Release date:
2026-06-12 10:01:41 UTC
Description:
* SECURITY UPDATE: RESP protocol injection via Lua error_reply
- debian/patches/CVE-2025-67733.patch: sanitize CRLF in Lua error replies
by adding addReplyErrorSdsExSafe() and using it from luaCallFunction,
preventing injection of arbitrary data into the RESP response stream
- CVE-2025-67733
Updated packages:
-
redis7_7.0.15-1~bookworm+tuxcare.els7_all.deb
sha:dea18e8b6f9ce8ba91e22d3e13f6224e5bccd4ae
-
redis7-sentinel_7.0.15-1~bookworm+tuxcare.els7_amd64.deb
sha:0dceef566416dae71c308ee853340c5a15b6cc78
-
redis7-server_7.0.15-1~bookworm+tuxcare.els7_amd64.deb
sha:befbab2315694b3fb898a0d1813a675d348be14f
-
redis7-tools_7.0.15-1~bookworm+tuxcare.els7_amd64.deb
sha:911b106dfd8eca7f438ca5a63ae14f5392ffe7ee
-
redis7_7.0.15-1~bookworm+tuxcare.els7_all.deb
sha:dea18e8b6f9ce8ba91e22d3e13f6224e5bccd4ae
-
redis7-sentinel_7.0.15-1~bookworm+tuxcare.els7_arm64.deb
sha:6efe590db941059bf33601d2da9b59d02529a9c3
-
redis7-server_7.0.15-1~bookworm+tuxcare.els7_arm64.deb
sha:5aa55ff3c253359c74265a9f87d6f7f2ffa085a9
-
redis7-tools_7.0.15-1~bookworm+tuxcare.els7_arm64.deb
sha:ee27095018a946dda2d2c87ab1d06b99fc091251
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
