diff options
author | Tony Tascioglu <tony.tascioglu@windriver.com> | 2021-06-30 14:58:12 -0700 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2021-06-30 15:18:37 -0700 |
commit | 40ed8d14ab56dff545b4bbc05663501457269395 (patch) | |
tree | c2c5b59e1062a80685afea453de57d5b56515fd1 | |
parent | c1c9327af17c143498c5808576c672bf8133cf53 (diff) | |
download | meta-openembedded-contrib-40ed8d14ab56dff545b4bbc05663501457269395.tar.gz |
redis: upgrade to 6.2.4
Upstream changelog:
Upgrade urgency: SECURITY, Contains fixes to security issues that affect
authenticated client connections. MODERATE otherwise.
Fix integer overflow in STRALGO LCS (CVE-2021-32625)
An integer overflow bug in Redis version 6.0 or newer can be exploited using the
STRALGO LCS command to corrupt the heap and potentially result with remote code
execution. This is a result of an incomplete fix by CVE-2021-29477.
Bug fixes that are only applicable to previous releases of Redis 6.2:
Fix crash after a diskless replication fork child is terminated (#8991)
Fix redis-benchmark crash on unsupported configs (#8916)
Other bug fixes:
Fix crash in UNLINK on a stream key with deleted consumer groups (#8932)
SINTERSTORE: Add missing keyspace del event when none of the sources exist (#8949)
Sentinel: Fix CONFIG SET of empty string sentinel-user/sentinel-pass configs (#8958)
Enforce client output buffer soft limit when no traffic (#8833)
Improvements:
Hide AUTH passwords in MIGRATE command from slowlog (#8859)
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
-rw-r--r-- | meta-oe/recipes-extended/redis/redis_6.2.4.bb (renamed from meta-oe/recipes-extended/redis/redis_6.2.3.bb) | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-oe/recipes-extended/redis/redis_6.2.3.bb b/meta-oe/recipes-extended/redis/redis_6.2.4.bb index 67ac974de6..35f34a27de 100644 --- a/meta-oe/recipes-extended/redis/redis_6.2.3.bb +++ b/meta-oe/recipes-extended/redis/redis_6.2.4.bb @@ -17,7 +17,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "98ed7d532b5e9671f5df0825bb71f0f37483a16546364049384c63db8764512b" +SRC_URI[sha256sum] = "ba32c406a10fc2c09426e2be2787d74ff204eb3a2e496d87cff76a476b6ae16e" inherit autotools-brokensep update-rc.d systemd useradd |