-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 13 May 2026 12:00:00 +0800 Source: redis Architecture: source Version: 5:7.0.15-1~deb12u7 Distribution: bookworm-security Urgency: high Maintainer: Chris Lamb Changed-By: Aron Xu Changes: redis (5:7.0.15-1~deb12u7) bookworm-security; urgency=high . * CVE-2025-67733: RESP protocol injection via Lua error_reply. A user could manipulate data read by a connection by injecting CR/LF sequences into a Redis error reply. 6910256443c7 ("Strip CRLF from error and simple string replies"). * CVE-2026-21863: Remote DoS with malformed Cluster bus message. A peer could send a crafted PING/PONG/MEET packet whose gossip count or ping-extension header exceeds the received packet length, causing out-of-bounds reads and a server crash. Checksums-Sha1: 8c5fbe91f7cb1e981267ea0c083d4fefa8293384 1960 redis_7.0.15-1~deb12u7.dsc 1fec4ec138faebe239bb066d1ca4b76adcc2313c 45456 redis_7.0.15-1~deb12u7.debian.tar.xz 5748793f8c933868e17ff255d2eb11b40fd11c5a 6102 redis_7.0.15-1~deb12u7_source.buildinfo Checksums-Sha256: 700c69619407c47eb51f015752bd3214256932f5e04a7f064a1fdef24c011319 1960 redis_7.0.15-1~deb12u7.dsc 1414177085364a374a89de565845dbb9798ef46c8a91a2726e4485a376b6b9ec 45456 redis_7.0.15-1~deb12u7.debian.tar.xz cc1675181845fac105c50969c3cee79fca72ae3ea0e477e357e9f500f27e89a9 6102 redis_7.0.15-1~deb12u7_source.buildinfo Files: 49087e4431138b82c37e1976d9e72420 1960 database optional redis_7.0.15-1~deb12u7.dsc b0451044c441f174a9d969f62c668666 45456 database optional redis_7.0.15-1~deb12u7.debian.tar.xz 447a38050423e1fe2460df8e1f0bd11d 6102 database optional redis_7.0.15-1~deb12u7_source.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEExq6D0hxncEPaPayX+GQ1dHE8m64FAmoEvGMACgkQ+GQ1dHE8 m66CvAf/eDJktQj3b0xtSt8wFK29Bfw9oMUZ7u0IJsDAZ8Y6PduBf+g4UA8pdh6O dcBVy7DTzg03Cj23oaI08ZryLJlYKc2ASXlhWmq36j7C/nAgaFJEld5smidQZKHm qShpRHba4Hmg7CSZtAukNQHI7triy9gNNIdEtg1AGUvjamG7JAomFa4POwFXoObP Sphoo5QTsf7WvkEyb5TXvCwDHYAAhNzyFyu55IYSE6xqqOQ6iyxtOQ7Bz+WY7bui yCQgm8vgT0TytwLosY89+77bVx1u5cjCg1mrQQS+OzP4+DRpjv7nXtutNKKr042i OI+fexuQiLBUhxjqArV/iPekGMNh3A== =t41v -----END PGP SIGNATURE-----