* [meta-oe][PATCH] redis: upgrade to 6.2.4
@ 2021-06-30 21:58 Tony Tascioglu
0 siblings, 0 replies; only message in thread
From: Tony Tascioglu @ 2021-06-30 21:58 UTC (permalink / raw)
To: openembedded-devel; +Cc: randy.macleod, Tony Tascioglu
Upstream changelog:
Upgrade urgency: SECURITY, Contains fixes to security issues that affect
authenticated client connections. MODERATE otherwise.
Fix integer overflow in STRALGO LCS (CVE-2021-32625)
An integer overflow bug in Redis version 6.0 or newer can be exploited using the
STRALGO LCS command to corrupt the heap and potentially result with remote code
execution. This is a result of an incomplete fix by CVE-2021-29477.
Bug fixes that are only applicable to previous releases of Redis 6.2:
Fix crash after a diskless replication fork child is terminated (#8991)
Fix redis-benchmark crash on unsupported configs (#8916)
Other bug fixes:
Fix crash in UNLINK on a stream key with deleted consumer groups (#8932)
SINTERSTORE: Add missing keyspace del event when none of the sources exist (#8949)
Sentinel: Fix CONFIG SET of empty string sentinel-user/sentinel-pass configs (#8958)
Enforce client output buffer soft limit when no traffic (#8833)
Improvements:
Hide AUTH passwords in MIGRATE command from slowlog (#8859)
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
---
.../recipes-extended/redis/{redis_6.2.3.bb => redis_6.2.4.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta-oe/recipes-extended/redis/{redis_6.2.3.bb => redis_6.2.4.bb} (96%)
diff --git a/meta-oe/recipes-extended/redis/redis_6.2.3.bb b/meta-oe/recipes-extended/redis/redis_6.2.4.bb
similarity index 96%
rename from meta-oe/recipes-extended/redis/redis_6.2.3.bb
rename to meta-oe/recipes-extended/redis/redis_6.2.4.bb
index 67ac974de..35f34a27d 100644
--- a/meta-oe/recipes-extended/redis/redis_6.2.3.bb
+++ b/meta-oe/recipes-extended/redis/redis_6.2.4.bb
@@ -17,7 +17,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
file://GNU_SOURCE.patch \
file://0006-Define-correct-gregs-for-RISCV32.patch \
"
-SRC_URI[sha256sum] = "98ed7d532b5e9671f5df0825bb71f0f37483a16546364049384c63db8764512b"
+SRC_URI[sha256sum] = "ba32c406a10fc2c09426e2be2787d74ff204eb3a2e496d87cff76a476b6ae16e"
inherit autotools-brokensep update-rc.d systemd useradd
--
2.32.0
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-06-30 21:58 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-30 21:58 [meta-oe][PATCH] redis: upgrade to 6.2.4 Tony Tascioglu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.