-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5081-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 18, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : redis CVE ID : CVE-2022-0543 Debian Bug : 1005787 Reginaldo Silva discovered a (Debian-specific) Lua sandbox escape in Redis, a persistent key-value database. For the oldstable distribution (buster), this problem has been fixed in version 5:5.0.14-1+deb10u2. For the stable distribution (bullseye), this problem has been fixed in version 5:6.0.16-1+deb11u2. We recommend that you upgrade your redis packages. For the detailed security status of redis please refer to its security tracker page at: https://security-tracker.debian.org/tracker/redis Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIP7GsACgkQEMKTtsN8 TjZKCQ/8DREEhcmRf7ZbW3VSDHNsACeCK8QD+ZqRojpKJ9yJZZRiCItcoHiR34+P WkQbVphIImYD/W/tGPNPIyaxfVKo+T+DcwoCu1MNIGu25vot52cvMi65MqtRKeks 3btiDGueHWhaCv/9shLqghOqL0/qsjh1wH4C4MMKNjQSjBNlrbrrkyrYYF9jUi2s JQrLnV6o2SU8b5kUtn11FrZmYLz5tlLMKa+ZmyOABQ8UGoDZwYnPXViHCOA5E9i1 BZDXM39HGZ0WllzZXgLzPwWNVGHbiySHRXq4pZAjwQSB92kmi6s2qSAlUnpTYaOa jWIVFAj6TlHtoLdP8AkCCbDLXGttPwOU3CkwVZ7HBuvVcyQKsD749Letk7jcvpX8 zqwiZbitZ2vf+4y/kd2cpVAHgYN9ET6FZC7GDbbnAV01LHboKVFRUu+GuelIjmO+ 7snvlB4CBR1meVruDBdGAPG/NtPPE/Bdaxx4xxNjlufSxu/AE6kRkdW8tLRNKolF +DTINQbXM1nIx/Xm9dJXnU7ZzF1vZUMZM8ZAl4rIxSA6BetaUxKB7dBhXACidDxR Qbf+xqFUCXFBUPpfL5TJ1TJMvVmyqVEf80hRr+cna5uuGpJpI0cugHeuh6aJcDIe htXpsGFf/xRDDEa5VXsE4B9LnCsFegM/Y97XlN4ojDRbURzyYcM= =E8bU -----END PGP SIGNATURE-----