2024-03-25 16:20:14 by nikita | Files touched by this commit (1) |
Log message:
redis: extend comment on forks.
|
2024-03-24 01:32:41 by Greg Troxel | Files touched by this commit (1) | |
Log message:
databases/redis: Caution about license change
Caution that (probably, absent discussion) this should not be updated
to a proprietary license version. Add link to Free fork pointed out
by Vitaly Shevtsov on pkgsrc-users@.
|
2024-01-10 09:26:42 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
redis: updated to 7.2.4
Redis 7.2.4
Upgrade urgency SECURITY: See security fixes below.
Security fixes
* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
Bug fixes
* Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2
* Fix slot ownership not being properly handled when deleting a slot from a node
* Fix atomicity issues with the RedisModuleEvent_Key module API event
|
2023-11-01 21:04:30 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
redis: updated to 7.2.3
Redis 7.2.3
Upgrade urgency: HIGH, Fixes critical bugs affecting most users.
Bug fixes
* Fix file descriptor leak preventing deleted files from freeing disk space on
replicas
* Fix a possible crash after cluster node removal
|
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2023-10-18 11:39:50 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
redis: updated to 7.2.2
Redis 7.2.2
===========
Upgrade urgency SECURITY: See security fixes below.
Security fixes
==============
* (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
race condition that can be used by another process to bypass desired Unix
socket permissions on startup.
Platform / toolchain support related changes
=================================================
* Fix compilation error on MacOS 13
Bug fixes
=========
* WAITAOF could timeout in the absence of write traffic in case a new AOF is
created and an AOF rewrite can't immediately start
Redis cluster
=============
* Fix crash when running rebalance command in a mixed cluster of 7.0 and 7.2
nodes
* Fix the return type of the slot number in cluster shards to integer, which
makes it consistent with past behavior
* Fix CLUSTER commands are called from modules or scripts to return TLS info
appropriately
Changes in CLI tools
====================
* redis-cli, fix crash on reconnect when in SUBSCRIBE mode
Module API changes
==================
* Fix overflow calculation for next timer event
|
2023-10-06 09:27:44 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (7) |
Log message:
redis: Fix build on Darwin
pkgsrc changes:
---------------
* Fix building for macOS 13.5.2 by applying upstream patch:
https://github.com/redis/redis/issues/12585
* Use USE_CC_FEATURES to set c99 standard as recommanded by pkglint.
* Fix rc.d script for systems without /etc/rc.subr and using
pkgtools/rc.subr with SYSCONFBASE different from /etc.
* Bump revision.
|
2023-09-13 19:24:37 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
redis: updated to 7.2.1
Redis 7.2.1
Upgrade urgency SECURITY: See security fixes below.
Security Fixes
==============
* (CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and,
as a result, may grant users executing this command access to keys that are not
explicitly authorized by the ACL configuration.
Bug Fixes
=========
* Fix crashes when joining a node to an existing 7.0 Redis Cluster
* Correct request_policy and response_policy command tips on for some admin /
configuration commands
|
2023-08-23 07:25:39 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
redis: updated to 7.2.0
Redis 7.2.0 GA Released Mon Aug 15 12:00:00 IDT 2023
================================================================================
Upgrade urgency LOW: This is the first stable Release for Redis 7.2.
Bug Fixes
=========
* redis-cli in cluster mode handles `unknown-endpoint`
* Update request / response policy hints for a few commands
* Ensure that the function load timeout is disabled during loading from RDB/AOF \
and on replicas.
* Fix false success and a memory leak for ACL selector with bad parenthesis \
combination
* Fix the assertion when script timeout occurs after it signaled a blocked client
Fixes for issues in previous releases of Redis 7.2
--------------------------------------------------
* Update MONITOR client's memory correctly for INFO and client-eviction
* The response of cluster nodes was unnecessarily adding an extra comma when no
hostname was present.
|
2023-07-10 18:17:42 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
redis: updated to 7.0.12
Redis 7.0.12
Upgrade urgency SECURITY: See security fixes below.
Security Fixes:
* (CVE-2022-24834) A specially crafted Lua script executing in Redis can trigger
a heap overflow in the cjson and cmsgpack libraries, and result in heap
corruption and potentially remote code execution. The problem exists in all
versions of Redis with Lua scripting support, starting from 2.6, and affects
only authenticated and authorized users.
* (CVE-2023-36824) Extracting key names from a command and a list of arguments
may, in some cases, trigger a heap overflow and result in reading random heap
memory, heap corruption and potentially remote code execution. Specifically:
using COMMAND GETKEYS* and validation of key names in ACL rules.
Bug Fixes
* Re-enable downscale rehashing while there is a fork child
* Fix possible hang in HRANDFIELD, SRANDMEMBER, ZRANDMEMBER when used with \
`<count>`
* Improve fairness issue in RANDOMKEY, HRANDFIELD, SRANDMEMBER, ZRANDMEMBER, \
SPOP, and eviction
* Fix WAIT to be effective after a blocked module command being unblocked
* Avoid unnecessary full sync after master restart in a rare case
|