Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-04-30 00:44:10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1538 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "redis"
Sat Apr 30 00:44:10 2022 rev:76 rq:973561 version:6.2.7
Changes:
--------
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-11-24
23:54:20.376505788 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.1538/redis.changes 2022-04-30
00:44:13.666883235 +0200
@@ -1,0 +2,20 @@
+Wed Apr 27 21:17:06 UTC 2022 - Andreas Stieger <andreas.stie...@gmx.de>
+
+- redis 6.2.7:
+ * CVE-2022-24736: An attacker attempting to load a specially
+ crafted Lua script can cause NULL pointer dereference which
+ will result with a crash of the redis-server process
+ (boo#1198953)
+ * CVE-2022-24735: By exploiting weaknesses in the Lua script
+ execution environment, an attacker with access to Redis can
+ inject Lua code that will execute with the (potentially higher)
+ privileges of another Redis user (boo#1198952)
+ * LPOP/RPOP with count against non-existing list return null array
+ * LPOP/RPOP used to produce wrong replies when count is 0
+ * Speed optimization in command execution pipeline
+ * Fix regression in Z[REV]RANGE commands (by-rank) introduced in
+ Redis 6.2
+ * Fix OpenSSL 3.0.x related issues
+ * Bug fixes
+
+-------------------------------------------------------------------
Old:
----
redis-6.2.6.tar.gz
New:
----
redis-6.2.7.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ redis.spec ++++++
--- /var/tmp/diff_new_pack.9zgb0d/_old 2022-04-30 00:44:14.622884064 +0200
+++ /var/tmp/diff_new_pack.9zgb0d/_new 2022-04-30 00:44:14.622884064 +0200
@@ -1,7 +1,7 @@
#
# spec file for package redis
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%define _log_dir %{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version: 6.2.6
+Version: 6.2.7
Release: 0
Summary: Persistent key-value database
License: BSD-3-Clause
++++++ redis-6.2.6.tar.gz -> redis-6.2.7.tar.gz ++++++
++++ 3604 lines of diff (skipped)
++++++ redis.hashes ++++++
--- /var/tmp/diff_new_pack.9zgb0d/_old 2022-04-30 00:44:15.126884502 +0200
+++ /var/tmp/diff_new_pack.9zgb0d/_new 2022-04-30 00:44:15.134884508 +0200
@@ -133,4 +133,9 @@
hash redis-5.0.14.tar.gz sha256
3ea5024766d983249e80d4aa9457c897a9f079957d0fb1f35682df233f997f32
http://download.redis.io/releases/redis-5.0.14.tar.gz
hash redis-6.0.16.tar.gz sha256
3639bbf29aca1a1670de1ab2ce224d6511c63969e7e590d3cdf8f7888184fa19
http://download.redis.io/releases/redis-6.0.16.tar.gz
hash redis-6.2.6.tar.gz sha256
5b2b8b7a50111ef395bf1c1d5be11e6e167ac018125055daa8b5c2317ae131ab
http://download.redis.io/releases/redis-6.2.6.tar.gz
+hash redis-7.0-rc1.tar.gz sha256
9bd57d3c9ebba9dbbd6cd14b0c263ce151b0044fb6620b556449c2d82e06ef3d
http://download.redis.io/releases/redis-7.0-rc1.tar.gz
+hash redis-7.0-rc2.tar.gz sha256
ee41f5a9f459b44baefbc021cf5096440f346f3c5fc8a1979a877a2f10603ca3
http://download.redis.io/releases/redis-7.0-rc2.tar.gz
+hash redis-7.0-rc3.tar.gz sha256
66b2ecc2e4b53c62940589434ea8af3a85546df131001680ed294028cd84ecdc
http://download.redis.io/releases/redis-7.0-rc3.tar.gz
+hash redis-6.2.7.tar.gz sha256
b7a79cc3b46d3c6eb52fa37dde34a4a60824079ebdfb3abfbbfa035947c55319
http://download.redis.io/releases/redis-6.2.7.tar.gz
+hash redis-7.0.0.tar.gz sha256
284d8bd1fd85d6a55a05ee4e7c31c31977ad56cbf344ed83790beeb148baa720
http://download.redis.io/releases/redis-7.0.0.tar.gz
