Release date:
2026-06-12 09:56:22 UTC
Description:
* SECURITY UPDATE: RESP protocol injection via Lua error_reply
- debian/patches/CVE-2025-67733.patch: sanitize CRLF in Lua error replies
by adding addReplyErrorSdsExSafe() and using it from luaCallFunction,
preventing injection of arbitrary data into the RESP response stream
- CVE-2025-67733
Updated packages:
-
redis7_7.0.15-1~trixie+tuxcare.els7_all.deb
sha:f2ed77ebeb4c06a6bff5babcb44f7f8b3c43baa5
-
redis7-sentinel_7.0.15-1~trixie+tuxcare.els7_amd64.deb
sha:5462fb0d9d2bc269468641c0a71f19b81e73c612
-
redis7-server_7.0.15-1~trixie+tuxcare.els7_amd64.deb
sha:f1b74a87f1e8f9db9160db53eb7f732dfb493453
-
redis7-tools_7.0.15-1~trixie+tuxcare.els7_amd64.deb
sha:745de6e02a9341b04fa8ef3349999e88b3caf92f
-
redis7_7.0.15-1~trixie+tuxcare.els7_all.deb
sha:f2ed77ebeb4c06a6bff5babcb44f7f8b3c43baa5
-
redis7-sentinel_7.0.15-1~trixie+tuxcare.els7_arm64.deb
sha:d75e30b073cd1acc37d073109d7ac372a726c9e1
-
redis7-server_7.0.15-1~trixie+tuxcare.els7_arm64.deb
sha:775b4664ade46122b4adf1399d07c5cd646a87c4
-
redis7-tools_7.0.15-1~trixie+tuxcare.els7_arm64.deb
sha:39be4dca53d124b4625f6ec8f0dd0dd2842654cc
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
