Your message dated Tue, 16 Jul 2019 21:07:59 +0000 with message-id <e1hnug3-0007ov...@fasolo.debian.org> and subject line Bug#931625: fixed in redis 3:3.2.6-3+deb9u3 has caused the Debian Bug report #931625, regarding redis: CVE-2019-10192 CVE-2019-10193 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 931625: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931625 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: redis Version: 2:2.8.17-1+deb8u6 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for redis. CVE-2019-10192[0]: Heap buffer overflow CVE-2019-10193[1]: Stack buffer overflow If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-10192 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10192 [1] https://security-tracker.debian.org/tracker/CVE-2019-10193 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10193 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
--- End Message ---
--- Begin Message ---Source: redis Source-Version: 3:3.2.6-3+deb9u3 We believe that the bug you reported is fixed in the latest version of redis, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 931...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chris Lamb <la...@debian.org> (supplier of updated redis package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 10 Jul 2019 14:36:26 -0300 Source: redis Binary: redis-server redis-tools redis-sentinel Built-For-Profiles: nocheck Architecture: source amd64 Version: 3:3.2.6-3+deb9u3 Distribution: stretch-security Urgency: high Maintainer: Chris Lamb <la...@debian.org> Changed-By: Chris Lamb <la...@debian.org> Description: redis-sentinel - Persistent key-value database with network interface (monitoring) redis-server - Persistent key-value database with network interface redis-tools - Persistent key-value database with network interface (client) Closes: 931625 Changes: redis (3:3.2.6-3+deb9u3) stretch-security; urgency=high . * CVE-2019-10192: Fix two heap buffer overflows in the Hyperloglog functionality. (Closes: #931625) Checksums-Sha1: 55e44c7ad6f19fc0c18646322feee1e6250102d4 2013 redis_3.2.6-3+deb9u3.dsc 516157b5f32e5adc68e554802cd8a2190e659769 39316 redis_3.2.6-3+deb9u3.debian.tar.xz 2f2b3e13f6c5d2725ae8d4d530277f74c53d8fb7 18572 redis-sentinel_3.2.6-3+deb9u3_amd64.deb 8baadaadebe7cd5c7e7365146e98a86fbcbf3537 1038186 redis-server-dbgsym_3.2.6-3+deb9u3_amd64.deb 0c247844a9688a44a0bc8eed0a6e2213cbbc1d10 412558 redis-server_3.2.6-3+deb9u3_amd64.deb cc780ea1488f682678e7d3c486b02c6670f00a64 1255122 redis-tools-dbgsym_3.2.6-3+deb9u3_amd64.deb 6914b9cf4e16a437d7f88de00ad57019063cf6d4 462860 redis-tools_3.2.6-3+deb9u3_amd64.deb de499a6171f368472690315eb128a1c0ad845cd1 7225 redis_3.2.6-3+deb9u3_amd64.buildinfo Checksums-Sha256: b735a47e9d6072ab7e546410ebd33635b9cd7f1e425cd6b963c0b430da58869f 2013 redis_3.2.6-3+deb9u3.dsc ed65d86cf079ca3eab83768993687236c39e1827835e2f3bd9a8e5566da61be0 39316 redis_3.2.6-3+deb9u3.debian.tar.xz 6295bc67a0b2bf5f32c72451e4f8cd9d8d3f50150c2296cdd6475ff1ba8eb0be 18572 redis-sentinel_3.2.6-3+deb9u3_amd64.deb df91a69eb95596c3c560c77e601653ada505b244348bbd2f5c5d3185c012c6d2 1038186 redis-server-dbgsym_3.2.6-3+deb9u3_amd64.deb 59e1848a0392f73dac0fa8f8ae4a41f3f766de0635a81b09e12c6ddcbd53b428 412558 redis-server_3.2.6-3+deb9u3_amd64.deb 08cb80c63350931034fd4c8ae8175a1159a7fb2a890c464143199d3dc4b87e37 1255122 redis-tools-dbgsym_3.2.6-3+deb9u3_amd64.deb be525186a44e804415fd727e0c6f957d78fa8e3fd1f3709a10ce6b1477faafe1 462860 redis-tools_3.2.6-3+deb9u3_amd64.deb 016b0b554df88d46f5f139a89460f0e86c8d339296c2010787384741dff8292c 7225 redis_3.2.6-3+deb9u3_amd64.buildinfo Files: c5d38e049013538a0bf48877eda26b31 2013 database optional redis_3.2.6-3+deb9u3.dsc 430bdad4a829127f9661a58cbd9a3e44 39316 database optional redis_3.2.6-3+deb9u3.debian.tar.xz 0190dccb8526ca805a671b4f4095dff2 18572 database optional redis-sentinel_3.2.6-3+deb9u3_amd64.deb 350a7ed58bf918fa1c5183a606545a88 1038186 debug extra redis-server-dbgsym_3.2.6-3+deb9u3_amd64.deb bd4338ab87de2302f2dec6a30705b4e4 412558 database optional redis-server_3.2.6-3+deb9u3_amd64.deb bf57cd91d2cbbe9c694c7c0a77cec962 1255122 debug extra redis-tools-dbgsym_3.2.6-3+deb9u3_amd64.deb 2973363a4678baf0d6a80435bb087034 462860 database optional redis-tools_3.2.6-3+deb9u3_amd64.deb 27fddc2a17a87370d556fbbec6f2b20f 7225 database optional redis_3.2.6-3+deb9u3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl0mIr8ACgkQHpU+J9Qx HlgZmw/+L93I1MSojww4O1wv4aBBL9ucuQo86n78Xr2d5ia1MK6KkSpPZ39MXRug nB+Owl3X1WhyaZUTqgicbzlgZRcSjfQ/8P0p3RVQOFdIetx77M7IF9ahg0IUkn3k yEdoHHEMiY+Ec/jheC9EZdGKWgIhUn4gsddZjBCI6hGNU/0l+LOk4n2U6feMGahM OzKW1ti/52s7u/3va9VyJIcQz/yDcR76XZdWlA960xDUkLLKcxax2/6NjWlimoMr LMWhdlJlqlEqreIx6HhtTwqJjSR51sMJ8tjTv9Q/WBCPHXWqUILQKOtT6BMg4APD d2EhsDaTmtZBWfWMQVXVQ5NrWVTqSfGvB8Gxslr5zOi1YB4NAKFp8RVZnyaZ9h4q mH3mft+90nnUpPhY9eqAyYiMPnBwEY1yvcrv12oDJyCTTHmJlyjCtAwYEA9eL9b6 G/eKdmApYqO1PcaizNVL3i4UmIp5Q+u0SHw8HbP4IqrPw2kk5l3coh/SjJfg2UGV NT6XdflVD9vN2Xw8BaSXAjfIRzWdkcITd63Xwm9QUTycTNoYug/VZLp1iUXCNzz2 Oi2LqJrSWV2roYwa0R70xyN7oo3DiSb6RgYjCW0+P61s2PBF50LIwLIJqvwWCOBc jRMkf/8mSIXD8PItP0YrnzaO4x9vr7boh0vYU8EambLVZrZM8IE= =/w97 -----END PGP SIGNATURE-----
--- End Message ---
