Subject: CVS commit: pkgsrc/databases/redis
From: Adam Ciarcinski
Date: 2023-01-17 12:05:57
Message id: 20230117110557.2A6CBFA90@cvs.NetBSD.org
Log Message:
redis: updated to 7.0.8

Redis 7.0.8 Released Mon Jan 16 12:00:00 IDT 2023

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2022-35977) Integer overflow in the Redis SETRANGE and SORT/SORT_RO
  commands can drive Redis to OOM panic
* (CVE-2023-22458) Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER
  commands can lead to denial-of-service

Bug Fixes
* Avoid possible hang when client issues long KEYS, SRANDMEMBER, HRANDFIELD,
  and ZRANDMEMBER commands and gets disconnected by client output buffer limit
* Make sure that fork child doesn't do incremental rehashing
* Fix a bug where blocking commands with a sub-second timeout would block forever
* Fix sentinel issue if replica changes IP
Files:
RevisionActionfile
1.77modifypkgsrc/databases/redis/Makefile
1.70modifypkgsrc/databases/redis/distinfo