diff --git a/CVE-2013-7458.patch b/CVE-2013-7458.patch deleted file mode 100644 index bd98d18..0000000 --- a/CVE-2013-7458.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 71536684a788dc859e42132a2c5a2b7373414375 Mon Sep 17 00:00:00 2001 -From: antirez -Date: Fri, 29 Jul 2016 11:28:16 +0200 -Subject: [PATCH] Update linenoise to fix insecure redis-cli history file - creation. - -The problem was fixed in antirez/linenoise repository applying a patch -contributed by @lamby. Here the new version is updated in the Redis -source tree. - -Close #1418 -Close #3322 ---- - deps/linenoise/linenoise.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/deps/linenoise/linenoise.c b/deps/linenoise/linenoise.c -index a807d9b..fce14a7 100644 ---- a/deps/linenoise/linenoise.c -+++ b/deps/linenoise/linenoise.c -@@ -111,6 +111,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -1160,10 +1161,14 @@ int linenoiseHistorySetMaxLen(int len) { - /* Save the history in the specified file. On success 0 is returned - * otherwise -1 is returned. */ - int linenoiseHistorySave(const char *filename) { -- FILE *fp = fopen(filename,"w"); -+ mode_t old_umask = umask(S_IXUSR|S_IRWXG|S_IRWXO); -+ FILE *fp; - int j; - -+ fp = fopen(filename,"w"); -+ umask(old_umask); - if (fp == NULL) return -1; -+ chmod(filename,S_IRUSR|S_IWUSR); - for (j = 0; j < history_len; j++) - fprintf(fp,"%s\n",history[j]); - fclose(fp); --- -2.6.6 - diff --git a/redis-3.2.2.tar.gz b/redis-3.2.2.tar.gz deleted file mode 100644 index c34c7c8..0000000 --- a/redis-3.2.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:05cf63502b2248b5d39588962100bfa4fcb47dabd56931a8cb60b301b1d8daea -size 1541030 diff --git a/redis-3.2.3.tar.gz b/redis-3.2.3.tar.gz new file mode 100644 index 0000000..408308f --- /dev/null +++ b/redis-3.2.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:674e9c38472e96491b7d4f7b42c38b71b5acbca945856e209cb428fbc6135f15 +size 1541401 diff --git a/redis.changes b/redis.changes index 4635ac7..de0919b 100644 --- a/redis.changes +++ b/redis.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Fri Aug 5 18:17:24 UTC 2016 - astieger@suse.com + +- redis 3.2.3: + * fix replication delay issue + * drop CVE-2013-7458.patch, upstream + ------------------------------------------------------------------- Sat Jul 30 12:30:02 UTC 2016 - jengelh@inai.de diff --git a/redis.spec b/redis.spec index 7897870..7950b9c 100644 --- a/redis.spec +++ b/redis.spec @@ -25,7 +25,7 @@ %bcond_with systemd %endif Name: redis -Version: 3.2.2 +Version: 3.2.3 Release: 0 Summary: Persistent key-value database License: BSD-3-Clause @@ -42,7 +42,6 @@ Patch0: %{name}-initscript.patch # PATCH-MISSING-TAG -- See http://wiki.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch1: %{name}-conf.patch Patch2: redis-enable-bactrace-on-x86-and-ia64-only.patch -Patch3: CVE-2013-7458.patch BuildRequires: pkgconfig BuildRequires: procps BuildRequires: tcl @@ -71,7 +70,6 @@ different kind of sorting abilities. %patch0 %patch1 %patch2 -%patch3 -p1 %build make %{?_smp_mflags} CFLAGS="%{optflags}" V=1