Accepting request 1079989 from home:darix:apps

- redis 7.0.11 - (CVE-2023-28856) Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access - Add a missing fsync of AOF file in rare cases (#11973) - Disconnect pub-sub subscribers when revoking allchannels permission (#11992) - Fix a compiler fortification induced crash when used with link time optimizations (#11982) - Drop get-old-size-calculations.patch: replaced with proper fix - Added get-old-size-calculations.patch: my workaround for https://github.com/redis/redis/issues/11965 OBS-URL: https://build.opensuse.org/request/show/1079989 OBS-URL: https://build.opensuse.org/package/show/server:database/redis?expand=0&rev=221
2023-04-18 07:30:27 +00:00 · 2023-04-18 07:30:27 +00:00 · a988d43d70
commit a988d43d70
parent 659d0e4677
5 changed files with 28 additions and 4 deletions
--- a/redis-7.0.10.tar.gz
+++ b/redis-7.0.10.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1dee4c6487341cae7bd6432ff7590906522215a061fdef87c7d040a0cb600131
-size 2986993
--- a/redis-7.0.11.tar.gz
+++ b/redis-7.0.11.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ce250d1fba042c613de38a15d40889b78f7cb6d5461a27e35017ba39b07221e3
+size 2988485
--- a/redis.changes
+++ b/redis.changes
@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Mon Apr 17 17:14:26 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- redis 7.0.11
+  - (CVE-2023-28856) Authenticated users can use the HINCRBYFLOAT
+    command to create an invalid hash field that will crash Redis
+    on access
+  - Add a missing fsync of AOF file in rare cases (#11973)
+  - Disconnect pub-sub subscribers when revoking allchannels
+    permission (#11992)
+  - Fix a compiler fortification induced crash when used with link
+    time optimizations (#11982)
+- Drop get-old-size-calculations.patch:
+  replaced with proper fix
+
+-------------------------------------------------------------------
+Fri Mar 24 19:18:24 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Added get-old-size-calculations.patch:
+  my workaround for https://github.com/redis/redis/issues/11965
+
 -------------------------------------------------------------------
 Mon Mar 20 21:22:02 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>

--- a/redis.hashes
+++ b/redis.hashes
@ -154,3 +154,6 @@ hash redis-6.0.18.tar.gz sha256 d7b4f2a97fcab96727284092b0a4aa854af47d570803fa0e
 hash redis-6.2.11.tar.gz sha256 8c75fb9cdd01849e92c23f30cb7fe205ea0032a38d11d46af191014e9acc3098 http://download.redis.io/releases/redis-6.2.11.tar.gz
 hash redis-7.0.9.tar.gz sha256 f77135c2a47c9151d4028bfea3b34470ab4d324d1484f79a84c6f32a3cfb9f65 http://download.redis.io/releases/redis-7.0.9.tar.gz
 hash redis-7.0.10.tar.gz sha256 1dee4c6487341cae7bd6432ff7590906522215a061fdef87c7d040a0cb600131 http://download.redis.io/releases/redis-7.0.10.tar.gz
+hash redis-7.0.11.tar.gz sha256 ce250d1fba042c613de38a15d40889b78f7cb6d5461a27e35017ba39b07221e3 http://download.redis.io/releases/redis-7.0.11.tar.gz
+hash redis-6.2.12.tar.gz sha256 75352eef41e97e84bfa94292cbac79e5add5345fc79787df5cbdff703353fb1b http://download.redis.io/releases/redis-6.2.12.tar.gz
+hash redis-6.0.19.tar.gz sha256 55e26318c3d9c53a77a6e802f60524afdddd057a2e965cebcf781a0a72f0e3e6 http://download.redis.io/releases/redis-6.0.19.tar.gz
--- a/redis.spec
+++ b/redis.spec
@ -20,7 +20,7 @@
 %define _log_dir        %{_localstatedir}/log/%{name}
 %define _conf_dir       %{_sysconfdir}/%{name}
 Name:           redis
-Version:        7.0.10
+Version:        7.0.11
 Release:        0
 Summary:        Persistent key-value database
 License:        BSD-3-Clause