Your message dated Sun, 03 Aug 2025 08:34:41 +0000
with message-id <[email protected]>
and subject line Bug#1108980: fixed in redict 7.3.5+ds-1
has caused the Debian Bug report #1108980,
regarding redict: CVE-2025-48367
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1108980: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108980
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: redict
Version: 7.3.2+ds-1
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://codeberg.org/redict/redict/issues/105
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for redict.
CVE-2025-48367[0]:
| Redis is an open source, in-memory database that persists on disk.
| An unauthenticated connection can cause repeated IP protocol errors,
| leading to client starvation and, ultimately, a denial of service.
| This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-48367
https://www.cve.org/CVERecord?id=CVE-2025-48367
[1] https://codeberg.org/redict/redict/issues/105
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: redict
Source-Version: 7.3.5+ds-1
Done: Maytham Alsudany <[email protected]>
We believe that the bug you reported is fixed in the latest version of
redict, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Maytham Alsudany <[email protected]> (supplier of updated redict package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 03 Aug 2025 14:22:26 +0800
Source: redict
Architecture: source
Version: 7.3.5+ds-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Redict Maintainers <[email protected]>
Changed-By: Maytham Alsudany <[email protected]>
Closes: 1104011 1106823 1107212 1108977 1108980
Changes:
redict (7.3.5+ds-1) unstable; urgency=medium
.
* New upstream version 7.3.5
* Contains fix for CVE-2025-21605 (Closes: #1104011)
* Contains fix for CVE-2025-48367 (Closes: #1108980)
* Contains fix for CVE-2025-32023 (Closes: #1108977)
* Add patch to fix CVE-2025-27151 (Closes: #1106823)
* Add patch to fix CVE-2025-49112 (Closes: #1107212)
Checksums-Sha1:
6138341b7d2c6ff45b17abe7dcef397900d2501e 2384 redict_7.3.5+ds-1.dsc
65fae549275ac2ab0cb71bc16b02d486a30b4463 1743040 redict_7.3.5+ds.orig.tar.xz
034a16a8c6c327203e8aafc3982c52c1a0d885a7 14512 redict_7.3.5+ds-1.debian.tar.xz
10112f15d248321d3ae962945119c216de27c7db 7666 redict_7.3.5+ds-1_amd64.buildinfo
Checksums-Sha256:
eebcc80f01622bd42431bbc1359746b433e06b44f243bf2665cbd7ac8006ed1c 2384
redict_7.3.5+ds-1.dsc
b47cac4b936de4bf14cb8109c5fa2c2a1a994d9c4a4ab7555989579521f0dbbb 1743040
redict_7.3.5+ds.orig.tar.xz
d426032c5ab28d9db8713369fad2858d663db890f203866782f14a5378289435 14512
redict_7.3.5+ds-1.debian.tar.xz
b2b04db1aea22db4ceedfba8179384de37b51e3e1e2ca9d8a59c099b1dfd5573 7666
redict_7.3.5+ds-1_amd64.buildinfo
Files:
60efd46d4ed94ae90752e1e1c1f92ee0 2384 database optional redict_7.3.5+ds-1.dsc
dbbda87619b1405560247ca3d1540b6c 1743040 database optional
redict_7.3.5+ds.orig.tar.xz
83abca8241cc6af512410e8131244422 14512 database optional
redict_7.3.5+ds-1.debian.tar.xz
477e973549588b0462346f34fa02472d 7666 database optional
redict_7.3.5+ds-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEESl/RzRFQh8wD3DXB1ZeJcgbF8H8FAmiPDz8ACgkQ1ZeJcgbF
8H+J4w/9EpO9A75Sxcmu4//Q9McHsi2xALLpSSjIMqF8QwLauDV3L9Ji9A7vNLay
viP7f6B9P7DiBidZoB4S8oxwbGDlQ8P9qH5Blm0JySqenmjwqOA5pwwG92HC+EVT
lDhbhuqVpBWtVyVwnG1USC66lj2gPG5b9yWNq+AxZWv4ZjNFV5XrCB9ytB4Xokx7
lspOPAAeJraUFNpdXjnD2WqE/AlDZQcYuWitGamCY0mk9vempacxmDsjONAilOrs
b4qUjtNZ/WY7/Ix4ll4Blm/xq1Gcof89NxJppmcUqXWl1y6clxPEV9qSjsm5LBx9
o7TriytZZMylgKfU4DofmYaIaijITHOkFmK2aVwVOxeKSEhG/FcdLKGDrbb2WPr+
N6W931eRvjn2QBZK6vlHa/hoA/s94M4vDHlQVMNCITagtF9KgK5aH9MzcBLQFjgN
2MHfOxpR8yMoFkQMPi8/T6x2Ck2ngUNtKFNitL2NsUpvP0RVb/Ur06xyB51q4U34
u/G64LStSeImV/fiGKx31vQNQdxkNgXKnWDH2Gu0+iRMRBF5pyvZK+tEh690kdJS
IHm606y80+qydAaR254GCm7F2eQTfDPV4c6aUJBj9gQZclB7QHJh67ZEd7YgrQxp
49LTZv/E3pV2i66PnxhkDUstvneU33HK03A7OIlUiaGmQAIUfLk=
=fg9O
-----END PGP SIGNATURE-----
pgpwzQSlxwDlt.pgp
Description: PGP signature
--- End Message ---
