commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2024-05-01 14:55:37
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1880 (New)
Package is "redis"
Wed May 1 14:55:37 2024 rev:95 rq:1170976 version:7.2.4
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2024-03-13
22:18:40.188473179 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.1880/redis.changes2024-05-01
14:55:51.796626197 +0200
@@ -1,0 +2,5 @@
+Sat Apr 27 22:00:24 UTC 2024 - ÐлÑÑ Ðндиго <13i...@gmail.com>
+
+- Fixed privileges of /run/redis directory (rpm -qlv redis | grep /run).
+
+---
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.XHhpfh/_old 2024-05-01 14:55:52.508652032 +0200
+++ /var/tmp/diff_new_pack.XHhpfh/_new 2024-05-01 14:55:52.508652032 +0200
@@ -177,5 +177,5 @@
%dir %attr(0750,%{name},%{name}) %{_data_dir}
%dir %attr(0750,%{name},%{name}) %{_data_dir}/default
%dir %attr(0750,%{name},%{name}) %{_log_dir}
-%ghost %dir /run/%{name}
+%ghost %dir %attr(0755,%{name},%{name}) /run/%{name}
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis for openSUSE:Factory checked in at 2024-03-13 22:17:47 Comparing /work/SRC/openSUSE:Factory/redis (Old) and /work/SRC/openSUSE:Factory/.redis.new.1770 (New) Package is "redis" Wed Mar 13 22:17:47 2024 rev:94 rq:1157013 version:7.2.4 Changes: --- /work/SRC/openSUSE:Factory/redis/redis.changes 2024-01-10 21:51:07.829643722 +0100 +++ /work/SRC/openSUSE:Factory/.redis.new.1770/redis.changes2024-03-13 22:18:40.188473179 +0100 @@ -1,0 +2,15 @@ +Fri Mar 1 10:12:43 UTC 2024 - Danilo Spinella + +- The following issue has been fixed in TW but has not been + mentioned before: + * bsc#1208235 + * bsc#1207448 +- The following patch was removed from SLE: + * bsc1198952.patch + * redis-CVE-2022-24834.patch + * redis-CVE-2022-36021.patch + * redis-CVE-2023-25155.patch + * redis-CVE-2023-45145.patch + * redis-CVE-2023-45145.patch + +--- Other differences: --
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2024-01-10 21:50:57
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.21961 (New)
Package is "redis"
Wed Jan 10 21:50:57 2024 rev:93 rq:1137732 version:7.2.4
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2023-11-05
12:19:19.714313876 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.21961/redis.changes 2024-01-10
21:51:07.829643722 +0100
@@ -1,0 +2,17 @@
+Tue Jan 9 13:02:41 UTC 2024 - Marcus Rueckert
+
+- redis 7.2.4: (boo#1218646)
+ - Security fixes
+- (CVE-2023-41056) In some cases, Redis may incorrectly handle
+ resizing of memory buffers which can result in incorrect
+ accounting of buffer sizes and lead to heap overflow and
+ potential remote code execution.
+ - Bug fixes
+- Fix crashes of cluster commands clusters with mixed versions
+ of 7.0 and 7.2 (#12805, #12832)
+- Fix slot ownership not being properly handled when deleting a
+ slot from a node (#12564)
+- Fix atomicity issues with the RedisModuleEvent_Key module API
+ event (#12733)
+
+---
Old:
redis-7.2.3.tar.gz
New:
redis-7.2.4.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.HSSY6Q/_old 2024-01-10 21:51:08.453666383 +0100
+++ /var/tmp/diff_new_pack.HSSY6Q/_new 2024-01-10 21:51:08.453666383 +0100
@@ -1,7 +1,7 @@
#
# spec file for package redis
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.2.3
+Version:7.2.4
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-7.2.3.tar.gz -> redis-7.2.4.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.2.3/00-RELEASENOTES
new/redis-7.2.4/00-RELEASENOTES
--- old/redis-7.2.3/00-RELEASENOTES 2023-11-01 13:38:13.0 +0100
+++ new/redis-7.2.4/00-RELEASENOTES 2024-01-09 12:51:49.0 +0100
@@ -13,6 +13,26 @@
+Redis 7.2.4Released Tue 09 Jan 2024 10:45:52 IST
+
+
+Upgrade urgency SECURITY: See security fixes below.
+
+Security fixes
+==
+* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of
memory
+ buffers which can result in incorrect accounting of buffer sizes and lead to
+ heap overflow and potential remote code execution.
+
+Bug fixes
+=
+
+* Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2
(#12805, #12832)
+* Fix slot ownership not being properly handled when deleting a slot from a
node (#12564)
+* Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)
+
+
+
Redis 7.2.3Released Wed 01 Nov 2023 12:00:00 IST
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.2.3/src/cluster.c
new/redis-7.2.4/src/cluster.c
--- old/redis-7.2.3/src/cluster.c 2023-11-01 13:38:13.0 +0100
+++ new/redis-7.2.4/src/cluster.c 2024-01-09 12:51:49.0 +0100
@@ -1687,6 +1687,7 @@
serverAssert(retval == DICT_OK);
memcpy(node->name, newname, CLUSTER_NAMELEN);
clusterAddNode(node);
+clusterAddNodeToShard(node->shard_id, node);
}
void clusterAddNodeToShard(const char *shard_id, clusterNode *node) {
@@ -2234,6 +2235,7 @@
node->tls_port = msg_tls_port;
node->cport = ntohs(g->cport);
clusterAddNode(node);
+clusterAddNodeToShard(node->shard_id, node);
}
}
@@ -2411,7 +2413,6 @@
}
clusterDelSlot(j);
clusterAddSlot(sender,j);
-bitmapClearBit(server.cluster->owner_not_claiming_slot, j);
clusterDoBeforeSleep(CLUSTER_TODO_SAVE_CONFIG|
CLUSTER_TODO_UPDATE_STATE|
CLUSTER_TODO_FSYNC_CONFIG);
@@ -26
commit redis++ for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis++ for openSUSE:Factory checked in at 2024-01-09 20:50:41 Comparing /work/SRC/openSUSE:Factory/redis++ (Old) and /work/SRC/openSUSE:Factory/.redis++.new.21961 (New) Package is "redis++" Tue Jan 9 20:50:41 2024 rev:9 rq:1137682 version:1.3.11 Changes: --- /work/SRC/openSUSE:Factory/redis++/redis++.changes 2023-08-28 17:12:33.106912124 +0200 +++ /work/SRC/openSUSE:Factory/.redis++.new.21961/redis++.changes 2024-01-09 20:50:57.327060579 +0100 @@ -1,0 +2,10 @@ +Tue Jan 9 08:37:34 UTC 2024 - Andrea Manzini + +- Update to 1.3.11: + * Fix redlock to make multiple threads be able to lock on the same RedMutex + * Asynchronously update slot-node mapping in some edge cases + * Use weak_ptr to avoid joining EvenLoop thread in itself + * Support setting connection name + * Support shard pub/sub + +--- Old: redis++-1.3.10.tar.gz New: redis++-1.3.11.tar.gz Other differences: -- ++ redis++.spec ++ --- /var/tmp/diff_new_pack.Tc8nFT/_old 2024-01-09 20:50:57.811078176 +0100 +++ /var/tmp/diff_new_pack.Tc8nFT/_new 2024-01-09 20:50:57.811078176 +0100 @@ -1,7 +1,7 @@ # # spec file for package redis++ # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define sover 1 Name: redis++ -Version:1.3.10 +Version:1.3.11 Release:0 Summary:C++ client for Redis License:Apache-2.0 ++ redis++-1.3.10.tar.gz -> redis++-1.3.11.tar.gz ++ 2209 lines of diff (skipped)
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2023-11-05 12:19:02
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.17445 (New)
Package is "redis"
Sun Nov 5 12:19:02 2023 rev:92 rq:1123282 version:7.2.3
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2023-10-24
20:07:42.263100512 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.17445/redis.changes 2023-11-05
12:19:19.714313876 +0100
@@ -1,0 +2,8 @@
+Fri Nov 3 23:44:05 UTC 2023 - Marcus Rueckert
+
+- redis 7.2.3:
+ - Fix file descriptor leak preventing deleted files from freeing
+disk space on replicas (#12693)
+ - Fix a possible crash after cluster node removal (#12702)
+
+---
Old:
redis-7.2.2.tar.gz
New:
redis-7.2.3.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.qGZ6Xn/_old 2023-11-05 12:19:20.370337942 +0100
+++ /var/tmp/diff_new_pack.qGZ6Xn/_new 2023-11-05 12:19:20.370337942 +0100
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.2.2
+Version:7.2.3
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-7.2.2.tar.gz -> redis-7.2.3.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.2.2/00-RELEASENOTES
new/redis-7.2.3/00-RELEASENOTES
--- old/redis-7.2.2/00-RELEASENOTES 2023-10-18 09:44:10.0 +0200
+++ new/redis-7.2.3/00-RELEASENOTES 2023-11-01 13:38:13.0 +0100
@@ -13,6 +13,20 @@
+Redis 7.2.3Released Wed 01 Nov 2023 12:00:00 IST
+
+
+Upgrade urgency: HIGH, Fixes critical bugs affecting most users.
+
+Bug fixes
+=
+
+* Fix file descriptor leak preventing deleted files from freeing disk space on
+ replicas (#12693)
+* Fix a possible crash after cluster node removal (#12702)
+
+
+
Redis 7.2.2Released Wed 18 Oct 2023 10:33:40 IDT
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.2.2/src/cluster.c
new/redis-7.2.3/src/cluster.c
--- old/redis-7.2.2/src/cluster.c 2023-10-18 09:44:10.0 +0200
+++ new/redis-7.2.3/src/cluster.c 2023-11-01 13:38:13.0 +0100
@@ -1134,6 +1134,9 @@
}
dictReleaseIterator(di);
+/* Empty the nodes blacklist. */
+dictEmpty(server.cluster->nodes_black_list, NULL);
+
/* Hard reset only: set epochs to 0, change node ID. */
if (hard) {
sds oldname;
@@ -2655,8 +2658,7 @@
clusterNode *n = clusterLookupNode(forgotten_node_ext->name,
CLUSTER_NAMELEN);
if (n && n != myself && !(nodeIsSlave(myself) && myself->slaveof
== n)) {
sds id = sdsnewlen(forgotten_node_ext->name, CLUSTER_NAMELEN);
-dictEntry *de = dictAddRaw(server.cluster->nodes_black_list,
id, NULL);
-serverAssert(de != NULL);
+dictEntry *de =
dictAddOrFind(server.cluster->nodes_black_list, id);
uint64_t expire = server.unixtime +
ntohu64(forgotten_node_ext->ttl);
dictSetUnsignedIntegerVal(de, expire);
clusterDelNode(n);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.2.2/src/replication.c
new/redis-7.2.3/src/replication.c
--- old/redis-7.2.2/src/replication.c 2023-10-18 09:44:10.0 +0200
+++ new/redis-7.2.3/src/replication.c 2023-11-01 13:38:13.0 +0100
@@ -2250,6 +2250,7 @@
}
zfree(server.repl_transfer_tmpfile);
+close(server.repl_transfer_fd);
server.repl_transfer_fd = -1;
server.repl_transfer_tmpfile = NULL;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.2.2/src/version.h
new/redis-7.2.3/src/version.h
--- old/redis-7.2.2/src/version.h 2023-10-18 09:44:10.0 +0200
+++ new/redis-7.2.3/src/version.h 2023-11-01 13:38:13.0 +0100
@@ -1,2 +1,2 @@
-#define REDIS_VERSION "7.2.2"
-#define REDIS_VERSION_NUM 0x00070202
+#define REDIS_VERSION "7.2.3"
+#define REDIS_VERSION_NUM 0x00070203
++ redis.hashes
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2023-10-24 20:07:38
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.24901 (New)
Package is "redis"
Tue Oct 24 20:07:38 2023 rev:91 rq:1119656 version:7.2.2
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2023-07-14
15:35:46.453982547 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.24901/redis.changes 2023-10-24
20:07:42.263100512 +0200
@@ -1,0 +2,53 @@
+Fri Oct 20 10:03:33 UTC 2023 - Danilo Spinella
+
+- redis 7.2.2:
+ * (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
+race condition that can be used by another process to bypass desired Unix
+socket permissions on startup, bsc#1216376
+ * WAITAOF could timeout in the absence of write traffic in case a new AOF is
+created and an AOF rewrite can't immediately start
+ * Fix crash when running rebalance command in a mixed cluster of 7.0 and 7.2
+nodes
+ * Fix the return type of the slot number in cluster shards to integer, which
+makes it consistent with past behavior
+ * Fix CLUSTER commands are called from modules or scripts to return TLS info
+appropriately
+redis-cli, fix crash on reconnect when in SUBSCRIBE mode
+ * Fix overflow calculation for next timer event
+
+---
+Thu Sep 7 14:31:26 UTC 2023 - Danilo Spinella
+
+- redis 7.2.1:
+ * (CVE-2023-41053) Redis does not correctly identify keys accessed by
SORT_RO and,
+as a result, may grant users executing this command access to keys that
are not
+explicitly authorized by the ACL configuration. (bsc#1215094)
+ * Fix crashes when joining a node to an existing 7.0 Redis Cluster
+ * Correct request_policy and response_policy command tips on for some admin /
+configuration commands
+- Refresh redis.hashes
+
+---
+Tue Aug 15 11:28:07 UTC 2023 - Marcus Rueckert
+
+- redis 7.2.0
+ - Bug Fixes
+- redis-cli in cluster mode handles unknown-endpoint (#12273)
+- Update request / response policy hints for a few commands
+ (#12417)
+- Ensure that the function load timeout is disabled during
+ loading from RDB/AOF and on replicas. (#12451)
+- Fix false success and a memory leak for ACL selector with bad
+ parenthesis combination (#12452)
+- Fix the assertion when script timeout occurs after it
+ signaled a blocked client (#12459)
+ - Fixes for issues in previous releases of Redis 7.2
+- Update MONITOR client's memory correctly for INFO and
+ client-eviction (#12420)
+- The response of cluster nodes was unnecessarily adding an
+ extra comma when no hostname was present. (#12411)
+- refreshed redis-conf.patch:
+- switch to autosetup now that we switched the last patch to patch
+ level 1
+
+---
Old:
redis-7.0.12.tar.gz
New:
redis-7.2.2.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.fjN6mX/_old 2023-10-24 20:07:43.031128434 +0200
+++ /var/tmp/diff_new_pack.fjN6mX/_new 2023-10-24 20:07:43.035128580 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.0.12
+Version:7.2.2
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
@@ -63,10 +63,7 @@
%prep
echo "`grep -F %{name}-%{version}.tar.gz %{SOURCE10} | cut -d' ' -f4`
%{SOURCE0}" | sha256sum -c
-%setup -q
-%patch0
-%patch3 -p1
-%patch4 -p1
+%autosetup -p1
%build
export HOST=OBS # for reproducible builds
++ redis-7.0.12.tar.gz -> redis-7.2.2.tar.gz ++
192631 lines of diff (skipped)
++ redis-conf.patch ++
--- /var/tmp/diff_new_pack.fjN6mX/_old 2023-10-24 20:07:43.747154466 +0200
+++ /var/tmp/diff_new_pack.fjN6mX/_new 2023-10-24 20:07:43.751154612 +0200
@@ -1,8 +1,8 @@
-Index: redis.conf
-===
redis.conf.orig
-+++ redis.conf
-@@ -244,7 +244,7 @@
+diff --git a/redis.conf b/redis.conf
+index 97f077b0d..6ba6b290e 100644
+--- a/redis.conf
b/redis.conf
+@@ -306,7 +306,7 @@ tcp-keepalive 300
# By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
# When Redis is supervised by upstart or systemd, this parameter has no
impact.
@@ -11,7 +11,7 @@
# If you run Redis from upstart or sys
commit redis++ for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis++ for openSUSE:Factory checked
in at 2023-08-28 17:12:32
Comparing /work/SRC/openSUSE:Factory/redis++ (Old)
and /work/SRC/openSUSE:Factory/.redis++.new.1766 (New)
Package is "redis++"
Mon Aug 28 17:12:32 2023 rev:8 rq:1105570 version:1.3.10
Changes:
--- /work/SRC/openSUSE:Factory/redis++/redis++.changes 2023-05-21
19:09:40.494766172 +0200
+++ /work/SRC/openSUSE:Factory/.redis++.new.1766/redis++.changes
2023-08-28 17:12:33.106912124 +0200
@@ -1,0 +2,18 @@
+Thu Aug 24 08:43:42 UTC 2023 - Martin Pluskal
+
+- Update URL
+
+---
+Sat Jul 29 21:11:47 UTC 2023 - Andreas Stieger
+
+- update to 1.3.10:
+ * Fix TLS support on async interface
+- update to 1.3.9:
+ * Fix async interface bug
+ * More built-in commands support for AsyncRedis
+ * Fix incorrect hiredis static lib dependency when building with
+TSL
+ * Breaking change: make HSET related methods return long long
+instead of bool
+
+---
Old:
1.3.8.tar.gz
New:
redis++-1.3.10.tar.gz
Other differences:
--
++ redis++.spec ++
--- /var/tmp/diff_new_pack.aTRv2O/_old 2023-08-28 17:12:34.050946026 +0200
+++ /var/tmp/diff_new_pack.aTRv2O/_new 2023-08-28 17:12:34.054946169 +0200
@@ -18,12 +18,12 @@
%define sover 1
Name: redis++
-Version:1.3.8
+Version:1.3.10
Release:0
Summary:C++ client for Redis
License:Apache-2.0
URL:https://github.com/sewenew/redis-plus-plus
-Source0:
https://github.com/sewenew/redis-plus-plus/archive/%{version}.tar.gz
+Source0:
https://github.com/sewenew/redis-plus-plus/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz
BuildRequires: c++_compiler
BuildRequires: cmake
BuildRequires: pkgconfig
@@ -53,7 +53,7 @@
libraries for redis-plus-plus.
%prep
-%autosetup -n redis-plus-plus-%{version} -p1
+%autosetup -n redis-plus-plus-%{version}
%build
sed -i -e '/DESTINATION.*/s/lib/%{_lib}/' CMakeLists.txt
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2023-07-14 15:35:43
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.3193 (New)
Package is "redis"
Fri Jul 14 15:35:43 2023 rev:90 rq:1098399 version:7.0.12
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2023-05-21
19:08:31.530372465 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.3193/redis.changes2023-07-14
15:35:46.453982547 +0200
@@ -1,0 +2,20 @@
+Wed Jul 12 14:10:43 UTC 2023 - Danilo Spinella
+
+- redis 7.0.12:
+ * (CVE-2022-24834) A specially crafted Lua script executing in Redis can
trigger
+a heap overflow in the cjson and cmsgpack libraries, and result in heap
+corruption and potentially remote code execution. The problem exists in all
+versions of Redis with Lua scripting support, starting from 2.6, and
affects
+only authenticated and authorized users. (bsc#1213193)
+ * (CVE-2023-36824) Extracting key names from a command and a list of
arguments
+may, in some cases, trigger a heap overflow and result in reading random
heap
+memory, heap corruption and potentially remote code execution.
Specifically:
+using COMMAND GETKEYS* and validation of key names in ACL rules.
(bsc#1213249)
+ * Re-enable downscale rehashing while there is a fork child
+ * Fix possible hang in HRANDFIELD, SRANDMEMBER, ZRANDMEMBER when used with
+ * Improve fairness issue in RANDOMKEY, HRANDFIELD, SRANDMEMBER, ZRANDMEMBER,
+SPOP, and eviction
+ * Fix WAIT to be effective after a blocked module command being unblocked
+ * Avoid unnecessary full sync after master restart in a rare case
+
+---
Old:
redis-7.0.11.tar.gz
New:
redis-7.0.12.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.ISj57q/_old 2023-07-14 15:35:47.125986456 +0200
+++ /var/tmp/diff_new_pack.ISj57q/_new 2023-07-14 15:35:47.129986479 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.0.11
+Version:7.0.12
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-7.0.11.tar.gz -> redis-7.0.12.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.0.11/00-RELEASENOTES
new/redis-7.0.12/00-RELEASENOTES
--- old/redis-7.0.11/00-RELEASENOTES2023-04-17 14:54:03.0 +0200
+++ new/redis-7.0.12/00-RELEASENOTES2023-07-10 13:39:42.0 +0200
@@ -13,6 +13,34 @@
+Redis 7.0.12 Released Mon July 10 12:00:00 IDT 2023
+
+
+Upgrade urgency SECURITY: See security fixes below.
+
+Security Fixes:
+* (CVE-2022-24834) A specially crafted Lua script executing in Redis can
trigger
+ a heap overflow in the cjson and cmsgpack libraries, and result in heap
+ corruption and potentially remote code execution. The problem exists in all
+ versions of Redis with Lua scripting support, starting from 2.6, and affects
+ only authenticated and authorized users.
+* (CVE-2023-36824) Extracting key names from a command and a list of arguments
+ may, in some cases, trigger a heap overflow and result in reading random heap
+ memory, heap corruption and potentially remote code execution. Specifically:
+ using COMMAND GETKEYS* and validation of key names in ACL rules.
+
+
+Bug Fixes
+=
+
+* Re-enable downscale rehashing while there is a fork child (#12276)
+* Fix possible hang in HRANDFIELD, SRANDMEMBER, ZRANDMEMBER when used with
`` (#12276)
+* Improve fairness issue in RANDOMKEY, HRANDFIELD, SRANDMEMBER, ZRANDMEMBER,
SPOP, and eviction (#12276)
+* Fix WAIT to be effective after a blocked module command being unblocked
(#12220)
+* Avoid unnecessary full sync after master restart in a rare case (#12088)
+
+
+
Redis 7.0.11 Released Mon Apr 17 16:00:00 IST 2023
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.0.11/deps/Makefile
new/redis-7.0.12/deps/Makefile
--- old/redis-7.0.11/deps/Makefile 2023-04-17 14:54:03.0 +0200
+++ new/redis-7.0.12/deps/Makefile 2023-07-10 13:39:42.0 +0200
@@ -3,6 +3,7 @@
uname_S:= $(shell sh -c
commit redis++ for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis++ for openSUSE:Factory checked
in at 2023-05-21 19:08:47
Comparing /work/SRC/openSUSE:Factory/redis++ (Old)
and /work/SRC/openSUSE:Factory/.redis++.new.1533 (New)
Package is "redis++"
Sun May 21 19:08:47 2023 rev:7 rq:1088073 version:1.3.8
Changes:
--- /work/SRC/openSUSE:Factory/redis++/redis++.changes 2023-04-02
19:18:39.312908884 +0200
+++ /work/SRC/openSUSE:Factory/.redis++.new.1533/redis++.changes
2023-05-21 19:09:40.494766172 +0200
@@ -1,0 +2,12 @@
+Sat May 20 06:30:47 UTC 2023 - Andreas Stieger
+
+- update to 1.3.8:
+ * Fix memory for async interface
+ * Support sending commands that have no keys, to Redis Cluster in
+async mode
+ * Support verify mode for TLS support, so we can skip certificate
+verification
+ * Support keepalive with customized interval
+- drop fix-missing-include.patch includes upstream
+
+---
Old:
1.3.7.tar.gz
fix-missing-include.patch
New:
1.3.8.tar.gz
Other differences:
--
++ redis++.spec ++
--- /var/tmp/diff_new_pack.uy7U4M/_old 2023-05-21 19:09:40.858768250 +0200
+++ /var/tmp/diff_new_pack.uy7U4M/_new 2023-05-21 19:09:40.862768273 +0200
@@ -18,13 +18,12 @@
%define sover 1
Name: redis++
-Version:1.3.7
+Version:1.3.8
Release:0
Summary:C++ client for Redis
License:Apache-2.0
URL:https://github.com/sewenew/redis-plus-plus
Source0:
https://github.com/sewenew/redis-plus-plus/archive/%{version}.tar.gz
-Patch0: fix-missing-include.patch
BuildRequires: c++_compiler
BuildRequires: cmake
BuildRequires: pkgconfig
@@ -70,6 +69,9 @@
%install
%cmake_install
+%check
+%ctest
+
%post -n lib%{name}%{sover} -p /sbin/ldconfig
%postun -n lib%{name}%{sover} -p /sbin/ldconfig
++ 1.3.7.tar.gz -> 1.3.8.tar.gz ++
2412 lines of diff (skipped)
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis for openSUSE:Factory checked in at 2023-05-21 19:08:15 Comparing /work/SRC/openSUSE:Factory/redis (Old) and /work/SRC/openSUSE:Factory/.redis.new.1533 (New) Package is "redis" Sun May 21 19:08:15 2023 rev:89 rq:1087948 version:7.0.11 Changes: --- /work/SRC/openSUSE:Factory/redis/redis.changes 2023-04-20 15:14:11.557879533 +0200 +++ /work/SRC/openSUSE:Factory/.redis.new.1533/redis.changes2023-05-21 19:08:31.530372465 +0200 @@ -1,0 +2,5 @@ +Fri May 19 11:23:43 UTC 2023 - Jiri Srain + +- refresh redis-hashes from upstream source + +--- Other differences: -- ++ redis.hashes ++ --- /var/tmp/diff_new_pack.KEldZK/_old 2023-05-21 19:08:32.238376508 +0200 +++ /var/tmp/diff_new_pack.KEldZK/_new 2023-05-21 19:08:32.242376530 +0200 @@ -154,7 +154,9 @@ hash redis-6.2.11.tar.gz sha256 8c75fb9cdd01849e92c23f30cb7fe205ea0032a38d11d46af191014e9acc3098 http://download.redis.io/releases/redis-6.2.11.tar.gz hash redis-7.0.9.tar.gz sha256 f77135c2a47c9151d4028bfea3b34470ab4d324d1484f79a84c6f32a3cfb9f65 http://download.redis.io/releases/redis-7.0.9.tar.gz hash redis-7.0.10.tar.gz sha256 1dee4c6487341cae7bd6432ff7590906522215a061fdef87c7d040a0cb600131 http://download.redis.io/releases/redis-7.0.10.tar.gz +hash redis-7.2-rc1.tar.gz sha256 b49844a5434bf1cefebc3951dfed1f09172fcdfe82ad4ef7284f6bbe5956f5ea http://download.redis.io/releases/redis-7.2-rc1.tar.gz hash redis-7.0.11.tar.gz sha256 ce250d1fba042c613de38a15d40889b78f7cb6d5461a27e35017ba39b07221e3 http://download.redis.io/releases/redis-7.0.11.tar.gz hash redis-6.2.12.tar.gz sha256 75352eef41e97e84bfa94292cbac79e5add5345fc79787df5cbdff703353fb1b http://download.redis.io/releases/redis-6.2.12.tar.gz hash redis-6.0.19.tar.gz sha256 55e26318c3d9c53a77a6e802f60524af057a2e965cebcf781a0a72f0e3e6 http://download.redis.io/releases/redis-6.0.19.tar.gz +hash redis-7.2-rc2.tar.gz sha256 4e075e79ad18f16c41e18b14ab60e1edfdb6633907fe9a39a34c62f4a758740b http://download.redis.io/releases/redis-7.2-rc2.tar.gz
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2023-04-20 15:13:38
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.2023 (New)
Package is "redis"
Thu Apr 20 15:13:38 2023 rev:88 rq:1080241 version:7.0.11
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2023-03-03
22:24:37.882560977 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.2023/redis.changes2023-04-20
15:14:11.557879533 +0200
@@ -1,0 +2,63 @@
+Mon Apr 17 17:14:26 UTC 2023 - Marcus Rueckert
+
+- redis 7.0.11
+ - (CVE-2023-28856) Authenticated users can use the HINCRBYFLOAT
+command to create an invalid hash field that will crash Redis
+on access (boo#1210548)
+ - Add a missing fsync of AOF file in rare cases
+ - Disconnect pub-sub subscribers when revoking allchannels
+permission
+ - Fix a compiler fortification induced crash when used with link
+time optimizations
+- Drop get-old-size-calculations.patch:
+ replaced with proper fix
+
+---
+Fri Mar 24 19:18:24 UTC 2023 - Marcus Rueckert
+
+- Added get-old-size-calculations.patch:
+ my workaround for https://github.com/redis/redis/issues/11965
+
+---
+Mon Mar 20 21:22:02 UTC 2023 - Andreas Stieger
+
+- redis 7.0.10
+ * CVE-2023-28425: Specially crafted MSETNX command can lead to
+assertion and denial-of-service (boo#1209528)
+ * Large blocks of replica client output buffer may lead to psync
+loops and unnecessary memory usage
+ * Fix CLIENT REPLY OFF|SKIP to not silence push notifications
+ * Trim excessive memory usage in stream nodes when exceeding
+`stream-node-max-bytes`
+ * Fix module RM_Call commands failing with OOM when maxmemory is
+changed to zero
+
+---
+Mon Mar 20 21:16:24 UTC 2023 - Andreas Stieger
+
+- redis 7.0.9
+ * CVE-2023-25155: Specially crafted SRANDMEMBER, ZRANDMEMBER, and
+HRANDFIELD commands can trigger an integer overflow, resulting
+in a runtime assertion and termination of the Redis server
+process. Previously patched, drop
+Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
+ * CVE-2022-36021: String matching commands (like SCAN or KEYS)
+with a specially crafted pattern to trigger a denial-of-service
+attack on Redis, causing it to hang and consume 100% CPU time.
+Previously upatched, drop
+String-pattern-matching-had-exponential-time-complex.patch
+ * Fix a crash when reaching the maximum invalidations limit of
+client-side tracking
+ * Fix a crash when SPUBLISH is used after passing the
+cluster-link-sendbuf-limit
+ * Fix possible memory corruption in FLUSHALL when a client
+watches more than one key
+ * Fix cluster inbound link keepalive time
+ * Flush propagation list in active-expire of writable replicas to
+fix an assertion
+ * Avoid propagating DEL of lazy expire from SCAN and RANDOMKEY as
+MULTI-EXEC
+ * Avoid realloc to reduce size of strings when it is unneeded
+ * Improve CLUSTER SLOTS reply efficiency for non-continuous slots
+
+---
Old:
Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
String-pattern-matching-had-exponential-time-complex.patch
redis-7.0.8.tar.gz
New:
redis-7.0.11.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.tUQoDn/_old 2023-04-20 15:14:12.229882615 +0200
+++ /var/tmp/diff_new_pack.tUQoDn/_new 2023-04-20 15:14:12.237882651 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.0.8
+Version:7.0.11
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
@@ -40,10 +40,6 @@
Patch0: %{name}-conf.patch
Patch3: reproducible.patch
Patch4: ppc-atomic.patch
-# PATCH-FIX-UPSTREAM -- based on commit 0825552 (bsc#1208790 CVE-2022-36021)
-Patch5: String-pattern-matching-had-exponential-time-complex.patch
-# PATCH-FIX-UPSTREAM -- based on commit 2a2a582 (bsc#1208793 CVE-2023-25155)
-Patch6: Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
BuildRequires: jemalloc-devel
BuildRequires: libopenssl-devel >= 1.1.1
BuildRequires: pkgconfig
@@ -71,8 +67,6 @@
%patch0
%patch3 -p1
%patch4 -p1
-%patch5 -p1
-%patch6 -p1
%build
export HOST=OBS # for reproducible builds
++ redis-7.0.8.tar.gz -> redis-7.0.11.ta
commit redis++ for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis++ for openSUSE:Factory checked
in at 2023-04-02 19:18:37
Comparing /work/SRC/openSUSE:Factory/redis++ (Old)
and /work/SRC/openSUSE:Factory/.redis++.new.9019 (New)
Package is "redis++"
Sun Apr 2 19:18:37 2023 rev:6 rq:1076718 version:1.3.7
Changes:
--- /work/SRC/openSUSE:Factory/redis++/redis++.changes 2023-01-31
16:20:32.149716078 +0100
+++ /work/SRC/openSUSE:Factory/.redis++.new.9019/redis++.changes
2023-04-02 19:18:39.312908884 +0200
@@ -1,0 +2,6 @@
+Sat Apr 1 14:07:50 UTC 2023 - Bjørn Lie
+
+- Add fix-missing-include.patch: Fix missing include exposed by gcc
+ 13.
+
+---
New:
fix-missing-include.patch
Other differences:
--
++ redis++.spec ++
--- /var/tmp/diff_new_pack.PEQz1p/_old 2023-04-02 19:18:39.744911053 +0200
+++ /var/tmp/diff_new_pack.PEQz1p/_new 2023-04-02 19:18:39.752911093 +0200
@@ -24,6 +24,7 @@
License:Apache-2.0
URL:https://github.com/sewenew/redis-plus-plus
Source0:
https://github.com/sewenew/redis-plus-plus/archive/%{version}.tar.gz
+Patch0: fix-missing-include.patch
BuildRequires: c++_compiler
BuildRequires: cmake
BuildRequires: pkgconfig
@@ -53,7 +54,7 @@
libraries for redis-plus-plus.
%prep
-%autosetup -n redis-plus-plus-%{version}
+%autosetup -n redis-plus-plus-%{version} -p1
%build
sed -i -e '/DESTINATION.*/s/lib/%{_lib}/' CMakeLists.txt
++ fix-missing-include.patch ++
diff -Nur redis-plus-plus-1.3.7-orig/src/sw/redis++/utils.h
redis-plus-plus-1.3.7/src/sw/redis++/utils.h
--- redis-plus-plus-1.3.7-orig/src/sw/redis++/utils.h 2023-01-01
12:57:43.0 +0100
+++ redis-plus-plus-1.3.7/src/sw/redis++/utils.h2023-04-01
16:06:30.739756975 +0200
@@ -21,6 +21,7 @@
#include
#include
#include "cxx_utils.h"
+#include
namespace sw {
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2023-03-03 22:24:30
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.31432 (New)
Package is "redis"
Fri Mar 3 22:24:30 2023 rev:87 rq:1068706 version:7.0.8
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2023-01-18
13:08:20.743969982 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.31432/redis.changes 2023-03-03
22:24:37.882560977 +0100
@@ -1,0 +2,8 @@
+Wed Mar 1 16:29:28 UTC 2023 - Valentin Lefebvre
+
+- Fix CVE-2022-36021 (bsc#1208790 CVE-2022-36021)
+ * String-pattern-matching-had-exponential-time-complex.patch
+- Fix CVE-2023-25155 (bsc#1208793 CVE-2023-25155)
+ * Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
+
+---
New:
Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
String-pattern-matching-had-exponential-time-complex.patch
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.VdgY3q/_old 2023-03-03 22:24:38.662563941 +0100
+++ /var/tmp/diff_new_pack.VdgY3q/_new 2023-03-03 22:24:38.670563971 +0100
@@ -40,6 +40,10 @@
Patch0: %{name}-conf.patch
Patch3: reproducible.patch
Patch4: ppc-atomic.patch
+# PATCH-FIX-UPSTREAM -- based on commit 0825552 (bsc#1208790 CVE-2022-36021)
+Patch5: String-pattern-matching-had-exponential-time-complex.patch
+# PATCH-FIX-UPSTREAM -- based on commit 2a2a582 (bsc#1208793 CVE-2023-25155)
+Patch6: Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
BuildRequires: jemalloc-devel
BuildRequires: libopenssl-devel >= 1.1.1
BuildRequires: pkgconfig
@@ -67,6 +71,8 @@
%patch0
%patch3 -p1
%patch4 -p1
+%patch5 -p1
+%patch6 -p1
%build
export HOST=OBS # for reproducible builds
++ Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch ++
>From 2a2a582e7cd99ba3b531336b8bd41df2b566e619 Mon Sep 17 00:00:00 2001
From: Oran Agra
Date: Tue, 21 Feb 2023 15:16:13 +0200
Subject: [PATCH] Integer Overflow in RAND commands can lead to assertion
(CVE-2023-25155)
Issue happens when passing a negative long value that greater than
the max positive value that the long can store.
---
src/t_hash.c | 4 ++--
src/t_set.c | 2 +-
src/t_zset.c | 4 ++--
tests/unit/type/hash.tcl | 2 ++
tests/unit/type/set.tcl | 5 +
tests/unit/type/zset.tcl | 2 ++
6 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/src/t_hash.c b/src/t_hash.c
index 754315080..f4ddccc62 100644
--- a/src/t_hash.c
+++ b/src/t_hash.c
@@ -1120,13 +1120,13 @@ void hrandfieldCommand(client *c) {
listpackEntry ele;
if (c->argc >= 3) {
-if (getLongFromObjectOrReply(c,c->argv[2],&l,NULL) != C_OK) return;
+if
(getRangeLongFromObjectOrReply(c,c->argv[2],-LONG_MAX,LONG_MAX,&l,NULL) !=
C_OK) return;
if (c->argc > 4 || (c->argc == 4 &&
strcasecmp(c->argv[3]->ptr,"withvalues"))) {
addReplyErrorObject(c,shared.syntaxerr);
return;
} else if (c->argc == 4) {
withvalues = 1;
-if (l < LONG_MIN/2 || l > LONG_MAX/2) {
+if (l < -LONG_MAX/2 || l > LONG_MAX/2) {
addReplyError(c,"value is out of range");
return;
}
diff --git a/src/t_set.c b/src/t_set.c
index b01729f0a..dff66d052 100644
--- a/src/t_set.c
+++ b/src/t_set.c
@@ -665,7 +665,7 @@ void srandmemberWithCountCommand(client *c) {
dict *d;
-if (getLongFromObjectOrReply(c,c->argv[2],&l,NULL) != C_OK) return;
+if (getRangeLongFromObjectOrReply(c,c->argv[2],-LONG_MAX,LONG_MAX,&l,NULL)
!= C_OK) return;
if (l >= 0) {
count = (unsigned long) l;
} else {
diff --git a/src/t_zset.c b/src/t_zset.c
index 3cd2d2438..a9b5031ea 100644
--- a/src/t_zset.c
+++ b/src/t_zset.c
@@ -4289,13 +4289,13 @@ void zrandmemberCommand(client *c) {
listpackEntry ele;
if (c->argc >= 3) {
-if (getLongFromObjectOrReply(c,c->argv[2],&l,NULL) != C_OK) return;
+if
(getRangeLongFromObjectOrReply(c,c->argv[2],-LONG_MAX,LONG_MAX,&l,NULL) !=
C_OK) return;
if (c->argc > 4 || (c->argc == 4 &&
strcasecmp(c->argv[3]->ptr,"withscores"))) {
addReplyErrorObject(c,shared.syntaxerr);
return;
} else if (c->argc == 4) {
withscores = 1;
-if (l < LONG_MIN/2 || l > LONG_MAX/2) {
+if (l < -LONG_MAX/2 || l > LONG_MAX/2) {
addReplyError(c,"value is out of range");
return;
}
diff --git a/tests/unit/type/hash.tcl b/tests/u
commit redis++ for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis++ for openSUSE:Factory checked in at 2023-01-31 16:09:51 Comparing /work/SRC/openSUSE:Factory/redis++ (Old) and /work/SRC/openSUSE:Factory/.redis++.new.32243 (New) Package is "redis++" Tue Jan 31 16:09:51 2023 rev:5 rq:1062182 version:1.3.7 Changes: --- /work/SRC/openSUSE:Factory/redis++/redis++.changes 2022-10-26 16:08:41.606029521 +0200 +++ /work/SRC/openSUSE:Factory/.redis++.new.32243/redis++.changes 2023-01-31 16:20:32.149716078 +0100 @@ -1,0 +2,11 @@ +Sat Jan 28 16:21:01 UTC 2023 - Dirk Müller + +- update to 1.3.7: + * Optimize connection creation + * ACL and RESP3 support for sentinel + * Async interface bug fixes + * Better error message for sentinel + * Better URI support + * RESP3 bug fix + +--- Old: 1.3.6.tar.gz New: 1.3.7.tar.gz Other differences: -- ++ redis++.spec ++ --- /var/tmp/diff_new_pack.cybMCy/_old 2023-01-31 16:20:32.557718535 +0100 +++ /var/tmp/diff_new_pack.cybMCy/_new 2023-01-31 16:20:32.561718560 +0100 @@ -1,7 +1,7 @@ # # spec file for package redis++ # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define sover 1 Name: redis++ -Version:1.3.6 +Version:1.3.7 Release:0 Summary:C++ client for Redis License:Apache-2.0 ++ 1.3.6.tar.gz -> 1.3.7.tar.gz ++ 2514 lines of diff (skipped)
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2023-01-18 13:08:16
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.32243 (New)
Package is "redis"
Wed Jan 18 13:08:16 2023 rev:86 rq:1058816 version:7.0.8
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-12-20
20:20:04.621743431 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.32243/redis.changes 2023-01-18
13:08:20.743969982 +0100
@@ -1,0 +2,16 @@
+Mon Jan 16 21:00:00 UTC 2023 - Andreas Stieger
+
+- redis 7.0.8
+ * CVE-2022-35977: Integer overflow in the Redis SETRANGE and
+SORT/SORT_RO commands can drive Redis to OOM panic boo#1207202
+ * CVE-2023-22458: Integer overflow in the Redis HRANDFIELD and
+ZRANDMEMBER commands can lead to denial-of-service boo#1207203
+ * Avoid possible hang when client issues long KEYS, SRANDMEMBER,
+HRANDFIELD, and ZRANDMEMBER commands and gets disconnected by
+client output buffer limit
+ * Make sure that fork child doesn't do incremental rehashing
+ * Fix a bug where blocking commands with a sub-second timeout
+would block forever
+ * Fix sentinel issue if replica changes IP
+
+---
Old:
redis-7.0.7.tar.gz
New:
redis-7.0.8.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.xenD8V/_old 2023-01-18 13:08:21.831975818 +0100
+++ /var/tmp/diff_new_pack.xenD8V/_new 2023-01-18 13:08:21.835975839 +0100
@@ -1,7 +1,7 @@
#
# spec file for package redis
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.0.7
+Version:7.0.8
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-7.0.7.tar.gz -> redis-7.0.8.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.0.7/00-RELEASENOTES
new/redis-7.0.8/00-RELEASENOTES
--- old/redis-7.0.7/00-RELEASENOTES 2022-12-16 11:52:57.0 +0100
+++ new/redis-7.0.8/00-RELEASENOTES 2023-01-16 17:40:35.0 +0100
@@ -12,6 +12,27 @@
+Redis 7.0.8 Released Mon Jan 16 12:00:00 IDT 2023
+
+
+Upgrade urgency: SECURITY, contains fixes to security issues.
+
+Security Fixes:
+* (CVE-2022-35977) Integer overflow in the Redis SETRANGE and SORT/SORT_RO
+ commands can drive Redis to OOM panic
+* (CVE-2023-22458) Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER
+ commands can lead to denial-of-service
+
+Bug Fixes
+=
+
+* Avoid possible hang when client issues long KEYS, SRANDMEMBER, HRANDFIELD,
+ and ZRANDMEMBER commands and gets disconnected by client output buffer limit
(#11676)
+* Make sure that fork child doesn't do incremental rehashing (#11692)
+* Fix a bug where blocking commands with a sub-second timeout would block
forever (#11688)
+* Fix sentinel issue if replica changes IP (#11590)
+
+
Redis 7.0.7 Released Fri Dec 16 12:00:00 IST 2022
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.0.7/src/commands/xsetid.json
new/redis-7.0.8/src/commands/xsetid.json
--- old/redis-7.0.7/src/commands/xsetid.json2022-12-16 11:52:57.0
+0100
+++ new/redis-7.0.8/src/commands/xsetid.json2023-01-16 17:40:35.0
+0100
@@ -54,13 +54,15 @@
"name": "entries_added",
"token": "ENTRIESADDED",
"type": "integer",
-"optional": true
+"optional": true,
+"since": "7.0.0"
},
{
"name": "max_deleted_entry_id",
"token": "MAXDELETEDID",
"type": "string",
-"optional": true
+"optional": true,
+"since": "7.0.0"
}
]
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnig
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-12-20 20:19:57
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1835 (New)
Package is "redis"
Tue Dec 20 20:19:57 2022 rev:85 rq:1043788 version:7.0.7
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-11-01
13:41:24.599526389 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.1835/redis.changes2022-12-20
20:20:04.621743431 +0100
@@ -1,0 +2,26 @@
+Fri Dec 16 13:15:09 UTC 2022 - Michael Ströder
+
+- Update to version 7.0.7
+ * Fix regression from Redis 7.0.6 in distance replies
+of Geo commands (#11631)
+
+---
+Thu Dec 15 21:05:16 UTC 2022 - Andreas Stieger
+
+- Update to version 7.0.6:
+ * RM_ResetDataset module API should not clear the functions
+ * RM_Call module API used with the "C" flag to run scripts,
+would now cause the commands in the script to check ACL with
+the designated user
+ * Geo commands speedups
+ * Fix EVAL command performance regression from Redis 7.0
+ * Reduce EXPIRE commands performance regression from Redis 7.0
+ * Optimize commands returning double values, mainly affecting zset
+commands
+ * Optimize Lua parsing of some command responses
+ * Optimize client memory usage tracking operation while client
+eviction is disabled
+ * Multiple bug fixes for crashes, hangs, and incorrect behavior
+- drop cve-2022-3647.patch now upstream
+
+---
Old:
cve-2022-3647.patch
redis-7.0.5.tar.gz
New:
redis-7.0.7.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.azeL0q/_old 2022-12-20 20:20:05.245746851 +0100
+++ /var/tmp/diff_new_pack.azeL0q/_new 2022-12-20 20:20:05.249746873 +0100
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.0.5
+Version:7.0.7
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
@@ -40,9 +40,6 @@
Patch0: %{name}-conf.patch
Patch3: reproducible.patch
Patch4: ppc-atomic.patch
-# PATCH-FIX-UPSTREAm bsc#1204633 danilo.spine...@suse.com CVE-2022-3647
-# crash in sigsegvHandler debug function
-Patch5: cve-2022-3647.patch
BuildRequires: jemalloc-devel
BuildRequires: libopenssl-devel >= 1.1.1
BuildRequires: pkgconfig
@@ -70,7 +67,6 @@
%patch0
%patch3 -p1
%patch4 -p1
-%patch5 -p1
%build
export HOST=OBS # for reproducible builds
++ redis-7.0.5.tar.gz -> redis-7.0.7.tar.gz ++
3914 lines of diff (skipped)
++ redis.hashes ++
--- /var/tmp/diff_new_pack.azeL0q/_old 2022-12-20 20:20:05.849750163 +0100
+++ /var/tmp/diff_new_pack.azeL0q/_new 2022-12-20 20:20:05.853750184 +0100
@@ -143,4 +143,7 @@
hash redis-7.0.3.tar.gz sha256
2cde7d17214ffe305953da9fff12333e8a72caa57fd4923e4872f6362a208e73
http://download.redis.io/releases/redis-7.0.3.tar.gz
hash redis-7.0.4.tar.gz sha256
f0e65fda74c44a3dd4fa9d512d4d4d833dd0939c934e946a5c622a630d057f2f
http://download.redis.io/releases/redis-7.0.4.tar.gz
hash redis-7.0.5.tar.gz sha256
67054cc37b58c125df93bd78000261ec0ef4436a26b40f38262c780e56315cc3
http://download.redis.io/releases/redis-7.0.5.tar.gz
+hash redis-6.2.8.tar.gz sha256
f91ab24bcb42673cb853292eb5d43c2017d11d659854808ed6a529c97297fdfe
http://download.redis.io/releases/redis-6.2.8.tar.gz
+hash redis-7.0.6.tar.gz sha256
7b33a7e890d13e27af1f246acb16312669ad8a1d56ce8f807dfbcd3c09aa7bb3
http://download.redis.io/releases/redis-7.0.6.tar.gz
+hash redis-7.0.7.tar.gz sha256
8d327d7e887d1bb308fc37aaf717a0bf79f58129e3739069aaeeae88955ac586
http://download.redis.io/releases/redis-7.0.7.tar.gz
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-11-01 13:41:16
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.2275 (New)
Package is "redis"
Tue Nov 1 13:41:16 2022 rev:84 rq:1032521 version:7.0.5
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-10-10
18:45:07.386941049 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.2275/redis.changes2022-11-01
13:41:24.599526389 +0100
@@ -1,0 +2,7 @@
+Mon Oct 24 14:56:10 UTC 2022 - Danilo Spinella
+
+- Fix CVE-2022-3647, crash in sigsegvHandler debug function
+ (CVE-2022-3647, bsc#1204633)
+ * cve-2022-3647.patch
+
+---
New:
cve-2022-3647.patch
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.VuFfbW/_old 2022-11-01 13:41:25.147529304 +0100
+++ /var/tmp/diff_new_pack.VuFfbW/_new 2022-11-01 13:41:25.151529324 +0100
@@ -40,6 +40,9 @@
Patch0: %{name}-conf.patch
Patch3: reproducible.patch
Patch4: ppc-atomic.patch
+# PATCH-FIX-UPSTREAm bsc#1204633 danilo.spine...@suse.com CVE-2022-3647
+# crash in sigsegvHandler debug function
+Patch5: cve-2022-3647.patch
BuildRequires: jemalloc-devel
BuildRequires: libopenssl-devel >= 1.1.1
BuildRequires: pkgconfig
@@ -67,6 +70,7 @@
%patch0
%patch3 -p1
%patch4 -p1
+%patch5 -p1
%build
export HOST=OBS # for reproducible builds
++ cve-2022-3647.patch ++
>From 0bf90d944313919eb8e63d3588bf63a367f020a3 Mon Sep 17 00:00:00 2001
From: "Meir Shpilraien (Spielrein)"
Date: Thu, 29 Sep 2022 08:58:58 +0300
Subject: [PATCH] Avoid crash on crash report when a bad function pointer was
called (#11298)
If Redis crashes due to calling an invalid function pointer,
the `backtrace` function will try to dereference this invalid pointer
which will cause a crash inside the crash report and will kill
the processes without having all the crash report information.
Example:
```
=== REDIS BUG REPORT START: Cut & paste starting from here ===
198672:M 19 Sep 2022 18:06:12.936 # Redis 255.255.255 crashed by signal: 11,
si_code: 1
198672:M 19 Sep 2022 18:06:12.936 # Accessing address: 0x1
198672:M 19 Sep 2022 18:06:12.936 # Crashed running the instruction at: 0x1
// here the processes is crashing
```
This PR tries to fix this crash be:
1. Identify the issue when it happened.
2. Replace the invalid pointer with a pointer to some dummy function
so that `backtrace` will not crash.
I identification is done by comparing `eip` to `info->si_addr`, if they
are the same we know that the crash happened on the same address it tries to
accesses and we can conclude that it tries to call and invalid function pointer.
To replace the invalid pointer we introduce a new function, `setMcontextEip`,
which is very similar to `getMcontextEip` and it knows to set the Eip for the
different supported OS's. After printing the trace we retrieve the old `Eip`
value.
---
src/debug.c | 80 ++---
1 file changed, 58 insertions(+), 22 deletions(-)
diff --git a/src/debug.c b/src/debug.c
index 8cc811be444b..b15ac8780d83 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -1123,73 +1123,88 @@ void bugReportStart(void) {
}
#ifdef HAVE_BACKTRACE
-static void *getMcontextEip(ucontext_t *uc) {
+
+/* Returns the current eip and set it to the given new value (if its not NULL)
*/
+static void* getAndSetMcontextEip(ucontext_t *uc, void *eip) {
#define NOT_SUPPORTED() do {\
UNUSED(uc);\
+UNUSED(eip);\
return NULL;\
} while(0)
+#define GET_SET_RETURN(target_var, new_val) do {\
+void *old_val = (void*)target_var; \
+if (new_val) { \
+void **temp = (void**)&target_var; \
+*temp = new_val; \
+} \
+return old_val; \
+} while(0)
#if defined(__APPLE__) && !defined(MAC_OS_X_VERSION_10_6)
/* OSX < 10.6 */
#if defined(__x86_64__)
-return (void*) uc->uc_mcontext->__ss.__rip;
+GET_SET_RETURN(uc->uc_mcontext->__ss.__rip, eip);
#elif defined(__i386__)
-return (void*) uc->uc_mcontext->__ss.__eip;
+GET_SET_RETURN(uc->uc_mcontext->__ss.__eip, eip);
#else
-return (void*) uc->uc_mcontext->__ss.__srr0;
+GET_SET_RETURN(uc->uc_mcontext->__ss.__srr0, eip);
#endif
#elif defined(__APPLE__) && defined(MAC_OS_X_VERSION_10_6)
/* OSX >= 10.6 */
#if defined(_STRUCT_X86_THREAD_STATE64) && !defined(__i386__)
-return (void*) uc->uc_mcontext->__ss.__rip;
+GET_SET_RETURN(uc->uc_mcontext->__ss.__rip, eip);
#elif defined(__i386__)
-return (void*) uc->uc_mcontext->__ss.__eip;
+GET_SET_RETURN(uc->u
commit redis++ for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis++ for openSUSE:Factory checked in at 2022-10-26 16:08:40 Comparing /work/SRC/openSUSE:Factory/redis++ (Old) and /work/SRC/openSUSE:Factory/.redis++.new.2275 (New) Package is "redis++" Wed Oct 26 16:08:40 2022 rev:4 rq:1031350 version:1.3.6 Changes: --- /work/SRC/openSUSE:Factory/redis++/redis++.changes 2022-10-11 18:05:29.766079598 +0200 +++ /work/SRC/openSUSE:Factory/.redis++.new.2275/redis++.changes 2022-10-26 16:08:41.606029521 +0200 @@ -1,0 +2,8 @@ +Tue Oct 25 13:25:16 UTC 2022 - Andreas Stieger + +- update to 1.3.6: + * RESP3 support + * Redlock support + * Timeout support for async interface + +--- Old: 1.3.5.tar.gz New: 1.3.6.tar.gz Other differences: -- ++ redis++.spec ++ --- /var/tmp/diff_new_pack.ADlLgd/_old 2022-10-26 16:08:42.010030055 +0200 +++ /var/tmp/diff_new_pack.ADlLgd/_new 2022-10-26 16:08:42.014030060 +0200 @@ -18,7 +18,7 @@ %define sover 1 Name: redis++ -Version:1.3.5 +Version:1.3.6 Release:0 Summary:C++ client for Redis License:Apache-2.0 @@ -30,6 +30,7 @@ BuildRequires: pkgconfig(hiredis) BuildRequires: pkgconfig(hiredis_ssl) BuildRequires: pkgconfig(libuv) +BuildRequires: pkgconfig(openssl) %description Redis-plus-plus, a C++ client for Redis based on hiredis and written in C++11/C++17. ++ 1.3.5.tar.gz -> 1.3.6.tar.gz ++ 2886 lines of diff (skipped)
commit redis++ for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis++ for openSUSE:Factory checked in at 2022-10-11 18:02:59 Comparing /work/SRC/openSUSE:Factory/redis++ (Old) and /work/SRC/openSUSE:Factory/.redis++.new.2275 (New) Package is "redis++" Tue Oct 11 18:02:59 2022 rev:3 rq:1009570 version:1.3.5 Changes: --- /work/SRC/openSUSE:Factory/redis++/redis++.changes 2022-02-02 22:45:01.174065410 +0100 +++ /work/SRC/openSUSE:Factory/.redis++.new.2275/redis++.changes 2022-10-11 18:05:29.766079598 +0200 @@ -1,0 +2,12 @@ +Sun Oct 9 19:36:48 UTC 2022 - Andreas Stieger + +- update to 1.3.5: + * Ensure running async callback when error happens + * Add sentinel support for coroutine interface + * Add publish command for async interface +- includes changes from 1.3.4: + * Add async support for subscriber + * Add async support with callbacks + * Add coroutine support + +--- Old: 1.3.3.tar.gz New: 1.3.5.tar.gz Other differences: -- ++ redis++.spec ++ --- /var/tmp/diff_new_pack.L6YKaB/_old 2022-10-11 18:05:30.178080264 +0200 +++ /var/tmp/diff_new_pack.L6YKaB/_new 2022-10-11 18:05:30.194080289 +0200 @@ -18,7 +18,7 @@ %define sover 1 Name: redis++ -Version:1.3.3 +Version:1.3.5 Release:0 Summary:C++ client for Redis License:Apache-2.0 ++ 1.3.3.tar.gz -> 1.3.5.tar.gz ++ 4952 lines of diff (skipped)
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-10-10 18:44:27
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.2275 (New)
Package is "redis"
Mon Oct 10 18:44:27 2022 rev:83 rq:1008369 version:7.0.5
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-09-23
14:15:04.593960702 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.2275/redis.changes2022-10-10
18:45:07.386941049 +0200
@@ -32,0 +33,6 @@
+Thu Sep 1 07:15:24 UTC 2022 - Stefan Schubert
+
+- Migration to /usr/etc: Saving user changed configuration files
+ in /etc and restoring them while an RPM update.
+
+---
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.VW3wwB/_old 2022-10-10 18:45:07.950942263 +0200
+++ /var/tmp/diff_new_pack.VW3wwB/_new 2022-10-10 18:45:07.954942272 +0200
@@ -131,6 +131,20 @@
%pre -f %{name}.pre
%service_add_pre %{name}.target %{name}@.service %{name}-sentinel.target
%{name}-sentinel@.service
+%if 0%{?suse_version} > 1500
+# Prepare for migration to /usr/etc; save any old .rpmsave
+for i in logrotate.d/%{name} ; do
+ test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave
%{_sysconfdir}/${i}.rpmsave.old ||:
+done
+%endif
+
+%if 0%{?suse_version} > 1500
+%posttrans
+# Migration to /usr/etc, restore just created .rpmsave
+for i in logrotate.d/%{name} ; do
+ test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave
%{_sysconfdir}/${i} ||:
+done
+%endif
%post
%tmpfiles_create %{_tmpfilesdir}/%{name}.conf
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-09-23 14:14:45
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.2275 (New)
Package is "redis"
Fri Sep 23 14:14:45 2022 rev:82 rq:1005332 version:7.0.5
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-07-31
23:00:45.687659926 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.2275/redis.changes2022-09-23
14:15:04.593960702 +0200
@@ -1,0 +2,31 @@
+Wed Sep 21 20:36:11 UTC 2022 - Michael Str??der
+
+- Update to version 7.0.5 (boo#1203638)
+ + Security Fixes:
+* (CVE-2022-35951) Executing a XAUTOCLAIM command on a stream key in a
specific
+ state, with a specially crafted COUNT argument, may cause an integer
overflow,
+ a subsequent heap overflow, and potentially lead to remote code
execution.
+ The problem affects Redis versions 7.0.0 or newer
+ [reported by Xion (SeungHyun Lee) of KAIST GoN].
+ + Module API changes
+* Fix RM_Call execution of scripts when used with M/W/S flags to properly
+ handle script flags (#11159)
+* Fix RM_SetAbsExpire and RM_GetAbsExpire API registration (#11025, #8564)
+ + Bug Fixes
+* Fix a hang when eviction is combined with lazy-free and
maxmemory-eviction-tenacity is set to 100 (#11237)
+* Fix a crash when a replica may attempt to set itself as its master as a
result of a manual failover (#11263)
+* Fix a bug where a cluster-enabled replica node may permanently set its
master's hostname to '?' (#10696)
+* Fix a crash when a Lua script returns a meta-table (#11032)
+ + Fixes for issues in previous releases of Redis 7.0
+* Fix redis-cli to do DNS lookup before sending CLUSTER MEET (#11151)
+* Fix crash when a key is lazy expired during cluster key migration
(#11176)
+* Fix AOF rewrite to fsync the old AOF file when a new one is created
(#11004)
+* Fix some crashes involving a list containing entries larger than 1GB
(#11242)
+* Correctly handle scripts with a non-read-only shebang on a cluster
replica (#11223)
+* Fix memory leak when unloading a module (#11147)
+* Fix bug with scripts ignoring client tracking NOLOOP (#11052)
+* Fix client-side tracking breaking protocol when FLUSHDB / FLUSHALL /
SWAPDB is used inside MULTI-EXEC (#11038)
+* Fix ACL: BITFIELD with GET and also SET / INCRBY can be executed with
read-only key permission (#11086)
+* Fix missing sections for INFO ALL when also requesting a module info
section (#11291)
+
+---
Old:
redis-7.0.4.tar.gz
New:
redis-7.0.5.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.IpmEMN/_old 2022-09-23 14:15:05.405962595 +0200
+++ /var/tmp/diff_new_pack.IpmEMN/_new 2022-09-23 14:15:05.409962604 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.0.4
+Version:7.0.5
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-7.0.4.tar.gz -> redis-7.0.5.tar.gz ++
2714 lines of diff (skipped)
++ redis.hashes ++
--- /var/tmp/diff_new_pack.IpmEMN/_old 2022-09-23 14:15:06.117964255 +0200
+++ /var/tmp/diff_new_pack.IpmEMN/_new 2022-09-23 14:15:06.121964264 +0200
@@ -142,4 +142,5 @@
hash redis-7.0.2.tar.gz sha256
5e57eafe7d4ac5ecb6a7d64d6b61db775616dbf903293b3fcc660716dbda5eeb
http://download.redis.io/releases/redis-7.0.2.tar.gz
hash redis-7.0.3.tar.gz sha256
2cde7d17214ffe305953da9fff12333e8a72caa57fd4923e4872f6362a208e73
http://download.redis.io/releases/redis-7.0.3.tar.gz
hash redis-7.0.4.tar.gz sha256
f0e65fda74c44a3dd4fa9d512d4d4d833dd0939c934e946a5c622a630d057f2f
http://download.redis.io/releases/redis-7.0.4.tar.gz
+hash redis-7.0.5.tar.gz sha256
67054cc37b58c125df93bd78000261ec0ef4436a26b40f38262c780e56315cc3
http://download.redis.io/releases/redis-7.0.5.tar.gz
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-07-31 23:00:33
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1533 (New)
Package is "redis"
Sun Jul 31 23:00:33 2022 rev:81 rq:990008 version:7.0.4
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-07-13
13:44:50.925985887 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.1533/redis.changes2022-07-31
23:00:45.687659926 +0200
@@ -1,0 +2,8 @@
+Mon Jul 18 14:36:34 UTC 2022 - Michael Str??der
+
+- Security update to version 7.0.4
+ (CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream
+ key in a specific state may result with heap overflow, and potentially
+ remote code execution. The problem affects Redis versions 7.0.0 or newer.
+
+---
Old:
redis-7.0.3.tar.gz
New:
redis-7.0.4.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.mHAvCF/_old 2022-07-31 23:00:46.243661542 +0200
+++ /var/tmp/diff_new_pack.mHAvCF/_new 2022-07-31 23:00:46.247661553 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.0.3
+Version:7.0.4
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-7.0.3.tar.gz -> redis-7.0.4.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.0.3/00-RELEASENOTES
new/redis-7.0.4/00-RELEASENOTES
--- old/redis-7.0.3/00-RELEASENOTES 2022-07-11 16:44:20.0 +0200
+++ new/redis-7.0.4/00-RELEASENOTES 2022-07-18 15:04:07.0 +0200
@@ -13,6 +13,17 @@
+Redis 7.0.4 Released Monday Jul 18 12:00:00 IST 2022
+
+
+Upgrade urgency: SECURITY, contains fixes to security issues.
+
+Security Fixes:
+* (CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream
+ key in a specific state may result with heap overflow, and potentially
+ remote code execution. The problem affects Redis versions 7.0.0 or newer.
+
+
Redis 7.0.3 Released Monday Jul 11 12:00:00 IST 2022
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.0.3/src/script_lua.c
new/redis-7.0.4/src/script_lua.c
--- old/redis-7.0.3/src/script_lua.c2022-07-11 16:44:20.0 +0200
+++ new/redis-7.0.4/src/script_lua.c2022-07-18 15:04:07.0 +0200
@@ -334,7 +334,7 @@
/* push a field indicate to ignore updating the stats on this error
* because it was already updated when executing the command. */
lua_pushstring(lua,"ignore_error_stats_update");
-lua_pushboolean(lua, true);
+lua_pushboolean(lua, 1);
lua_settable(lua,-3);
}
@@ -891,7 +891,7 @@
/* push a field indicate to ignore updating the stats on this error
* because it was already updated when executing the command. */
lua_pushstring(lua,"ignore_error_stats_update");
-lua_pushboolean(lua, true);
+lua_pushboolean(lua, 1);
lua_settable(lua,-3);
goto cleanup;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.0.3/src/t_stream.c
new/redis-7.0.4/src/t_stream.c
--- old/redis-7.0.3/src/t_stream.c 2022-07-11 16:44:20.0 +0200
+++ new/redis-7.0.4/src/t_stream.c 2022-07-18 15:04:07.0 +0200
@@ -3421,6 +3421,7 @@
/* Remember the ID for later */
deleted_ids[deleted_id_num++] = id;
raxSeek(&ri,">=",ri.key,ri.key_len);
+count--; /* Count is a limit of the command response size. */
continue;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.0.3/src/version.h
new/redis-7.0.4/src/version.h
--- old/redis-7.0.3/src/version.h 2022-07-11 16:44:20.0 +0200
+++ new/redis-7.0.4/src/version.h 2022-07-18 15:04:07.0 +0200
@@ -1,2 +1,2 @@
-#define REDIS_VERSION "7.0.3"
-#define REDIS_VERSION_NUM 0x00070003
+#define REDIS_VERSION "7.0.4"
+#define REDIS_VERSION_NUM 0x00070004
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-7.
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-07-13 13:44:45
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1523 (New)
Package is "redis"
Wed Jul 13 13:44:45 2022 rev:80 rq:988701 version:7.0.3
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-07-09
16:58:58.296430169 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.1523/redis.changes2022-07-13
13:44:50.925985887 +0200
@@ -1,0 +2,35 @@
+Mon Jul 11 15:02:24 UTC 2022 - Michael Str??der
+
+- Update to version 7.0.3
+ * Performance and resource utilization improvements
+- Optimize zset conversion on large ZRANGESTORE (#10789)
+- Optimize the performance of sending PING on large clusters (#10624)
+- Allow for faster restart of Redis in cluster mode (#10912)
+ * INFO fields and introspection changes
+- Add missing sharded pubsub keychannel count to CLIENT LIST (#10895)
+- Add missing pubsubshard_channels field in INFO STATS (#10929)
+ * Module API changes
+- Add RM_StringToULongLong and RM_CreateStringFromULongLong (#10889)
+- Add RM_SetClientNameById and RM_GetClientNameById (#10839)
+ * Changes in CLI tools
+- Add missing cluster-port support to redis-cli --cluster (#10344)
+ * Other General Improvements
+- Account sharded pubsub channels memory consumption (#10925)
+- Allow ECHO in loading and stale modes (#10853)
+- Cluster: Throw -TRYAGAIN instead of -ASK on migrating nodes for multi-key
+- commands when the node only has some of the keys (#9526)
+ * Bug Fixes
+- TLS: Notify clients on connection shutdown (#10931)
+- Fsync directory while persisting AOF manifest, RDB file, and config file
(#10737)
+- Script that made modification will not break with unexpected NOREPLICAS
error (#10855)
+- Cluster: Fix a bug where nodes may not acknowledge a CLUSTER FAILOVER
TAKEOVER
+- after a replica reboots (#10798)
+- Cluster: Fix crash during handshake and cluster shards call (#10942)
+ * Fixes for issues in previous releases of Redis 7.0
+- TLS: Fix issues with large replies (#10909)
+- Correctly report the startup warning for vm.overcommit_memory (#10841)
+- redis-server command line allow passing config name and value in the
same argument (#10866)
+- Support --save command line argument with no value for backwards
compatibility (#10866)
+- Fix CLUSTER RESET command regression requiring an argument (#10898)
+
+---
Old:
redis-7.0.2.tar.gz
New:
redis-7.0.3.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.WEKQOx/_old 2022-07-13 13:44:51.525986738 +0200
+++ /var/tmp/diff_new_pack.WEKQOx/_new 2022-07-13 13:44:51.529986744 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:7.0.2
+Version:7.0.3
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
@@ -145,7 +145,7 @@
%files
%license COPYING
-%doc 00-RELEASENOTES BUGS CONTRIBUTING README.md
+%doc 00-RELEASENOTES BUGS README.md
%if 0%{?suse_version} > 1500
%{_distconfdir}/logrotate.d/%{name}
%else
++ redis-7.0.2.tar.gz -> redis-7.0.3.tar.gz ++
3709 lines of diff (skipped)
++ redis.hashes ++
--- /var/tmp/diff_new_pack.WEKQOx/_old 2022-07-13 13:44:52.001987413 +0200
+++ /var/tmp/diff_new_pack.WEKQOx/_new 2022-07-13 13:44:52.005987419 +0200
@@ -140,4 +140,5 @@
hash redis-7.0.0.tar.gz sha256
284d8bd1fd85d6a55a05ee4e7c31c31977ad56cbf344ed83790beeb148baa720
http://download.redis.io/releases/redis-7.0.0.tar.gz
hash redis-7.0.1.tar.gz sha256
ca1820d527e4759884620be2917079e61e996fa81da5fbe5c07c4a7b507264dc
http://download.redis.io/releases/redis-7.0.1.tar.gz
hash redis-7.0.2.tar.gz sha256
5e57eafe7d4ac5ecb6a7d64d6b61db775616dbf903293b3fcc660716dbda5eeb
http://download.redis.io/releases/redis-7.0.2.tar.gz
+hash redis-7.0.3.tar.gz sha256
2cde7d17214ffe305953da9fff12333e8a72caa57fd4923e4872f6362a208e73
http://download.redis.io/releases/redis-7.0.3.tar.gz
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-07-09 16:58:56
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1523 (New)
Package is "redis"
Sat Jul 9 16:58:56 2022 rev:79 rq:987499 version:7.0.2
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-07-01
13:43:49.138795750 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.1523/redis.changes2022-07-09
16:58:58.296430169 +0200
@@ -1,0 +2,7 @@
+Mon Jul 4 09:41:49 UTC 2022 - Danilo Spinella
+
+- Use bundled jemalloc to fix active defragmentation, fixes bsc#1200913.
+- Remove patch:
+ * Add-support-for-USE_SYSTEM_JEMALLOC-flag.patch
+
+---
Old:
Add-support-for-USE_SYSTEM_JEMALLOC-flag.patch
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.FKavEJ/_old 2022-07-09 16:58:58.856431010 +0200
+++ /var/tmp/diff_new_pack.FKavEJ/_new 2022-07-09 16:58:58.860431016 +0200
@@ -40,7 +40,6 @@
Patch0: %{name}-conf.patch
Patch3: reproducible.patch
Patch4: ppc-atomic.patch
-Patch5: Add-support-for-USE_SYSTEM_JEMALLOC-flag.patch
BuildRequires: jemalloc-devel
BuildRequires: libopenssl-devel >= 1.1.1
BuildRequires: pkgconfig
@@ -68,14 +67,12 @@
%patch0
%patch3 -p1
%patch4 -p1
-%patch5 -p1
%build
export HOST=OBS # for reproducible builds
%make_build CFLAGS="%{optflags}" \
BUILD_WITH_SYSTEMD=yes \
-BUILD_TLS=yes \
-USE_SYSTEM_JEMALLOC=yes
+BUILD_TLS=yes
%sysusers_generate_pre %{SOURCE9} %{name}
%install
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-07-01 13:43:47
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1548 (New)
Package is "redis"
Fri Jul 1 13:43:47 2022 rev:78 rq:985927 version:7.0.2
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-06-20
15:36:58.722833458 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.1548/redis.changes2022-07-01
13:43:49.138795750 +0200
@@ -1,0 +2,6 @@
+Wed Jun 29 10:54:08 UTC 2022 - Stefan Schubert
+
+- Moved logrotate files from user specific directory /etc/logrotate.d
+ to vendor specific directory /usr/etc/logrotate.d.
+
+---
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.w44zMd/_old 2022-07-01 13:43:49.874796855 +0200
+++ /var/tmp/diff_new_pack.w44zMd/_new 2022-07-01 13:43:49.878796862 +0200
@@ -104,7 +104,12 @@
# some sysctl stuff
install -Dpm0644 %{SOURCE6}
%{buildroot}/%{_prefix}/lib/sysctl.d/00-%{name}.conf
+%if 0%{?suse_version} > 1500
+mkdir -p %{buildroot}%{_distconfdir}/logrotate.d
+install -Dpm0644 %{SOURCE1} %{buildroot}%{_distconfdir}/logrotate.d/%{name}
+%else
install -Dpm0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
+%endif
install -Dpm0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.target
install -Dpm0644 %{SOURCE3} %{buildroot}%{_unitdir}/%{name}@.service
install -Dpm0644 %{SOURCE4} %{buildroot}%{_tmpfilesdir}/%{name}.conf
@@ -144,7 +149,11 @@
%files
%license COPYING
%doc 00-RELEASENOTES BUGS CONTRIBUTING README.md
+%if 0%{?suse_version} > 1500
+%{_distconfdir}/logrotate.d/%{name}
+%else
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
+%endif
%{_prefix}/lib/sysctl.d/00-%{name}.conf
%{_bindir}/%{name}-*
%{_sbindir}/%{name}-*
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-06-20 15:36:51
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1548 (New)
Package is "redis"
Mon Jun 20 15:36:51 2022 rev:77 rq:982484 version:7.0.2
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2022-04-30
00:44:13.666883235 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.1548/redis.changes2022-06-20
15:36:58.722833458 +0200
@@ -1,0 +2,69 @@
+Sun Jun 12 16:30:32 UTC 2022 - Michael Str??der
+
+- Update to version 7.0.2
+ * Fixed SET and BITFIELD commands being wrongly marked movablekeys (#10837)
+Regression in 7.0 possibly resulting in excessive roundtrip from cluster
clients.
+ * Fix crash when /proc/sys/vm/overcommit_memory is inaccessible (#10848)
+Regression in 7.0.1 resulting in crash on startup on some configurations.
+
+---
+Wed Jun 8 19:24:25 UTC 2022 - Michael Str??der
+
+- Update to version 7.0.1
+ * Improvements
+- Add warning for suspected slow system clocksource setting
+ Add --check-system command line option. (#10636)
+- Allow read-only scripts (*_RO commands, and ones with `no-writes` flag)
+ during CLIENT PAUSE WRITE (#10744)
+- Add `readonly` flag in COMMAND command for EVAL_RO, EVALSHA_RO and
FCALL_RO (#10728)
+- redis-server command line arguments now accept one string with spaces
+ for multi-arg configs (#10660)
+ * Potentially Breaking Changes
+- Omitting a config option value in command line argument no longer works
(#10660)
+- Hide the `may_replicate` flag from the COMMAND command response (#10744)
+ * Potentially Breaking Changes for new Redis 7.0 features
+- Protocol: Sharded pubsub publish emits `smessage` instead of `message`
(#10792)
+- CLUSTER SHARDS returns slots as RESP integers, not strings (#10683)
+- Block PFCOUNT and PUBLISH in read-only scripts (*_RO commands, and
no-writes) (#10744)
+- Scripts that declare the `no-writes` flag are implicitly `allow-oom` too
(#10699)
+ * Changes in CLI tools
+- redis-cli --bigkeys, --memkeys, --hotkeys, --scan. Finish nicely after
Ctrl+C (#10736)
+ * Platform / toolchain support related improvements
+- Support tcp-keepalive config interval on MacOs (#10667)
+- Support RSS metrics on Haiku OS (#10687)
+ * INFO fields and introspection changes
+- Add isolated network metrics for replication. (#10062, #10810)
+ * Module API changes
+- Add two more new checks to RM_Call script mode (#10786)
+- Add new RM_Call flag to let Redis automatically refuse `deny-oom`
commands (#10786)
+- Add module API RM_MallocUsableSize (#10795)
+- Add missing REDISMODULE_NOTIFY_NEW (#10688)
+- Fix cursor type in RedisModuleScanCursor to handle more than 2^31
elements (#10698)
+- Fix RM_Yield bugs and RM_Call("EVAL") OOM check bug (#10786)
+- Fix bugs in enum configs with overlapping bit flags (#10661)
+ * Bug Fixes
+- FLUSHALL correctly resets rdb_changes_since_last_save INFO field (#10691)
+- FLUSHDB is now propagated to replicas / AOF, even if the db is empty
(#10691)
+- Replica fail and retry the PSYNC if the master is unresponsive (#10726)
+- Fix ZRANGESTORE crash when zset_max_listpack_entries is 0 (#10767)
+
+---
+Tue May 10 13:31:18 UTC 2022 - Danilo Spinella
+
+- Unbundle jemalloc, fixes bsc#199164
+ * Add-support-for-USE_SYSTEM_JEMALLOC-flag.patch
+
+---
+Tue May 10 08:05:09 UTC 2022 - Johannes Segitz
+
+- Add ReadWritePaths=/etc/redis to redis-sentinel@.service (bsc#1199198)
+
+---
+Fri May 6 17:59:39 UTC 2022 - Danilo Spinella
+
+- Update to version 7.0.0:
+ https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES
+- Remove upstreamed patch:
+ * getMcontextEip-return-value.patch
+
+---
Old:
getMcontextEip-return-value.patch
redis-6.2.7.tar.gz
New:
Add-support-for-USE_SYSTEM_JEMALLOC-flag.patch
redis-7.0.2.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.O4Tc84/_old 2022-06-20 15:36:59.350834377 +0200
+++ /var/tmp/diff_new_pack.O4Tc84/_new 2022-06-20 15:36:59.354834383 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:6.2.7
+Version:7.0.2
Releas
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2022-04-30 00:44:10
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1538 (New)
Package is "redis"
Sat Apr 30 00:44:10 2022 rev:76 rq:973561 version:6.2.7
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-11-24
23:54:20.376505788 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.1538/redis.changes2022-04-30
00:44:13.666883235 +0200
@@ -1,0 +2,20 @@
+Wed Apr 27 21:17:06 UTC 2022 - Andreas Stieger
+
+- redis 6.2.7:
+ * CVE-2022-24736: An attacker attempting to load a specially
+crafted Lua script can cause NULL pointer dereference which
+will result with a crash of the redis-server process
+(boo#1198953)
+ * CVE-2022-24735: By exploiting weaknesses in the Lua script
+execution environment, an attacker with access to Redis can
+inject Lua code that will execute with the (potentially higher)
+privileges of another Redis user (boo#1198952)
+ * LPOP/RPOP with count against non-existing list return null array
+ * LPOP/RPOP used to produce wrong replies when count is 0
+ * Speed optimization in command execution pipeline
+ * Fix regression in Z[REV]RANGE commands (by-rank) introduced in
+Redis 6.2
+ * Fix OpenSSL 3.0.x related issues
+ * Bug fixes
+
+---
Old:
redis-6.2.6.tar.gz
New:
redis-6.2.7.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.9zgb0d/_old 2022-04-30 00:44:14.622884064 +0200
+++ /var/tmp/diff_new_pack.9zgb0d/_new 2022-04-30 00:44:14.622884064 +0200
@@ -1,7 +1,7 @@
#
# spec file for package redis
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:6.2.6
+Version:6.2.7
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-6.2.6.tar.gz -> redis-6.2.7.tar.gz ++
3604 lines of diff (skipped)
++ redis.hashes ++
--- /var/tmp/diff_new_pack.9zgb0d/_old 2022-04-30 00:44:15.126884502 +0200
+++ /var/tmp/diff_new_pack.9zgb0d/_new 2022-04-30 00:44:15.134884508 +0200
@@ -133,4 +133,9 @@
hash redis-5.0.14.tar.gz sha256
3ea5024766d983249e80d4aa9457c897a9f079957d0fb1f35682df233f997f32
http://download.redis.io/releases/redis-5.0.14.tar.gz
hash redis-6.0.16.tar.gz sha256
3639bbf29aca1a1670de1ab2ce224d6511c63969e7e590d3cdf8f7888184fa19
http://download.redis.io/releases/redis-6.0.16.tar.gz
hash redis-6.2.6.tar.gz sha256
5b2b8b7a50111ef395bf1c1d5be11e6e167ac018125055daa8b5c2317ae131ab
http://download.redis.io/releases/redis-6.2.6.tar.gz
+hash redis-7.0-rc1.tar.gz sha256
9bd57d3c9ebba9dbbd6cd14b0c263ce151b0044fb6620b556449c2d82e06ef3d
http://download.redis.io/releases/redis-7.0-rc1.tar.gz
+hash redis-7.0-rc2.tar.gz sha256
ee41f5a9f459b44baefbc021cf5096440f346f3c5fc8a1979a877a2f10603ca3
http://download.redis.io/releases/redis-7.0-rc2.tar.gz
+hash redis-7.0-rc3.tar.gz sha256
66b2ecc2e4b53c62940589434ea8af3a85546df131001680ed294028cd84ecdc
http://download.redis.io/releases/redis-7.0-rc3.tar.gz
+hash redis-6.2.7.tar.gz sha256
b7a79cc3b46d3c6eb52fa37dde34a4a60824079ebdfb3abfbbfa035947c55319
http://download.redis.io/releases/redis-6.2.7.tar.gz
+hash redis-7.0.0.tar.gz sha256
284d8bd1fd85d6a55a05ee4e7c31c31977ad56cbf344ed83790beeb148baa720
http://download.redis.io/releases/redis-7.0.0.tar.gz
commit redis++ for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis++ for openSUSE:Factory checked
in at 2022-02-02 22:40:09
Comparing /work/SRC/openSUSE:Factory/redis++ (Old)
and /work/SRC/openSUSE:Factory/.redis++.new.1898 (New)
Package is "redis++"
Wed Feb 2 22:40:09 2022 rev:2 rq:950718 version:1.3.3
Changes:
--- /work/SRC/openSUSE:Factory/redis++/redis++.changes 2020-10-10
00:29:43.641164196 +0200
+++ /work/SRC/openSUSE:Factory/.redis++.new.1898/redis++.changes
2022-02-02 22:40:21.563960619 +0100
@@ -1,0 +2,23 @@
+Wed Feb 2 11:22:44 UTC 2022 - Dominique Leuenberger
+
+- Have the -devel package conflict with libredis++ < 1.3: newly,
+ the library is versioned, which results in the old, unversioned
+ library conflicting with the new .so symlink.
+
+---
+Tue Jan 25 09:35:06 UTC 2022 - Martin Pluskal
+
+- Small spec file cleanup
+
+---
+Mon Dec 27 17:54:42 UTC 2021 - Andreas Stieger
+
+- update to 1.3.3:
+ * Support async interface
+ * Support max connection idle time
+- drop patches:
+ * custom_install_locations.patch
+ * disable_static_lib.patch
+ * use_shared_lib_for_test.patch
+
+---
Old:
1.2.0.tar.gz
custom_install_locations.patch
disable_static_lib.patch
use_shared_lib_for_test.patch
New:
1.3.3.tar.gz
Other differences:
--
++ redis++.spec ++
--- /var/tmp/diff_new_pack.qEUmrU/_old 2022-02-02 22:40:22.071957176 +0100
+++ /var/tmp/diff_new_pack.qEUmrU/_new 2022-02-02 22:40:22.079957122 +0100
@@ -1,7 +1,7 @@
#
# spec file for package redis++
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,68 +16,71 @@
#
+%define sover 1
Name: redis++
-Version:1.2.0
+Version:1.3.3
Release:0
Summary:C++ client for Redis
License:Apache-2.0
URL:https://github.com/sewenew/redis-plus-plus
Source0:
https://github.com/sewenew/redis-plus-plus/archive/%{version}.tar.gz
-Patch0: disable_static_lib.patch
-Patch1: use_shared_lib_for_test.patch
-Patch2: custom_install_locations.patch
BuildRequires: c++_compiler
-BuildRequires: coreutils
-BuildRequires: hiredis-devel
-BuildRequires: libopenssl-devel
BuildRequires: cmake
+BuildRequires: pkgconfig
+BuildRequires: pkgconfig(hiredis)
+BuildRequires: pkgconfig(hiredis_ssl)
+BuildRequires: pkgconfig(libuv)
%description
Redis-plus-plus, a C++ client for Redis based on hiredis and written in
C++11/C++17.
-%package -n lib%{name}
+%package -n lib%{name}%{sover}
Summary:C++ client for Redis
-%description -n lib%{name}
+%description -n lib%{name}%{sover}
Redis-plus-plus, a C++ client for Redis based on hiredis and written in
C++11/C++17.
%package devel
Summary:Header files and libraries for %{name}
-Requires: lib%{name} = %{version}
-Requires: hiredis-devel
+Requires: lib%{name}%{sover} = %{version}
+# With version 1.3, proper so-versioning was added, which made the .so a pure
devel symlink
+# For this reason though we conflict with older, unversioned libraries
+Conflicts: lib%{name} < 1.3
%description devel
The %{name}-devel package contains the header files and
libraries for redis-plus-plus.
%prep
-%setup -q -n redis-plus-plus-%{version}
-%patch0 -p1
-%patch1
-%patch2
+%autosetup -n redis-plus-plus-%{version}
%build
+sed -i -e '/DESTINATION.*/s/lib/%{_lib}/' CMakeLists.txt
%cmake \
-DCMAKE_INSTALL_PREFIX=%{_prefix} \
- -DREDIS_PLUS_PLUS_USE_TLS=ON \
+ -DCMAKE_SHARED_LINKER_FLAGS="%{?build_ldflags}" \
-DREDIS_PLUS_PLUS_BUILD_STATIC=OFF \
- -DREDIS_LIBDIR=%{_lib} \
- -DREDIS_INCDIR=redis++ \
- -DCMAKE_SHARED_LINKER_FLAGS="%{?build_ldflags}"
+ -DREDIS_PLUS_PLUS_USE_TLS=ON \
+ -DREDIS_PLUS_PLUS_BUILD_TEST=OFF \
+ -DREDIS_PLUS_PLUS_BUILD_ASYNC="libuv"
%cmake_build
%install
%cmake_install
-%post -n lib%{name} -p /sbin/ldconfig
-%postun -n lib%{name} -p /sbin/ldconfig
+%post -n lib%{name}%{sover} -p /sbin/ldconfig
+%postun -n lib%{name}%{sover} -p /sbin/ldconfig
-%files -n lib%{name}
+%files -n lib%{name}%{sover}
%license LICENSE
%doc README.md
-%{_libdir}/libredis++.so
+%{_libdir}/libredis++.so.%{sover}{,.*}
%files devel
-%{_includedir}/redis++
+%license LICENSE
+%{_libdir}/pkgconfig/*.pc
+%{_libdir}/libredis++.so
+%{_datadir}/cmake/redis++
+%{_includedir}/sw
%changelog
++ 1.2.0.t
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis for openSUSE:Factory checked in at 2021-11-24 23:54:12 Comparing /work/SRC/openSUSE:Factory/redis (Old) and /work/SRC/openSUSE:Factory/.redis.new.1895 (New) Package is "redis" Wed Nov 24 23:54:12 2021 rev:75 rq:932987 version:6.2.6 Changes: --- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-10-08 22:05:06.572566174 +0200 +++ /work/SRC/openSUSE:Factory/.redis.new.1895/redis.changes2021-11-24 23:54:20.376505788 +0100 @@ -1,0 +2,7 @@ +Mon Nov 15 12:57:13 UTC 2021 - Johannes Segitz + +- Added hardening to systemd service(s) (bsc#1181400). Modified: + * redis-sentinel@.service + * redis@.service + +--- Other differences: -- ++ redis-sentinel@.service ++ --- /var/tmp/diff_new_pack.o2K8PA/_old 2021-11-24 23:54:21.012503653 +0100 +++ /var/tmp/diff_new_pack.o2K8PA/_new 2021-11-24 23:54:21.012503653 +0100 @@ -8,6 +8,19 @@ User=redis Group=redis PrivateTmp=true +# added automatically, for details please see +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort +ProtectSystem=full +ProtectHome=true +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictRealtime=true +# end of automatic additions PIDFile=/run/redis/sentinel-%i.pid ExecStart=/usr/sbin/redis-sentinel /etc/redis/sentinel-%i.conf LimitNOFILE=10240 ++ redis@.service ++ --- /var/tmp/diff_new_pack.o2K8PA/_old 2021-11-24 23:54:21.088503398 +0100 +++ /var/tmp/diff_new_pack.o2K8PA/_new 2021-11-24 23:54:21.088503398 +0100 @@ -8,6 +8,19 @@ User=redis Group=redis PrivateTmp=true +# added automatically, for details please see +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort +ProtectSystem=full +ProtectHome=true +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictRealtime=true +# end of automatic additions PIDFile=/run/redis/%i.pid ExecStart=/usr/sbin/redis-server /etc/redis/%i.conf LimitNOFILE=10240
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2021-10-08 22:04:47
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.2443 (New)
Package is "redis"
Fri Oct 8 22:04:47 2021 rev:74 rq:923194 version:6.2.6
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-07-25
20:09:18.607440558 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.2443/redis.changes2021-10-08
22:05:06.572566174 +0200
@@ -1,0 +2,46 @@
+Mon Oct 4 20:23:56 UTC 2021 - Michael Str??der
+
+- redis 6.2.6 with security fixes for
+ * Security fixes:
+- CVE-2021-41099: Integer to heap buffer overflow handling certain string
+ commands and network payloads, when proto-max-bulk-len is manually
configured
+ to a non-default, very large value (boo#1191299)
+- CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
+ redis-sentinel parsing large multi-bulk replies on some older and less
common
+ platforms (boo#1191300)
+- CVE-2021-32687: Integer to heap buffer overflow with intsets, when
+ set-max-intset-entries is manually configured to a non-default, very
large
+ value (boo#1191302)
+- CVE-2021-32675: Denial Of Service when processing RESP request payloads
with
+ a large number of elements on many connections (boo#1191303)
+- CVE-2021-32672: Random heap reading issue with Lua Debugger (boo#1191304)
+- CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
+ data types, when configuring a large, non-default value for
+ hash-max-ziplist-entries, hash-max-ziplist-value,
zset-max-ziplist-entries
+ or zset-max-ziplist-value (boo#1191305)
+- CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
+ configuring a non-default, large value for proto-max-bulk-len and
+ client-query-buffer-limit (boo#1191305)
+- CVE-2021-32626: Specially crafted Lua scripts may result with Heap buffer
+ overflow (boo#1191306)
+ * Bug fixes that involve behavior changes:
+- GEO* STORE with empty source key deletes the destination key and return 0
+ Previously it would have returned an empty array like the non-STORE
variant.
+- PUBSUB NUMPAT replies with number of patterns rather than number of
subscriptions
+ This actually changed in 6.2.0 but was overlooked and omitted from the
release notes.
+ * Bug fixes that are only applicable to previous releases of Redis 6.2:
+- Fix CLIENT PAUSE, used an old timeout from previous PAUSE
+- Fix CLIENT PAUSE in a replica would mess the replication offset
+- Add some missing error statistics in INFO errorstats
+ * Other bug fixes:
+- Fix incorrect reply of COMMAND command key positions for MIGRATE command
+- Fix appendfsync to always guarantee fsync before reply, on MacOS and
FreeBSD (kqueue)
+- Fix the wrong misdetection of sync_file_range system call, affecting
performance
+ * CLI tools:
+- When redis-cli received ASK response, it didn't handle it
+ * Improvements:
+- Add latency monitor sample when key is deleted via lazy expire
+- Sanitize corrupt payload improvements
+- Delete empty keys when loading RDB file or handling a RESTORE command
+
+---
Old:
redis-6.2.5.tar.gz
New:
redis-6.2.6.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.BdgCGy/_old 2021-10-08 22:05:07.472567654 +0200
+++ /var/tmp/diff_new_pack.BdgCGy/_new 2021-10-08 22:05:07.476567661 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:6.2.5
+Version:6.2.6
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-6.2.5.tar.gz -> redis-6.2.6.tar.gz ++
3277 lines of diff (skipped)
++ redis.hashes ++
--- /var/tmp/diff_new_pack.BdgCGy/_old 2021-10-08 22:05:07.888568338 +0200
+++ /var/tmp/diff_new_pack.BdgCGy/_new 2021-10-08 22:05:07.888568338 +0200
@@ -130,3 +130,6 @@
hash redis-5.0.13.tar.gz sha256
2b617aa2d6ad66c6a5d99fc8590c6b83b40d391fd1184c6eeab30df31f6a7208
http://download.redis.io/releases/redis-5.0.13.tar.gz
hash redis-6.0.15.tar.gz sha256
4bc295264a95bc94423c162a9eee66135a24a51eefe5f53f18fc9bde5c3a9f74
http://download.redis.io/releases/redis-6.0.15.tar.gz
hash redis-6.2.5.tar.gz sha256
4b9a75709a1b74b3785e20a6c158cab94cf52298aa381eea947a678a60d551ae
http://download.redis.io/releases/redis-6.2.5.tar.gz
+hash redis-5.0.14.tar.gz sha256
3ea5
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2021-07-25 20:09:11
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1899 (New)
Package is "redis"
Sun Jul 25 20:09:11 2021 rev:73 rq:907772 version:6.2.5
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-06-14
23:10:26.988681591 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.1899/redis.changes2021-07-25
20:09:18.607440558 +0200
@@ -1,0 +2,25 @@
+Thu Jul 22 13:44:32 UTC 2021 - Andreas Stieger
+
+- redis 6.2.5:
+ * CVE-2021-32761: Fix integer overflow in BITFIELD on 32-bit
+boo#1188598
+ * Change reply type for ZPOPMAX/MIN with count in RESP3 to nested
+array
+ * Was using a flat array like in RESP2 instead of a nested array
+like ZRANGE does.
+ * Fix reply type for HRANDFIELD and ZRANDMEMBER when key is
+missing
+ * Was using a null array instead of an empty array
+ * Fix reply type for ZRANGESTORE when source key is missing
+ * Was using an empty array like ZRANGE instead of 0 (used in the
+STORE variant)
+ * redis-cli cluster import command may issue wrong MIGRATE command,
+sending COPY instead of REPLACE (#8945)
+ * redis-cli --rdb fixes when using "-" to write to stdout
+ * redis-cli support for RESP3 set type in CSV and RAW output
+ * ad Module API for getting current command name
+ * Fix RM_StringTruncate when newlen is 0
+ * Fix CLIENT UNBLOCK crashing modules without timeout callback
+ * Further developer visible bug fixes
+
+---
Old:
redis-6.2.4.tar.gz
New:
redis-6.2.5.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.7zilh4/_old 2021-07-25 20:09:19.127439978 +0200
+++ /var/tmp/diff_new_pack.7zilh4/_new 2021-07-25 20:09:19.131439973 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:6.2.4
+Version:6.2.5
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-6.2.4.tar.gz -> redis-6.2.5.tar.gz ++
3424 lines of diff (skipped)
++ redis.hashes ++
--- /var/tmp/diff_new_pack.7zilh4/_old 2021-07-25 20:09:19.495439568 +0200
+++ /var/tmp/diff_new_pack.7zilh4/_new 2021-07-25 20:09:19.495439568 +0200
@@ -127,3 +127,6 @@
hash redis-6.2.3.tar.gz sha256
98ed7d532b5e9671f5df0825bb71f0f37483a16546364049384c63db8764512b
http://download.redis.io/releases/redis-6.2.3.tar.gz
hash redis-6.0.14.tar.gz sha256
c3e60c928b183ca9fe8e878936a6f8ba99e0441b9b6e04d2412a750ea576c649
http://download.redis.io/releases/redis-6.0.14.tar.gz
hash redis-6.2.4.tar.gz sha256
ba32c406a10fc2c09426e2be2787d74ff204eb3a2e496d87cff76a476b6ae16e
http://download.redis.io/releases/redis-6.2.4.tar.gz
+hash redis-5.0.13.tar.gz sha256
2b617aa2d6ad66c6a5d99fc8590c6b83b40d391fd1184c6eeab30df31f6a7208
http://download.redis.io/releases/redis-5.0.13.tar.gz
+hash redis-6.0.15.tar.gz sha256
4bc295264a95bc94423c162a9eee66135a24a51eefe5f53f18fc9bde5c3a9f74
http://download.redis.io/releases/redis-6.0.15.tar.gz
+hash redis-6.2.5.tar.gz sha256
4b9a75709a1b74b3785e20a6c158cab94cf52298aa381eea947a678a60d551ae
http://download.redis.io/releases/redis-6.2.5.tar.gz
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis for openSUSE:Factory checked in at 2021-06-14 23:10:21 Comparing /work/SRC/openSUSE:Factory/redis (Old) and /work/SRC/openSUSE:Factory/.redis.new.32437 (New) Package is "redis" Mon Jun 14 23:10:21 2021 rev:72 rq:899886 version:6.2.4 Changes: --- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-06-04 22:42:38.079067781 +0200 +++ /work/SRC/openSUSE:Factory/.redis.new.32437/redis.changes 2021-06-14 23:10:26.988681591 +0200 @@ -109 +109 @@ -- replaced /var/run with /run for all PID file paths +- replaced /var/run with /run for all PID file paths (bsc#1185072) Other differences: --
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2021-06-04 22:42:32
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1898 (New)
Package is "redis"
Fri Jun 4 22:42:32 2021 rev:71 rq:896856 version:6.2.4
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-06-01
10:32:50.416340953 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.1898/redis.changes2021-06-04
22:42:38.079067781 +0200
@@ -1,0 +2,17 @@
+Wed Jun 2 07:57:17 UTC 2021 - Andreas Stieger
+
+- redis 6.2.4:
+ * CVE-2021-32625: An integer overflow bug could be exploited by
+using the STRALGO LCS command to cause remote remote code
+execution (boo#1186722)
+ * Fix crash after a diskless replication fork child is terminated
+ * Fix redis-benchmark crash on unsupported configs
+ * Fix crash in UNLINK on a stream key with deleted consumer groups
+ * SINTERSTORE: Add missing keyspace del event when none of the
+sources exist
+ * Sentinel: Fix CONFIG SET of empty string
+sentinel-user/sentinel-pass configs
+ * Enforce client output buffer soft limit when no traffic
+ * Hide AUTH passwords in MIGRATE command from slowlog
+
+---
Old:
redis-6.2.3.tar.gz
New:
redis-6.2.4.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.GQ2NvC/_old 2021-06-04 22:42:38.947068739 +0200
+++ /var/tmp/diff_new_pack.GQ2NvC/_new 2021-06-04 22:42:38.947068739 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:6.2.3
+Version:6.2.4
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-6.2.3.tar.gz -> redis-6.2.4.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-6.2.3/00-RELEASENOTES
new/redis-6.2.4/00-RELEASENOTES
--- old/redis-6.2.3/00-RELEASENOTES 2021-05-03 21:57:00.0 +0200
+++ new/redis-6.2.4/00-RELEASENOTES 2021-06-01 16:03:36.0 +0200
@@ -12,6 +12,31 @@
+Redis 6.2.4 Released Tue July 1 12:00:00 IST 2021
+
+
+Upgrade urgency: SECURITY, Contains fixes to security issues that affect
+authenticated client connections. MODERATE otherwise.
+
+Fix integer overflow in STRALGO LCS (CVE-2021-32625)
+An integer overflow bug in Redis version 6.0 or newer can be exploited using
the
+STRALGO LCS command to corrupt the heap and potentially result with remote code
+execution. This is a result of an incomplete fix by CVE-2021-29477.
+
+Bug fixes that are only applicable to previous releases of Redis 6.2:
+* Fix crash after a diskless replication fork child is terminated (#8991)
+* Fix redis-benchmark crash on unsupported configs (#8916)
+
+Other bug fixes:
+* Fix crash in UNLINK on a stream key with deleted consumer groups (#8932)
+* SINTERSTORE: Add missing keyspace del event when none of the sources exist
(#8949)
+* Sentinel: Fix CONFIG SET of empty string sentinel-user/sentinel-pass configs
(#8958)
+* Enforce client output buffer soft limit when no traffic (#8833)
+
+Improvements:
+* Hide AUTH passwords in MIGRATE command from slowlog (#8859)
+
+
Redis 6.2.3 Released Mon May 3 19:00:00 IST 2021
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-6.2.3/src/acl.c new/redis-6.2.4/src/acl.c
--- old/redis-6.2.3/src/acl.c 2021-05-03 21:57:00.0 +0200
+++ new/redis-6.2.4/src/acl.c 2021-06-01 16:03:36.0 +0200
@@ -1892,10 +1892,6 @@
void aclCommand(client *c) {
char *sub = c->argv[1]->ptr;
if (!strcasecmp(sub,"setuser") && c->argc >= 3) {
-/* Consider information about passwords or permissions
- * to be sensitive, which will be the arguments for this
- * subcommand. */
-preventCommandLogging(c);
sds username = c->argv[2]->ptr;
/* Check username validity. */
if (ACLStringHasSpaces(username,sdslen(username))) {
@@ -1912,6 +1908,12 @@
user *u = ACLGetUserByName(username,sdslen(username));
if (u) ACLCopyUser(tempu, u);
+/* Initially re
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2021-06-01 10:32:49
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.1898 (New)
Package is "redis"
Tue Jun 1 10:32:49 2021 rev:70 rq:895136 version:6.2.3
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-05-07
16:45:33.964322082 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.1898/redis.changes2021-06-01
10:32:50.416340953 +0200
@@ -1,0 +2,6 @@
+Fri May 21 20:30:15 UTC 2021 - Jan Engelhardt
+
+- Move sysctl file to /usr/lib/sysctl.d, so that it can be
+ overridden by an admin in /etc.
+
+---
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.lpa72Z/_old 2021-06-01 10:32:51.000341948 +0200
+++ /var/tmp/diff_new_pack.lpa72Z/_new 2021-06-01 10:32:51.004341955 +0200
@@ -99,7 +99,7 @@
install -Dpm0660 sentinel.conf
%{buildroot}%{_conf_dir}/sentinel.conf.example
# some sysctl stuff
-install -Dpm0644 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysctl.d/00-%{name}.conf
+install -Dpm0644 %{SOURCE6}
%{buildroot}/%{_prefix}/lib/sysctl.d/00-%{name}.conf
install -Dpm0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
install -Dpm0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.target
install -Dpm0644 %{SOURCE3} %{buildroot}%{_unitdir}/%{name}@.service
@@ -141,7 +141,7 @@
%license COPYING
%doc 00-RELEASENOTES BUGS CONTRIBUTING README.md
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
-%config(noreplace) %{_sysconfdir}/sysctl.d/00-%{name}.conf
+%{_prefix}/lib/sysctl.d/00-%{name}.conf
%{_bindir}/%{name}-*
%{_sbindir}/%{name}-*
%{_sbindir}/rc%{name}
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2021-05-07 16:45:21
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.2988 (New)
Package is "redis"
Fri May 7 16:45:21 2021 rev:69 rq:891214 version:6.2.3
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-04-23
17:50:13.462752780 +0200
+++ /work/SRC/openSUSE:Factory/.redis.new.2988/redis.changes2021-05-07
16:45:33.964322082 +0200
@@ -1,0 +2,13 @@
+Tue May 4 06:23:15 UTC 2021 - Michael Str??der
+
+- redis 6.2.3
+ * CVE-2021-29477: Integer overflow in STRALGO LCS command (boo#1185729)
+ * CVE-2021-29478: Integer overflow in COPY command for large intsets
(boo#1185730)
+ * Fix memory leak in moduleDefragGlobals
+ * Fix memory leak when doing lazy freeing client tracking table
+ * Block abusive replicas from sending command that could assert and crash
redis
+ * Use a monotonic clock to check for Lua script timeout
+ * redis-cli: Do not use unix socket when we got redirected in cluster mode
+ * Fix RM_GetClusterNodeInfo() to correctly populate master id
+
+---
Old:
redis-6.2.2.tar.gz
New:
redis-6.2.3.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.TxdDbZ/_old 2021-05-07 16:45:34.552320233 +0200
+++ /var/tmp/diff_new_pack.TxdDbZ/_new 2021-05-07 16:45:34.552320233 +0200
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:6.2.2
+Version:6.2.3
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ ppc-atomic.patch ++
--- /var/tmp/diff_new_pack.TxdDbZ/_old 2021-05-07 16:45:34.600320082 +0200
+++ /var/tmp/diff_new_pack.TxdDbZ/_new 2021-05-07 16:45:34.600320082 +0200
@@ -1,9 +1,8 @@
-Index: redis-5.0.9/src/Makefile
-===
redis-5.0.9.orig/src/Makefile
-+++ redis-5.0.9/src/Makefile
-@@ -83,6 +83,10 @@ ifneq (,$(filter aarch64 armv,$(uname_M)
- else
+diff -ur redis-6.2.3.orig/src/Makefile redis-6.2.3/src/Makefile
+--- redis-6.2.3.orig/src/Makefile 2021-05-03 21:57:00.0 +0200
redis-6.2.3/src/Makefile 2021-05-04 08:48:20.064568420 +0200
+@@ -96,6 +96,10 @@
+ # Linux ARM32 needs -latomic at linking time
ifneq (,$(findstring armv,$(uname_M)))
FINAL_LIBS+=-latomic
+else
@@ -11,5 +10,5 @@
+FINAL_LIBS+=-latomic
+endif
endif
- endif
+ ifeq ($(uname_S),SunOS)
++ redis-6.2.2.tar.gz -> redis-6.2.3.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-6.2.2/.github/workflows/daily.yml
new/redis-6.2.3/.github/workflows/daily.yml
--- old/redis-6.2.2/.github/workflows/daily.yml 2021-04-20 07:03:58.0
+0200
+++ new/redis-6.2.3/.github/workflows/daily.yml 2021-05-03 21:57:00.0
+0200
@@ -253,7 +253,7 @@
steps:
- uses: actions/checkout@v2
- name: test
- uses: vmactions/freebsd-vm@v0.1.2
+ uses: vmactions/freebsd-vm@v0.1.4
with:
usesh: true
sync: rsync
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-6.2.2/00-RELEASENOTES
new/redis-6.2.3/00-RELEASENOTES
--- old/redis-6.2.2/00-RELEASENOTES 2021-04-20 07:03:58.0 +0200
+++ new/redis-6.2.3/00-RELEASENOTES 2021-05-03 21:57:00.0 +0200
@@ -12,6 +12,40 @@
+Redis 6.2.3 Released Mon May 3 19:00:00 IST 2021
+
+
+Upgrade urgency: SECURITY, Contains fixes to security issues that affect
+authenticated client connections. LOW otherwise.
+
+Integer overflow in STRALGO LCS command (CVE-2021-29477):
+An integer overflow bug in Redis version 6.0 or newer could be exploited using
+the STRALGO LCS command to corrupt the heap and potentially result in remote
+code execution. The integer overflow bug exists in all versions of Redis
+starting with 6.0.
+
+Integer overflow in COPY command for large intsets (CVE-2021-29478):
+An integer overflow bug in Redis 6.2 could be exploited to corrupt the heap and
+potentially result with remote code execution. The vulnerability involves
+changing the default set-max-intset-entries configuration value, creating a
+large set key that consists of integer values and us
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis for openSUSE:Factory checked in at 2021-04-23 17:50:11 Comparing /work/SRC/openSUSE:Factory/redis (Old) and /work/SRC/openSUSE:Factory/.redis.new.12324 (New) Package is "redis" Fri Apr 23 17:50:11 2021 rev:68 rq:886948 version:6.2.2 Changes: --- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-03-24 16:09:10.947701640 +0100 +++ /work/SRC/openSUSE:Factory/.redis.new.12324/redis.changes 2021-04-23 17:50:13.462752780 +0200 @@ -1,0 +2,69 @@ +Tue Apr 20 09:08:06 UTC 2021 - Andreas Stieger + +- Usage of OPENSSL_INIT_ATFORK in tls.c raises the minimum version + of OpenSSL 1.1.x to 1.1.1, say so in spec + +--- +Tue Apr 20 07:17:18 UTC 2021 - Michael Str??der + +- redis 6.2.2 + Bug fixes for regressions in previous releases of Redis 6.2: + * Fix BGSAVE, AOFRW, and replication slowdown due to child reporting CoW (#8645) + * Fix short busy loop when a timer event is about to fire (#8764) + * Fix default user, overwritten and reset users losing Pub/Sub channel permissions (#8723) + * Fix config rewrite with an empty save config resulting in default save values (#8719) + * Fix not starting on alpine/libmusl without IPv6 (#8655) + * Fix issues with propagation and MULTI/EXEC in modules (#8617) + * Several issues around nested calls and thread-safe contexts + Bug fixes that are only applicable to previous releases of Redis 6.2: + * ACL Pub/Sub channels permission handling for save/load scenario (#8794) + * Fix early rejection of PUBLISH inside MULTI-EXEC transaction (#8534) + * Fix missing SLOWLOG records for blocked commands (#8632) + * Allow RESET command during busy scripts (#8629) + * Fix some error replies that were not counted on stats (#8659) + Bug fixes: + * Add a timeout mechanism for replicas stuck in fullsync (#8762) + * Process HELLO command even if the default user has no permissions (#8633) + * Client issuing a long-running script and using a pipeline, got disconnected (#8715) + * Fix script kill to work also on scripts that use pcall (#8661) + * Fix list-compress-depth may compress more node than required (#8311) + * Fix redis-cli handling of rediss:// URL scheme (#8705) + * Cluster: Skip unnecessary check which may prevent failure detection (#8585) + * Cluster: Fix hang manual failover when replica just started (#8651) + * Sentinel: Fix info-refresh time field before sentinel gets a first response (#8567) + * Sentinel: Fix possible crash on failed connection attempt (#8627) + * Systemd: Send the readiness notification when a replica is ready to accept connections (#8409) + Command behavior changes: + * ZADD: fix awrong reply when INCR used with GT/LT which blocked the update (#8717) + * It was responding with the incremented value rather than nil + * XAUTOCLAIM: fix response to return the next available id as the cursor (#8725) + * Previous behavior was returning the last one which was already scanned + * XAUTOCLAIM: fix JUSTID to prevent incrementing delivery_count (#8724) + New config options: + * Add cluster-allow-replica-migration config option (#5285) + * Add replica-announced config option (#8653) + * Add support for plaintext clients in TLS cluster (#8587) + * Add support for reading encrypted keyfiles (#8644) + Improvements: + * Fix performance regression in BRPOP on Redis 6.0 (#8689) + * Avoid adding slowlog entries for config with sensitive data (#8584) + * Improve redis-cli non-binary safe string handling (#8566) + * Optimize CLUSTER SLOTS reply (#8541) + * Handle remaining fsync errors (#8419) + Info fields and introspection changes: + * Strip % sign from current_fork_perc info field (#8628) + * Fix RSS memory info on FreeBSD (#8620) + * Fix client_recent_max_input/output_buffer in 'INFO CLIENTS' when all clients drop (#8588) + * Fix invalid master_link_down_since_seconds in info replication (#8785) + Platform and deployment-related changes: + * Fix FreeBSD <12.x builds (#8603) + Modules: + * Add macros for RedisModule_log logging levels (#4246) + * Add RedisModule_GetAbsExpire / RedisModule_SetAbsExpire (#8564) + * Add a module type for key space notification (#8759) + * Set module eviction context flag only in masters (#8631) + * Fix unusable RedisModule_IsAOFClient API (#8596) + * Fix missing EXEC on modules propagation after failed EVAL execution (#8654) + * Fix edge-case when a module client is unblocked (#8618) + +--- Old: redis-6.2.1.tar.gz New: redis-6.2.2.tar.gz Other differences: -- ++ redis.spec ++
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis for openSUSE:Factory checked in at 2021-03-24 16:09:06 Comparing /work/SRC/openSUSE:Factory/redis (Old) and /work/SRC/openSUSE:Factory/.redis.new.2401 (New) Package is "redis" Wed Mar 24 16:09:06 2021 rev:67 rq:879905 version:6.2.1 Changes: --- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-03-11 20:07:09.608163932 +0100 +++ /work/SRC/openSUSE:Factory/.redis.new.2401/redis.changes2021-03-24 16:09:10.947701640 +0100 @@ -1,0 +2,5 @@ +Sat Mar 13 14:28:47 UTC 2021 - Michael Str??der + +- replaced /var/run with /run for all PID file paths + +--- Other differences: -- ++ README.SUSE ++ --- /var/tmp/diff_new_pack.AzLTu9/_old 2021-03-24 16:09:11.507702228 +0100 +++ /var/tmp/diff_new_pack.AzLTu9/_new 2021-03-24 16:09:11.507702228 +0100 @@ -15,13 +15,13 @@ 2. change at least pidfile, logfile and dir setting # the pid file *has* to match your config filename without the ".conf" -pidfile /var/run/redis/instancename.pid +pidfile /run/redis/instancename.pid logfile /var/log/redis/instancename.log dir /var/lib/redis/instancename/ If you want to run more than one instance you also have to change the socket path and/or the ip:port combination. - e.g. /var/run/redis/instancename.sock + e.g. /run/redis/instancename.sock Also make sure if you copy configurations from somewhere, that "daemonize" should be set to "no". @@ -54,12 +54,12 @@ 2. change at least pidfile, logfile setting # the pid file *has* to match your config filename without the ".conf" -pidfile /var/run/redis/instancename.pid +pidfile /run/redis/instancename.pid logfile /var/log/redis/instancename.log If you want to run more than one instance you also have to change the socket path and/or the ip:port combination. - e.g. /var/run/redis/instancename.sock + e.g. /run/redis/instancename.sock Also make sure if you copy configurations from somewhere, that "daemonize" should be set to "no". ++ redis-conf.patch ++ --- /var/tmp/diff_new_pack.AzLTu9/_old 2021-03-24 16:09:11.519702240 +0100 +++ /var/tmp/diff_new_pack.AzLTu9/_new 2021-03-24 16:09:11.519702240 +0100 @@ -25,7 +25,7 @@ # Note that on modern Linux systems "/run/redis.pid" is more conforming # and should be used instead. -pidfile /var/run/redis_6379.pid -+pidfile /var/run/redis/default.pid ++pidfile /run/redis/default.pid # Specify the server verbosity level. # This can be one of: @@ -62,7 +62,7 @@ # /var/run/redis-sentinel.pid by default. You can specify a custom pid file # location here. -pidfile /var/run/redis-sentinel.pid -+pidfile /var/run/redis/sentinel-default.pid ++pidfile /run/redis/sentinel-default.pid # Specify the log file name. Also the empty string can be used to force # Sentinel to log on the standard output. Note that if you use standard ++ redis-sentinel@.service ++ --- /var/tmp/diff_new_pack.AzLTu9/_old 2021-03-24 16:09:11.543702265 +0100 +++ /var/tmp/diff_new_pack.AzLTu9/_new 2021-03-24 16:09:11.543702265 +0100 @@ -8,7 +8,7 @@ User=redis Group=redis PrivateTmp=true -PIDFile=/var/run/redis/sentinel-%i.pid +PIDFile=/run/redis/sentinel-%i.pid ExecStart=/usr/sbin/redis-sentinel /etc/redis/sentinel-%i.conf LimitNOFILE=10240 Restart=on-failure ++ redis@.service ++ --- /var/tmp/diff_new_pack.AzLTu9/_old 2021-03-24 16:09:11.623702349 +0100 +++ /var/tmp/diff_new_pack.AzLTu9/_new 2021-03-24 16:09:11.623702349 +0100 @@ -8,7 +8,7 @@ User=redis Group=redis PrivateTmp=true -PIDFile=/var/run/redis/%i.pid +PIDFile=/run/redis/%i.pid ExecStart=/usr/sbin/redis-server /etc/redis/%i.conf LimitNOFILE=10240 Restart=on-failure
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis for openSUSE:Factory checked in at 2021-03-11 20:07:04 Comparing /work/SRC/openSUSE:Factory/redis (Old) and /work/SRC/openSUSE:Factory/.redis.new.2401 (New) Package is "redis" Thu Mar 11 20:07:04 2021 rev:66 rq:877721 version:6.2.1 Changes: --- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-03-02 12:25:55.683342568 +0100 +++ /work/SRC/openSUSE:Factory/.redis.new.2401/redis.changes2021-03-11 20:07:09.608163932 +0100 @@ -1,0 +2,289 @@ +Thu Mar 4 13:21:32 UTC 2021 - Gareth McCarter + +- redis 6.2.1 + Bug fixes: + * Fix sanitize-dump-payload for stream with deleted records (#8568) + * Prevent client-query-buffer-limit config from being set to lower than 1mb (#8557) + Improvements: + * Make port, tls-port and bind config options modifiable at runtime (#8510) + Platform and deployment-related changes: + * Fix compilation error on non-glibc systems if jemalloc is not used (#8533) + * Improved memory consumption and memory usage tracking on FreeBSD (#8545) + * Fix compilation on ARM64 MacOS with jemalloc (#8458) + Modules: + * New Module API for getting user name of a client (#8508) + * Optimize RM_Call by utilizing a shared reusable client (#8516) + * Fix crash running CLIENT INFO via RM_Call (#8560) + +- includes changes from 6.2.0 GA: + * Integer overflow on 32-bit systems (CVE-2021-21309) + Bug fixes: + * Avoid 32-bit overflows when proto-max-bulk-len is set high (#8522) + * Fix broken protocol in client tracking tracking-redir-broken message (#8456) + * Avoid unsafe field name characters in INFO commandstats, errorstats, modules (#8492) + * XINFO able to access expired keys during CLIENT PAUSE WRITE (#8436) + * Fix allowed length for REPLCONF ip-address, needed due to Sentinel's support for hostnames (#8517) + * Fix broken protocol in redis-benchmark when used with -a or --dbnum (#8486) + * XADD counts deleted records too when considering switching to a new listpack (#8390) + Bug fixes that are only applicable to previous releases of Redis 6.2: + * Fixes in GEOSEARCH bybox (accuracy and mismatch between width and height) (#8445) + * Fix risk of OOM panic in HRANDFIELD, ZRANDMEMBER commands with huge negative count (#8429) + * Fix duplicate replicas issue in Sentinel, needed due to hostname support (#8481) + * Fix Sentinel configuration rewrite, an improvement of #8271 (#8480) + Command behavior changes: + * SRANDMEMBER uses RESP3 array type instead of set type (#8504) + * EXPIRE, EXPIREAT, SETEX, GETEX: Return error when provided expire time overflows (#8287) + Other behavior changes: + * Remove ACL subcommand validation if fully added command exists. (#8483) + Improvements: + * Optimize sorting in GEORADIUS / GEOSEARCH with COUNT (#8326) + * Optimize HRANDFIELD and ZRANDMEMBER case 4 when ziplist encoded (#8444) + * Optimize in-place replacement of elements in HSET, HINCRBY, LSET (#8493) + * Remove redundant list to store pubsub patterns (#8472) + * Add --insecure option to command line tools (#8416) + Info fields and introspection changes: + * Add INFO fields to track progress of BGSAVE, AOFRW, replication (#8414) + Modules: + * RM_ZsetRem: Delete key if empty, the bug could leave empty zset keys (#8453) + * RM_HashSet: Add COUNT_ALL flag and set errno (#8446) + +- includes changes from 6.2 RC3: + New commands / args: + * Add HRANDFIELD and ZRANDMEMBER commands (#8297) + * Add FAILOVER command (#8315) + * Add GETEX, GETDEL commands (#8327) + * Add PXAT/EXAT arguments to SET command (#8327) + * Add SYNC arg to FLUSHALL and FLUSHDB, and ASYNC/SYNC arg to SCRIPT FLUSH (#8258) + Sentinel: + * Add hostname support to Sentinel (#8282) + * Prevent file descriptors from leaking into Sentinel scripts (#8242) + * Fix config file line order dependency and config rewrite sequence (#8271) + New configuration options: + * Add set-proc-title config option to disable changes to the process title (#3623) + * Add proc-title-template option to control what's shown in the process title (#8397) + * Add lazyfree-lazy-user-flush config option to control FLUSHALL, FLUSHDB and SCRIPT FLUSH (#8258) + Bug fixes: + * AOF: recover from last write error by turning on/off appendonly config (#8030) + * Exit on fsync error when the AOF fsync policy is 'always' (#8347) + * Avoid assertions (on older kernels) when testing arm64 CoW bug (#8405) + * CONFIG REWRITE should honor umask settings (#8371) + * Fix firstkey,lastkey,step in COMMAND command for some commands (#8367) + Special considerations: + * Fix misleading description of the save configuration directive (#8337) + Improvements: + * A way to get RDB file via replication without excessive replication buffers (#8303) +
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2021-03-02 12:25:42
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.2378 (New)
Package is "redis"
Tue Mar 2 12:25:42 2021 rev:65 rq:874969 version:6.0.11
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-02-23
20:19:46.303622115 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.2378/redis.changes2021-03-02
12:25:55.683342568 +0100
@@ -1,0 +2,26 @@
+Wed Feb 24 12:10:22 UTC 2021 - Andreas Stieger
+
+- redis 6.0.11:
+ * CVE-2021-21309: Avoid 32-bit overflows when proto-max-bulk-len
+is set high (boo#1182657)
+ * Fix handling of threaded IO and CLIENT PAUSE (failover), could
+lead to data loss or a crash
+ * Fix the selection of a random element from large hash tables
+ * Fix broken protocol in client tracking tracking-redir-broken message
+ * XINFO able to access expired keys on a replica
+ * Fix broken protocol in redis-benchmark when used with -a or
+--dbnum
+ * Avoid assertions (on older kernels) when testing arm64 CoW bug
+ * CONFIG REWRITE should honor umask settings
+ * Fix firstkey,lastkey,step in COMMAND command for some commands
+ * RM_ZsetRem: Delete key if empty, the bug could leave empty
+zset keys
+
+---
+Wed Feb 24 11:42:17 UTC 2021 - Jan Zerebecki
+
+- Switch systemd type of the sentinel service from notify to simple. This can
+ be reverted when updating to 6.2 which fixes
+ https://github.com/redis/redis/issues/7284 .
+
+---
Old:
redis-6.0.10.tar.gz
New:
redis-6.0.11.tar.gz
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.5RJ2n2/_old 2021-03-02 12:25:56.331343147 +0100
+++ /var/tmp/diff_new_pack.5RJ2n2/_new 2021-03-02 12:25:56.335343151 +0100
@@ -20,7 +20,7 @@
%define _log_dir%{_localstatedir}/log/%{name}
%define _conf_dir %{_sysconfdir}/%{name}
Name: redis
-Version:6.0.10
+Version:6.0.11
Release:0
Summary:Persistent key-value database
License:BSD-3-Clause
++ redis-6.0.10.tar.gz -> redis-6.0.11.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-6.0.10/.github/workflows/ci.yml
new/redis-6.0.11/.github/workflows/ci.yml
--- old/redis-6.0.10/.github/workflows/ci.yml 2021-01-12 15:25:37.0
+0100
+++ new/redis-6.0.11/.github/workflows/ci.yml 2021-02-23 00:35:37.0
+0100
@@ -13,7 +13,7 @@
run: make BUILD_TLS=yes
- name: test
run: |
-sudo apt-get install tcl8.5
+sudo apt-get install tcl8.6
./runtest --verbose
- name: module api test
run: ./runtest-moduleapi --verbose
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/redis-6.0.10/.github/workflows/daily.yml
new/redis-6.0.11/.github/workflows/daily.yml
--- old/redis-6.0.10/.github/workflows/daily.yml2021-01-12
15:25:37.0 +0100
+++ new/redis-6.0.11/.github/workflows/daily.yml2021-02-23
00:35:37.0 +0100
@@ -20,7 +20,7 @@
run: make
- name: test
run: |
-sudo apt-get install tcl8.5
+sudo apt-get install tcl8.6
./runtest --accurate --verbose
- name: module api test
run: ./runtest-moduleapi --verbose
@@ -39,7 +39,7 @@
run: make MALLOC=libc
- name: test
run: |
-sudo apt-get install tcl8.5
+sudo apt-get install tcl8.6
./runtest --accurate --verbose
- name: module api test
run: ./runtest-moduleapi --verbose
@@ -60,7 +60,7 @@
make 32bit
- name: test
run: |
-sudo apt-get install tcl8.5
+sudo apt-get install tcl8.6
./runtest --accurate --verbose
- name: module api test
run: |
@@ -82,7 +82,7 @@
make BUILD_TLS=yes
- name: test
run: |
-sudo apt-get install tcl8.5 tcl-tls
+sudo apt-get install tcl8.6 tcl-tls
./utils/gen-test-certs.sh
./runtest --accurate --verbose --tls
./runtest --accurate --verbose
@@ -110,7 +110,7 @@
- name: test
run: |
sudo apt-get update
-sudo apt-get install tcl8.5 valgrind -y
+sudo apt-get install tcl8.6 valgrind -y
./runtest --valgrind --verbose --clients 1
- name: module api test
run: ./runtest-moduleapi --valgrind --verbose --clients 1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.s
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package redis for openSUSE:Factory checked
in at 2021-02-23 20:18:03
Comparing /work/SRC/openSUSE:Factory/redis (Old)
and /work/SRC/openSUSE:Factory/.redis.new.2378 (New)
Package is "redis"
Tue Feb 23 20:18:03 2021 rev:64 rq:872866 version:6.0.10
Changes:
--- /work/SRC/openSUSE:Factory/redis/redis.changes 2021-01-18
11:26:16.900407465 +0100
+++ /work/SRC/openSUSE:Factory/.redis.new.2378/redis.changes2021-02-23
20:19:46.303622115 +0100
@@ -1,0 +2,6 @@
+Fri Feb 12 23:30:08 UTC 2021 - Jan Zerebecki
+
+- Enable TLS support and add BuildRequires libopenssl-devel (bsc#1181830)
+- Make tests run by adding BuildRequires tcl and procps
+
+---
Other differences:
--
++ redis.spec ++
--- /var/tmp/diff_new_pack.aw0bnw/_old 2021-02-23 20:19:46.847622596 +0100
+++ /var/tmp/diff_new_pack.aw0bnw/_new 2021-02-23 20:19:46.847622596 +0100
@@ -41,11 +41,15 @@
Patch1: getMcontextEip-return-value.patch
Patch3: reproducible.patch
Patch4: ppc-atomic.patch
+BuildRequires: libopenssl-devel
BuildRequires: pkgconfig
+BuildRequires: procps
BuildRequires: sysuser-shadow
BuildRequires: sysuser-tools
+BuildRequires: tcl
BuildRequires: pkgconfig(libsystemd)
BuildRequires: pkgconfig(systemd)
+# there is no tcl-tls package yet, which is said to be needed for testing tls
support
Recommends: logrotate
%sysusers_requires
@@ -67,7 +71,7 @@
%build
export HOST=OBS # for reproducible builds
-%make_build CFLAGS="%{optflags}" BUILD_WITH_SYSTEMD=yes
+%make_build CFLAGS="%{optflags}" BUILD_WITH_SYSTEMD=yes BUILD_TLS=yes
%sysusers_generate_pre %{SOURCE9} redis
%install
@@ -116,7 +120,8 @@
'child process exited abnormally' -- sometimes it works.
---
EOF
-%make_build test || true
+# Variable assignments need to match in all make invocations, otherwise it
might recomplie. See https://github.com/redis/redis/issues/7337
+%make_build test CFLAGS="%{optflags}" BUILD_WITH_SYSTEMD=yes BUILD_TLS=yes ||
true
%pre -f redis.pre
%service_add_pre redis.target redis@.service redis-sentinel.target
redis-sentinel@.service
commit redis for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package redis for openSUSE:Factory checked in at 2021-01-18 11:26:11 Comparing /work/SRC/openSUSE:Factory/redis (Old) and /work/SRC/openSUSE:Factory/.redis.new.28504 (New) Package is "redis" Mon Jan 18 11:26:11 2021 rev:63 rq:862798 version:6.0.10 Changes: --- /work/SRC/openSUSE:Factory/redis/redis.changes 2020-11-02 09:38:34.621505351 +0100 +++ /work/SRC/openSUSE:Factory/.redis.new.28504/redis.changes 2021-01-18 11:26:16.900407465 +0100 @@ -1,0 +2,63 @@ +Tue Jan 12 20:05:52 UTC 2021 - Michael Str??der + +- HTTPS download link for source +- redis 6.0.10: + Command behavior changes: + * SWAPDB invalidates WATCHed keys (#8239) + * SORT command behaves differently when used on a writable replica (#8283) + * EXISTS should not alter LRU (#8016) +In Redis 5.0 and 6.0 it would have touched the LRU/LFU of the key. + * OBJECT should not reveal logically expired keys (#8016) +Will now behave the same TYPE or any other non-DEBUG command. + * GEORADIUS[BYMEMBER] can fail with -OOM if Redis is over the memory limit (#8107) + Other behavior changes: + * Sentinel: Fix missing updates to the config file after SENTINEL SET command (#8229) + * CONFIG REWRITE is atomic and safer, but requires write access to the config file's folder (#7824, #8051) +This change was already present in 6.0.9, but was missing from the release notes. + Bug fixes with compatibility implications (bugs introduced in Redis 6.0): + * Fix RDB CRC64 checksum on big-endian systems (#8270) +If you're using big-endian please consider the compatibility implications with +RESTORE, replication and persistence. + * Fix wrong order of key/value in Lua's map response (#8266) +If your scripts use redis.setresp() or return a map (new in Redis 6.0), please +consider the implications. + Bug fixes: + * Fix an issue where a forked process deletes the parent's pidfile (#8231) + * Fix crashes when enabling io-threads-do-reads (#8230) + * Fix a crash in redis-cli after executing cluster backup (#8267) + * Handle output buffer limits for module blocked clients (#8141) +Could result in a module sending reply to a blocked client to go beyond the limit. + * Fix setproctitle related crashes. (#8150, #8088) +Caused various crashes on startup, mainly on Apple M1 chips or under instrumentation. + * Backup/restore cluster mode keys to slots map for repl-diskless-load=swapdb (#8108) +In cluster mode with repl-diskless-load, when loading failed, slot map wouldn't +have been restored. + * Fix oom-score-adj-values range, and bug when used in config file (#8046) +Enabling setting this in the config file in a line after enabling it, would +have been buggy. + * Reset average ttl when empty databases (#8106) +Just causing misleading metric in INFO + * Disable rehash when Redis has child process (#8007) +This could have caused excessive CoW during BGSAVE, replication or AOFRW. + * Further improved ACL algorithm for picking categories (#7966) +Output of ACL GETUSER is now more similar to the one provided by ACL SETUSER. + * Fix bug with module GIL being released prematurely (#8061) +Could in theory (and rarely) cause multi-threaded modules to corrupt memory. + * Reduce effect of client tracking causing feedback loop in key eviction (#8100) + * Fix cluster access to unaligned memory (SIGBUS on old ARM) (#7958) + * Fix saving of strings larger than 2GB into RDB files (#8306) + Additional improvements: + * Avoid wasteful transient memory allocation in certain cases (#8286, #5954) + Platform / toolchain support related improvements: + * Fix crash log registers output on ARM. (#8020) + * Add a check for an ARM64 Linux kernel bug (#8224) +Due to the potential severity of this issue, Redis will print log warning on startup. + * Raspberry build fix. (#8095) + New configuration options: + * oom-score-adj-values config can now take absolute values (besides relative ones) (#8046) + Module related fixes: + * Moved RMAPI_FUNC_SUPPORTED so that it's usable (#8037) + * Improve timer accuracy (#7987) + * Allow '\0' inside of result of RM_CreateStringPrintf (#6260) + +--- Old: redis-6.0.9.tar.gz New: redis-6.0.10.tar.gz Other differences: -- ++ redis.spec ++ --- /var/tmp/diff_new_pack.ya0VvB/_old 2021-01-18 11:26:17.604409050 +0100 +++ /var/tmp/diff_new_pack.ya0VvB/_new 2021-01-18 11:26:17.604409050 +0100 @@ -1,7 +1,7 @@ # # spec file for package redis # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications an
