Subject: CVS commit: pkgsrc/databases/redis
From: Adam Ciarcinski
Date: 2019-11-11 18:06:00
Message id: 20191111170600.F1A7AFA95@cvs.NetBSD.org

Log Message:
redis: updated to 5.0.6

Redis 5.0.6

Upgrade urgency CRITICAL: Only in case of exposed instances to untrusted users.

This Redis release, 5.0.6, is a bugfix and enhancement release. The most
important bugfix is a corruption related to the HyperLogLog. A malformed
HyperLogLog string could cause an invalid access to the memory. At a first
glance the vulnerability appears to be not exploitable but just a DoS. The
way to trigger the issue is complex, we'll not provide any information about
how to do that for the users safety.

Other significant changes in this release:
* New modules APIs merged from Redis unstable to Redis 5.
* Some memory optimization related to objects creation.
* Fixes to flushSlaveOutputBuffer() that make sure that SHUTDOWN will
  transfer pending buffers to replicas.

Files:
RevisionActionfile
1.46modifypkgsrc/databases/redis/Makefile
1.45modifypkgsrc/databases/redis/distinfo