Update to redis-6.2.7
This fixes: (CVE-2022-24736) An attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. This issue affects all versions of Redis. (CVE-2022-24735) By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. ok tb
This commit is contained in:
parent
c222d07a44
commit
65888ed61c
@ -1,6 +1,6 @@
|
||||
COMMENT = persistent key-value database
|
||||
|
||||
DISTNAME = redis-6.2.6
|
||||
DISTNAME = redis-6.2.7
|
||||
CATEGORIES = databases
|
||||
HOMEPAGE = https://redis.io/
|
||||
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (redis-6.2.6.tar.gz) = WyuLelARHvOVvxwdW+EebhZ6wBgSUFXaqLXCMXrhMas=
|
||||
SIZE (redis-6.2.6.tar.gz) = 2476542
|
||||
SHA256 (redis-6.2.7.tar.gz) = t6ecw7RtPG61L6N93jSkpggkB569+zq/u/oDWUfFUxk=
|
||||
SIZE (redis-6.2.7.tar.gz) = 2487287
|
||||
|
@ -18,7 +18,7 @@ Index: redis.conf
|
||||
|
||||
# Close the connection after a client is idle for N seconds (0 to disable)
|
||||
timeout 0
|
||||
@@ -182,6 +182,7 @@ tcp-keepalive 300
|
||||
@@ -184,6 +184,7 @@ tcp-keepalive 300
|
||||
# of these, and will not implicitly use the system wide configuration.
|
||||
#
|
||||
# tls-ca-cert-file ca.crt
|
||||
@ -26,7 +26,7 @@ Index: redis.conf
|
||||
# tls-ca-cert-dir /etc/ssl/certs
|
||||
|
||||
# By default, clients (including replica servers) on a TLS port are required
|
||||
@@ -215,14 +216,14 @@ tcp-keepalive 300
|
||||
@@ -217,14 +218,14 @@ tcp-keepalive 300
|
||||
#
|
||||
# tls-protocols "TLSv1.2 TLSv1.3"
|
||||
|
||||
@ -43,7 +43,7 @@ Index: redis.conf
|
||||
# information about the syntax of this string, and specifically for TLSv1.3
|
||||
# ciphersuites.
|
||||
#
|
||||
@@ -252,9 +253,9 @@ tcp-keepalive 300
|
||||
@@ -254,9 +255,9 @@ tcp-keepalive 300
|
||||
################################# GENERAL #####################################
|
||||
|
||||
# By default Redis does not run as a daemon. Use 'yes' if you need it.
|
||||
@ -55,7 +55,7 @@ Index: redis.conf
|
||||
|
||||
# If you run Redis from upstart or systemd, Redis can interact with your
|
||||
# supervision tree. Options:
|
||||
@@ -279,14 +280,14 @@ daemonize no
|
||||
@@ -281,14 +282,14 @@ daemonize no
|
||||
#
|
||||
# When the server runs non daemonized, no pid file is created if none is
|
||||
# specified in the configuration. When the server is daemonized, the pid file
|
||||
@ -72,7 +72,7 @@ Index: redis.conf
|
||||
|
||||
# Specify the server verbosity level.
|
||||
# This can be one of:
|
||||
@@ -299,17 +300,18 @@ loglevel notice
|
||||
@@ -301,17 +302,18 @@ loglevel notice
|
||||
# Specify the log file name. Also the empty string can be used to force
|
||||
# Redis to log on the standard output. Note that if you use standard
|
||||
# output for logging but daemonize, logs will be sent to /dev/null
|
||||
@ -96,7 +96,7 @@ Index: redis.conf
|
||||
|
||||
# To disable the built in crash log, which will possibly produce cleaner core
|
||||
# dumps when they are needed, uncomment the following:
|
||||
@@ -451,7 +453,7 @@ rdb-del-sync-files no
|
||||
@@ -453,7 +455,7 @@ rdb-del-sync-files no
|
||||
# The Append Only File will also be created inside this directory.
|
||||
#
|
||||
# Note that you must specify a directory here, not a file name.
|
||||
@ -105,7 +105,7 @@ Index: redis.conf
|
||||
|
||||
################################# REPLICATION #################################
|
||||
|
||||
@@ -963,6 +965,7 @@ acllog-max-len 128
|
||||
@@ -965,6 +967,7 @@ acllog-max-len 128
|
||||
# limit accordingly in case of very large clusters.
|
||||
#
|
||||
# maxclients 10000
|
||||
|
@ -5,7 +5,7 @@ Changes in this file:
|
||||
Index: src/Makefile
|
||||
--- src/Makefile.orig
|
||||
+++ src/Makefile
|
||||
@@ -64,7 +64,7 @@ ifneq (,$(filter aarch64 armv,$(uname_M)))
|
||||
@@ -66,7 +66,7 @@ ifneq (,$(filter aarch64 armv,$(uname_M)))
|
||||
CFLAGS+=-funwind-tables
|
||||
else
|
||||
ifneq (,$(findstring armv,$(uname_M)))
|
||||
@ -14,7 +14,7 @@ Index: src/Makefile
|
||||
endif
|
||||
endif
|
||||
|
||||
@@ -95,7 +95,7 @@ DEBUG=-g -ggdb
|
||||
@@ -97,7 +97,7 @@ DEBUG=-g -ggdb
|
||||
|
||||
# Linux ARM32 needs -latomic at linking time
|
||||
ifneq (,$(findstring armv,$(uname_M)))
|
||||
@ -23,7 +23,7 @@ Index: src/Makefile
|
||||
endif
|
||||
|
||||
ifeq ($(uname_S),SunOS)
|
||||
@@ -388,7 +388,7 @@ distclean: clean
|
||||
@@ -390,7 +390,7 @@ distclean: clean
|
||||
.PHONY: distclean
|
||||
|
||||
test: $(REDIS_SERVER_NAME) $(REDIS_CHECK_AOF_NAME) $(REDIS_CLI_NAME) $(REDIS_BENCHMARK_NAME)
|
||||
@ -32,7 +32,7 @@ Index: src/Makefile
|
||||
|
||||
test-modules: $(REDIS_SERVER_NAME)
|
||||
@(cd ..; ./runtest-moduleapi)
|
||||
@@ -431,7 +431,7 @@ src/help.h:
|
||||
@@ -433,7 +433,7 @@ src/help.h:
|
||||
@../utils/generate-command-help.rb > help.h
|
||||
|
||||
install: all
|
||||
|
@ -1,7 +1,7 @@
|
||||
Index: src/server.h
|
||||
--- src/server.h.orig
|
||||
+++ src/server.h
|
||||
@@ -107,7 +107,7 @@ typedef long long ustime_t; /* microsecond time type.
|
||||
@@ -108,7 +108,7 @@ typedef long long ustime_t; /* microsecond time type.
|
||||
#define RDB_EOF_MARK_SIZE 40
|
||||
#define CONFIG_REPL_BACKLOG_MIN_SIZE (1024*16) /* 16k */
|
||||
#define CONFIG_BGSAVE_RETRY_DELAY 5 /* Wait a few secs before trying again. */
|
||||
|
Loading…
Reference in New Issue
Block a user