 +0100

Available diffs

Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
redis (5:7.0.4-1) unstable; urgency=high

  * New upstream security release.
  * CVE-2022-31144: Prevent a potential heap overflow in Redis 7.0's
    XAUTOCLAIM command.

 -- Chris Lamb <email address hidden>  Mon, 18 Jul 2022 15:49:44 +0100
Obsolete in impish-updates
Obsolete in impish-security 
redis (5:6.0.15-1ubuntu0.1) impish-security; urgency=medium

  * SECURITY UPDATE: Lua sandbox escape
    - debian/rules: Ensure arbitrary Lua functionality is not permitted by
      specifying a nil package
    - CVE-2022-0543

 -- Alex Murray <email address hidden>  Mon, 07 Mar 2022 13:17:33 +1030
Published in focal-updates
Published in focal-security 
redis (5:5.0.7-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Lua sandbox escape
    - debian/rules: Ensure arbitrary Lua functionality is not permitted by
      specifying a nil package
    - CVE-2022-0543

 -- Alex Murray <email address hidden>  Mon, 07 Mar 2022 13:18:24 +1030
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
redis (5:6.0.16-1ubuntu1) jammy; urgency=medium

  * SECURITY UPDATE: Lua sandbox escape
    - debian/rules: Ensure arbitrary Lua functionality is not permitted by
      specifying a nil package
    - CVE-2022-0543

 -- Alex Murray <email address hidden>  Fri, 04 Mar 2022 15:44:35 +1030
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
redis (5:6.0.16-1build1) jammy; urgency=medium

  * No-change rebuild against libssl3

 -- Steve Langasek <email address hidden>  Thu, 09 Dec 2021 00:16:26 +0000
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
redis (5:6.0.16-1) unstable; urgency=medium

  * New upstream security release:

    - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
      redis-sentinel parsing large multi-bulk replies on some older and less
      common platforms.

    - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
      set-max-intset-entries is manually configured to a non-default, very
      large value.

    - CVE-2021-32675: Denial Of Service when processing RESP request payloads
      with a large number of elements on many connections.

    - CVE-2021-32672: Random heap reading issue with Lua Debugger.

    - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
      data types, when configuring a large, non-default value for
      hash-max-ziplist-entries, hash-max-ziplist-value,
      zset-max-ziplist-entries or zset-max-ziplist-value.

    - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
      configuring a non-default, large value for proto-max-bulk-len and
      client-query-buffer-limit.

    - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
      buffer overflow.

    - CVE-2021-41099: Integer to heap buffer overflow handling certain string
      commands and network payloads, when proto-max-bulk-len is manually
      configured to a non-default, very large value.

  * Refresh patches.
  * Bump Standards-Version to 4.6.0.

 -- Chris Lamb <email address hidden>  Mon, 04 Oct 2021 14:37:24 +0100

Available diffs

Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
redis (5:6.0.15-1) unstable; urgency=medium

  * New upstream security release.
    - CVE-2021-32761: Integer overflow issues with BITFIELD command
      on 32-bit systems.
  * Bump Standards-Version to 4.5.1.

 -- Chris Lamb <email address hidden>  Wed, 21 Jul 2021 22:21:54 +0100

Available diffs

Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
redis (5:6.0.14-1) unstable; urgency=medium

  * CVE-2021-32625: Fix a vulnerability in the STRALGO LCS command.
    (Closes: #989351)

 -- Chris Lamb <email address hidden>  Tue, 01 Jun 2021 17:35:19 +0100

Available diffs

Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
redis (5:6.0.13-1) unstable; urgency=medium

  * New upstream security release:
    - CVE-2021-29477: Vulnerability in the STRALGO LCS command.
    - CVE-2021-29478: Vulnerability in the COPY command for large intsets.
    (Closes: #988045)
  * Refresh patches.

 -- Chris Lamb <email address hidden>  Tue, 04 May 2021 11:06:14 +0100
Superseded in impish-proposed 
redis (5:6.0.12-1) unstable; urgency=medium

  * New upstream release.

 -- Chris Lamb <email address hidden>  Sat, 06 Mar 2021 11:03:47 +0000
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
redis (5:6.0.11-1) unstable; urgency=medium

  * New upstream release, incorporating security issues. (Closes: #983446)
    - Refresh patches.

 -- Chris Lamb <email address hidden>  Wed, 24 Feb 2021 11:05:06 +0000
Superseded in hirsute-proposed 
redis (5:6.0.10-4) unstable; urgency=medium

  * New upstream release
    - Fix cluster access to unaligned memory on ARM architectures with hard
      alignment requirements such as armhf and arm64. (Closes: #982504)
  * wrap-and-sort -sa.

 -- Chris Lamb <email address hidden>  Thu, 11 Feb 2021 14:49:41 +0000

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
redis (5:6.0.9-4) unstable; urgency=medium

  * Send systemd readiness notification when we are ready to accept connections
    in order to fix systemd integration when Redis is used with replicaof.
    Thanks to Guillem Jover for the report and patch. (Closes: #981226)

 -- Chris Lamb <email address hidden>  Thu, 28 Jan 2021 10:12:06 +0000
Superseded in hirsute-proposed 
redis (5:6.0.9-3) unstable; urgency=medium

  * Also remove the /etc/redis directory in purge.
  * Allow /etc/redis to be rewritten. Thanks to Yossi Gottlieb for the patch.
    (Closes: #981000)

 -- Chris Lamb <email address hidden>  Mon, 25 Jan 2021 12:44:05 +0000

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
redis (5:6.0.9-2) unstable; urgency=medium

  * Enable systemd Type=notify support. Thanks to Michael Prokop for all his
    help in integration. (Closes: #977852)
  * Bump Standards-Version to 4.5.1.

 -- Chris Lamb <email address hidden>  Wed, 13 Jan 2021 11:11:40 +0000

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
redis (5:6.0.9-1) unstable; urgency=medium

  * New upstream release.
    - Update patches.

 -- Chris Lamb <email address hidden>  Tue, 27 Oct 2020 10:24:49 +0000

Available diffs

Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
redis (5:6.0.6-1) unstable; urgency=medium

  * New upstream release.
    <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
  * Refresh patches.

 -- Chris Lamb <email address hidden>  Sat, 25 Jul 2020 16:05:56 +0100
Superseded in groovy-proposed 
redis (5:6.0.5-1) unstable; urgency=medium

  * New upstream release.
    <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>

 -- Chris Lamb <email address hidden>  Sat, 13 Jun 2020 10:48:30 +0100

Available diffs

Superseded in groovy-proposed 
redis (5:6.0.4-1) unstable; urgency=medium

  * New upstream release.
    <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>

 -- Chris Lamb <email address hidden>  Wed, 03 Jun 2020 10:28:58 +0100

Available diffs

Superseded in groovy-proposed 
redis (5:6.0.3-1) unstable; urgency=medium

  * New upstream release.
    <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>

 -- Chris Lamb <email address hidden>  Wed, 20 May 2020 11:53:47 +0100

Available diffs

Superseded in groovy-proposed 
redis (5:6.0.1-2) unstable; urgency=medium

  * Upload to unstable.

 -- Chris Lamb <email address hidden>  Sat, 16 May 2020 16:19:33 +0100

Available diffs

Superseded in groovy-proposed 
redis (5:6.0.0-2) unstable; urgency=medium

  * Mark 0004-redis-check-rdb as being flaky for now.
  * Wrap long changelog line.
  * Correct spelling mistake in autopkgtest comment.

 -- Chris Lamb <email address hidden>  Sun, 03 May 2020 12:04:50 +0100

Available diffs

Superseded in groovy-proposed 
redis (5:6.0.0-1) unstable; urgency=medium

  * New upstream "GA" release.
    <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
    - Drop 0002-Mark-extern-definition-of-SDS_NOINIT-in-sds.h.patch; merged upstream.
  * Upload to unstable.
    - Update debian/gbp.conf.

 -- Chris Lamb <email address hidden>  Sat, 02 May 2020 23:36:45 +0100

Available diffs

Superseded in groovy-proposed 
redis (5:5.0.7-7) unstable; urgency=medium

  * Add a sleep to ensure that the redis server has started before running the
    autopkgtests.

 -- Chris Lamb <email address hidden>  Thu, 23 Apr 2020 13:32:46 +0100
Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
redis (5:5.0.7-2) unstable; urgency=medium

  [ Christian Göttsche ]
  * Update systemd service to reflect new names, etc.
  * Create directories in postinst with correct SELinux context.

  [ Chris Lamb ]
  * Bump Standards-Version to 4.5.0.

  [ David Prévot ]
  * Update long description to remove duplicate information.

 -- Chris Lamb <email address hidden>  Fri, 07 Feb 2020 22:47:58 +0000

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
redis (5:5.0.7-1) unstable; urgency=medium

  * New upstream bugfix release.
    <https://groups.google.com/forum/#!topic/redis-db/LYBeXlUKU6c>
  * Bump Standards-Version to 4.4.1.
  * Run wrap-and-sort -sa.

 -- Chris Lamb <email address hidden>  Fri, 22 Nov 2019 20:46:19 -0500

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
redis (5:5.0.6-1) unstable; urgency=medium

  * New upstream release.
    <https://groups.google.com/forum/#!topic/redis-db/qTRdgyEbyYU>
  * Specify "Rules-Requires-Root: no">.

 -- Chris Lamb <email address hidden>  Fri, 27 Sep 2019 16:48:24 +0100
Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
redis (5:5.0.5-2build1) eoan; urgency=medium

  * No-change upload with strops.h and sys/strops.h removed in glibc.

 -- Matthias Klose <email address hidden>  Thu, 05 Sep 2019 11:08:13 +0000
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
redis (5:5.0.5-2) unstable; urgency=medium

  * Sourceful upload to unstable to ensure testing migration.
  * Bump Standards-Version to 4.4.0.
  * Don't build release tags in gitlab-ci.yml.

 -- Chris Lamb <email address hidden>  Sat, 20 Jul 2019 17:14:37 -0300

Available diffs

Published in bionic-updates
Published in bionic-security 
redis (5:4.0.9-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflows in Hyperloglog (Closes: #1836496)
    - debian/patches/CVE-2019-10192.patch: Fix hyperloglog corruption
    - CVE-2019-10192

 -- Julian Andres Klode <email address hidden>  Sun, 14 Jul 2019 21:20:08 +0200
Obsolete in disco-updates
Obsolete in disco-security 
redis (5:5.0.3-4ubuntu0.1) disco-security; urgency=high

  * SECURITY UPDATE: heap buffer overflows in Hyperloglog (Closes: #1836496)
    - debian/patches/CVE-2019-10192.patch: Fix hyperloglog corruption
    - CVE-2019-10192
  * SECURITY UPDATE: stack buffer overflow in Hyperloglog functionality
    - debian/patches/CVE-2019-10193.patch: enlarge reghisto variable for safety
    - CVE-2019-10193

 -- Julian Andres Klode <email address hidden>  Sun, 14 Jul 2019 21:05:06 +0200
Published in xenial-updates
Published in xenial-security 
redis (2:3.0.6-1ubuntu0.4) xenial-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflows in Hyperloglog (Closes: #1836496)
    - debian/patches/CVE-2019-10192.patch: Fix hyperloglog corruption
    - CVE-2019-10192

 -- Julian Andres Klode <email address hidden>  Sun, 14 Jul 2019 21:21:22 +0200
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
redis (5:5.0.5-1) unstable; urgency=medium

  * New upstream release.
    <https://groups.google.com/forum/#!topic/redis-db/jSAtf64lIW4>

 -- Chris Lamb <email address hidden>  Wed, 22 May 2019 10:03:21 +0100

Available diffs

Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
redis (5:5.0.4-1) unstable; urgency=medium

  * New upstream release.
    <https://groups.google.com/forum/#!topic/redis-db/aXusvS8da8g>

 -- Chris Lamb <email address hidden>  Mon, 18 Mar 2019 14:20:46 -0400

Available diffs

Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
redis (5:5.0.3-4) unstable; urgency=medium

  [ Helmut Grohne ]
  * Fix cross build failure by building the non-bundled Lua libraries via
    dh_auto_build. (Closes: #919682)

 -- Chris Lamb <email address hidden>  Sun, 20 Jan 2019 22:23:41 +0000
Superseded in disco-proposed 
redis (5:5.0.3-3) unstable; urgency=medium

  * Fix FTBFS on hurd-i386 by updating patch to aof.c to avoid MAXPATHLEN
    reference.
  * debian/control:
    - Add missing Pre-Depends on ${misc:Pre-Depends}.
    - Bump Standards-Version to 4.3.0.
  * Bump debhelper compat level to 12.

 -- Chris Lamb <email address hidden>  Tue, 01 Jan 2019 17:47:28 +0000

Available diffs

Superseded in disco-proposed 
redis (5:5.0.3-2) unstable; urgency=medium

  * Pass --no-as-needed to ensure linking to the Lua libraries on systems with
    --as-needed as the default. (Closes: #916831)

 -- Chris Lamb <email address hidden>  Fri, 21 Dec 2018 13:18:37 +0000

Available diffs

Superseded in disco-proposed 
redis (5:5.0.3-1) unstable; urgency=medium

  * New upstream release.
    - Drop 0009-Don-t-treat-unsupported-protocols-as-fatal-errors.patch as it
      was merged upstream.
    - Refresh all patches.

 -- Chris Lamb <email address hidden>  Tue, 18 Dec 2018 23:48:16 +0000

Available diffs

Superseded in xenial-updates
Superseded in xenial-security 
redis (2:3.0.6-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Tighten Permissions
    - Ensure /var/lib/redis and /var/log/redis are not world readable
    - Set UMask=007 in redis-server.service, redis-sentinel.server
    - Changes taken from Debian version 3:3.2.5-2
    - CVE-2016-2121

 -- Mike Salvatore <email address hidden>  Fri, 07 Dec 2018 11:02:30 -0500
Superseded in bionic-updates
Superseded in bionic-security 
redis (5:4.0.9-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2018-11218.patch: fix in
      deps/lua/src/lua_cmsgpack.c.
    - CVE-2018-11218
  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2018-11219-*.patch: fix in
      deps/lua/src/lua_struct.c.
    - CVE-2018-11219
  * SECURITY UPDATE: Buffer overflow in the redis-cli
    - debian/patches/CVE-2018-12326.patch: fix in
      redis-cli.c.
    - CVE-2018-12326

 -- Julian Andres Klode <email address hidden>  Thu, 29 Nov 2018 11:37:34 +0100
Superseded in disco-proposed 
redis (5:5.0.2-1) unstable; urgency=medium

  * New upstream release.

 -- Chris Lamb <email address hidden>  Sun, 25 Nov 2018 19:04:10 +0100

Available diffs

Superseded in disco-proposed 
redis (5:5.0.1-2) unstable; urgency=medium

  * Refresh patches.
  * Ensure that lack of IPv6 support does not prevent Redis from starting on
    Debian where we bind to the ::1 interface by default. (Closes: #900284,
    #914354)

 -- Chris Lamb <email address hidden>  Fri, 23 Nov 2018 18:03:53 +0100

Available diffs

Superseded in disco-proposed 
redis (5:5.0.1-1) unstable; urgency=medium

  * New upstream release.
  * Ensure that Debian-supplied Lua libraries are available using "require"
    during Lua scripting to prevent an issue where we could not use the (eg.)
    cjson library anymore library anymore. This was a regression introduced in
    5:5.0~rc4-3. Thanks to Nicolas Le Manchet <email address hidden> for the
    report and testcase. (Closes: #913185)
  * Refer to /run directly in .service files; /var/run is now merely a symlink
    pointing to /run and thus it is now considered best practice to use /run
    directly.
  * debian/rules:
    - Document why we run make in the deps/lua/src directory.
    - Add documentation for LUA_LIBS_{DEBIAN,BUNDLED}.
    - Call $(MAKE) instead of "make".
    - Re-order targets to match usual order.

 -- Chris Lamb <email address hidden>  Sun, 11 Nov 2018 20:09:51 +0100

Available diffs

Superseded in disco-proposed 
redis (5:5.0.0-2) unstable; urgency=medium

  * Update our patch to sentinel.conf to ensure the correct runtime PID file
    location. (Closes: #911407)
  * Listen on ::1 interfaces too for redis-sentinel to match redis-server.
  * Also run the new "LOLWUT" command in the redis-cli autopkgtest.

 -- Chris Lamb <email address hidden>  Fri, 19 Oct 2018 22:36:40 -0400
Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
redis (5:4.0.11-2) unstable; urgency=medium

  * Revert "Move to debhelper-compat (= 11) in Build-Depends." as dak will
    REJECT with "missing-build-dependency debhelper".

 -- Chris Lamb <email address hidden>  Mon, 06 Aug 2018 11:42:41 +0800
Superseded in cosmic-proposed 
redis (5:4.0.10-2) unstable; urgency=medium

  [ Daniel Shahaf ]
  * redis-benchmark(1): Fix default of -n argument. (Closes: #903044)

  [ Chris Lamb ]
  * Add CVE entries to (released) changelog entry.
  * Bump Standards-Version to 4.1.5.

 -- Chris Lamb <email address hidden>  Thu, 05 Jul 2018 22:14:45 +0200

Available diffs

Superseded in xenial-updates
Superseded in xenial-security 
redis (2:3.0.6-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Permissions issue
    - debian/patches/CVE-2013-7458.patch: fix in
      deps/linenoise/linenoise.c.
    - CVE-2013-7458
  * SECURITY UPDATE: Cross protocol scripting
    - debian/patches/CVE-2016-10517.patch: fix in
      src/redis.c, src/redis.h.
    - CVE-2016-10517
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-15047.patch: fix in
      src/cluster.c.
    - CVE-2017-15047
  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2018-11218.patch: fix in
      deps/lua/src/lua_cmsgpack.c.
    - CVE-2018-11218
  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2018-11219-*.patch: fix in
      deps/lua/src/lua_struct.c.
    - CVE-2018-11219
  * SECURITY UPDATE: Buffer overflow in the redis-cli
    - debian/patches/CVE-2018-12326.patch: fix in
      redis-cli.c.
    - CVE-2018-12326

 -- <email address hidden> (Leonidas S. Barbosa)  Tue, 26 Jun 2018 17:12:39 -0300
Published in trusty-updates
Published in trusty-security 
redis (2:2.8.4-2ubuntu0.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Permissions issue
    - debian/patches/CVE-2013-7458.patch: fix in
      deps/linenoise/linenoise.c.
    - CVE-2013-7458
  * SECURITY UPDATE: Arbitrary code execution
    - debian/patches/CVE-2015-4335.patch: fix in
      deps/lua/src/ldo.c.
    - CVE-2015-4335
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2015-8080.patch: fix in
      deps/lua/src/lua_struct.c.
    - CVE-2015-8080
  * SECURITY UPDATE: Cross protocol scripting
    - debian/patches/CVE-2016-10517.patch: fix in
      src/redis.c, src/redis.h.
    - CVE-2016-10517
  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2018-11218.patch: fix in
      deps/lua/src/lua_cmsgpack.c.
    - CVE-2018-11218
  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2018-11219-*.patch: fix in
      deps/lua/src/lua_struct.c.
    - CVE-2018-11219
  * SECURITY UPDATE: Buffer overflow in the redis-cli
    - debian/patches/CVE-2018-12326.patch: fix in
      redis-cli.c.
    - CVE-2018-12326

 -- <email address hidden> (Leonidas S. Barbosa)  Tue, 26 Jun 2018 15:50:43 -0300
Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
redis (5:4.0.10-1) unstable; urgency=medium

  * New upstream security release. See:
    <https://github.com/antirez/redis/issues/5017> for more information.
    (Closes: #901495)

 -- Chris Lamb <email address hidden>  Thu, 14 Jun 2018 08:37:09 +0200
Superseded in cosmic-proposed 
redis (5:4.0.9-4) unstable; urgency=medium

  * Update Vcs-* headers to point to salsa.debian.org.
  * Move to HTTPS Homepage URI.
  * wrap-and-sort -sa.

 -- Chris Lamb <email address hidden>  Sat, 09 Jun 2018 20:11:35 +0100

Available diffs

Superseded in cosmic-proposed 
redis (5:4.0.9-3) unstable; urgency=medium

  * Make /var/log/redis, etc. owned by root:adm, not root:root. Thanks to
    Thomas Goirand. (Closes: #900496)

 -- Chris Lamb <email address hidden>  Fri, 01 Jun 2018 08:56:48 +0100

Available diffs

Superseded in cosmic-proposed 
redis (5:4.0.9-2) unstable; urgency=medium

  * Ignore test failures on problematic archs.
  * Bump Standards-Version to 4.1.4.

 -- Chris Lamb <email address hidden>  Tue, 08 May 2018 23:08:36 -0700
Superseded in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
redis (5:4.0.9-1) unstable; urgency=medium

  * New upstream release.
  * Refresh all patches.

 -- Chris Lamb <email address hidden>  Mon, 02 Apr 2018 20:37:12 +0100

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
redis (5:4.0.8-2) unstable; urgency=medium

  * Also listen on ::1 for IPv6 by default. (Closes: #891432)

 -- Chris Lamb <email address hidden>  Sun, 25 Feb 2018 14:59:55 +0000

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
redis (5:4.0.8-1) unstable; urgency=medium

  * New upstream release.
    <https://groups.google.com/forum/#!topic/redis-db/FGplxMEGEMo>
  * Update lintian overrides after rename of
    debian-watch-may-check-gpg-signature →
    debian-watch-does-not-check-gpg-signature.
  * Drop "recursive" argument to chown in postinst script to prevent hardlink
    vulnerability.

 -- Chris Lamb <email address hidden>  Mon, 05 Feb 2018 17:09:44 +0000

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
redis (5:4.0.7-1) unstable; urgency=medium

  * New upstream release.
    <https://groups.google.com/forum/#!topic/redis-db/gngqHoh-kRM>
  * Refresh patches.

 -- Chris Lamb <email address hidden>  Wed, 24 Jan 2018 22:10:06 +1100
Superseded in bionic-proposed 
redis (5:4.0.6-5) unstable; urgency=medium

  * Update redis-sentinel's symlink to usr/bin/redis-check-rdb to match
    redis-server. This avoids a dangling symlink (and thus a broken package) if
    redis-server is not installed. (Closes: #884321)
  * Move to debhelper compat level 11.
    - Drop reference to --with=systemd - systemd-sequence is no longer provided
      in compat >= 11.
  * Use https URI for copyright format specification in debian/copyright.

 -- Chris Lamb <email address hidden>  Sat, 20 Jan 2018 11:21:11 +1100

Available diffs

Superseded in bionic-proposed 
redis (5:4.0.6-4) unstable; urgency=medium

  * Re-add procps to Build-Depends. (Closes: #887075)

 -- Chris Lamb <email address hidden>  Sat, 13 Jan 2018 19:01:56 +0530

Available diffs

Superseded in bionic-proposed 
redis (5:4.0.6-3) unstable; urgency=medium

  * Use --clients argument to runtest to force single-threaded operation over
    using taskset.
  * Bump Standards-Version to 4.1.3.

 -- Chris Lamb <email address hidden>  Sat, 13 Jan 2018 12:55:27 +0530

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
redis (5:4.0.6-2) unstable; urgency=medium

  * Replace redis-sentinel's main dependency with redis-tools from
    redis-server, necessarily moving the creating/deletion of the "redis" user
    and associated data and log directories to redis-tools. (Closes: #884321)
  * Add stub manpages for redis-sentinel, redis-check-aof and redis-check-rdb.
  * Bump Standards-Version to 4.1.2.

 -- Chris Lamb <email address hidden>  Thu, 14 Dec 2017 10:08:30 +0000

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
redis (5:4.0.6-1) unstable; urgency=medium

  * New upstream bugfix release.

 -- Chris Lamb <email address hidden>  Tue, 05 Dec 2017 13:00:47 +0000

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
redis (5:4.0.5-1) unstable; urgency=medium

  * New upstream release.
  * debian/control: Use "metapackage" over "meta-package".
  * debian/patches:
    - Drop 0008-CVE-2017-15047-Fix-buffer-overflows-occurring-readin.
    - Refresh.

 -- Chris Lamb <email address hidden>  Sat, 02 Dec 2017 18:54:58 +0000

Available diffs

175 of 170 results FirstPreviousLast