-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4480-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff July 11, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : redis CVE ID : CVE-2019-10192 CVE-2019-10193 Multiple vulnerabilities were discovered in the HyperLogLog implementation of Redis, a persistent key-value database, which could result in denial of service or potentially the execution of arbitrary code. For the oldstable distribution (stretch), these problems have been fixed in version 3:3.2.6-3+deb9u3. For the stable distribution (buster), these problems have been fixed in version 5:5.0.3-4+deb10u1. We recommend that you upgrade your redis packages. For the detailed security status of redis please refer to its security tracker page at: https://security-tracker.debian.org/tracker/redis Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl0noEIACgkQEMKTtsN8 Tjb1uw/9FsbolfzHbh9/pjvfd2H2AWAMqenGUzI9y6Svy90Yki9tCMmwY2NSeVVK V29JXYuq2Is9YTUR33Qi6cjRXCSjv+T393/VRN779e+elaH9FLfiLjBmTf879dGV YNR6PrFysrCOLxJkuKm35XYPydXFJ65hsGSegtk1TcaUoKbGrH/n5lwJp8r7MvfW a1UklF2KHVOSfkt3SnF5NRK37nBpgCws9ACrxBgHDzeGORSHJoT3ubLRi7DZ0cu1 4HjOg7SeorW1ed/6I/BqcHnyL2hv+raim62gtoETaN8Vqd+0JS57tmRnmbr09czR HQl3QVjtA3woD0QHDDlo/4AlTJ9MJRp0dzd9XSlIf4Zl1RPtOP+lQtd+iuOIsIzY XqGVNK1lgfmHy2rWAFfgIm+4VHulggu0y40XWDb+1Me6Hmnw5CBJWlj1rzaFIGxG jCm0ZrwF6hYUbOMzD7ZRYIHjzhj2gPUe0JEiwQ64VWrwv9Nbm/0ochu49s1a96Wa WdOsBB5+xdPdDlIo5U/d/LgTDOO+pxv85iXs/ZSBbvTCQkHTyQsTG+tXjHfOeF6p EI8GaxaDm8FfL0kBbOYfK4aUSabPYetbZNIlbYdDDi7I2J5Y1hWMIrHHRDq3s9gY WubWC0ZJCCEzXpNiU6/XDGDnwWprkeRTkbudJeC5HaNY9nza3QQ= =3AfL -----END PGP SIGNATURE-----