From f7f1a2d1e12eb5ec7a41b3e05744eeb782a6b76ea53f805dc1f879d5066595aa Mon Sep 17 00:00:00 2001 From: Marcus Rueckert Date: Fri, 15 Jun 2018 10:21:28 +0000 Subject: [PATCH] - update to 4.0.10 (boo#1097430) CVE-2018-11218 CVE-2018-11219 https://raw.githubusercontent.com/antirez/redis/4.0.10/00-RELEASENOTES - Important security issues related to the Lua scripting engine. Please check https://github.com/antirez/redis/issues/5017 for more information. - A bug with SCAN, SSCAN, HSCAN and ZSCAN, that may not return all the elements. We also add a regression test that can trigger the issue often when present, and may in theory be able to find unrelated regressions. - A PSYNC2 bug is fixed: Redis should not expire keys when saving RDB files because otherwise it is no longer possible to use such RDB file as a base for partial resynchronization. It no longer represents the right state. - Compatibility of AOF with RDB preamble when the RDB checksum is disabled. - Sentinel bug that in some cases prevented Sentinel to detect that the master was down immediately. A delay was added to the detection. - Update redis-enable-bactrace-on-x86-and-ia64-only.patch to handle - Add redis-disable_integration_logging.patch to disable logging test OBS-URL: https://build.opensuse.org/package/show/server:database/redis?expand=0&rev=112 --- redis-4.0.10.tar.gz | 3 +++ redis-4.0.9.tar.gz | 3 --- redis.changes | 26 ++++++++++++++++++++++++-- 3 files changed, 27 insertions(+), 5 deletions(-) create mode 100644 redis-4.0.10.tar.gz delete mode 100644 redis-4.0.9.tar.gz diff --git a/redis-4.0.10.tar.gz b/redis-4.0.10.tar.gz new file mode 100644 index 0000000..4fe1606 --- /dev/null +++ b/redis-4.0.10.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1db67435a704f8d18aec9b9637b373c34aa233d65b6e174bdac4c1b161f38ca4 +size 1738465 diff --git a/redis-4.0.9.tar.gz b/redis-4.0.9.tar.gz deleted file mode 100644 index 2293278..0000000 --- a/redis-4.0.9.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:df4f73bc318e2f9ffb2d169a922dec57ec7c73dd07bccf875695dbeecd5ec510 -size 1737022 diff --git a/redis.changes b/redis.changes index 0c2c513..91675dc 100644 --- a/redis.changes +++ b/redis.changes @@ -1,9 +1,31 @@ +------------------------------------------------------------------- +Fri Jun 15 10:17:06 UTC 2018 - mrueckert@suse.de + +- update to 4.0.10 (boo#1097430) CVE-2018-11218 CVE-2018-11219 + https://raw.githubusercontent.com/antirez/redis/4.0.10/00-RELEASENOTES + - Important security issues related to the Lua scripting engine. + Please check https://github.com/antirez/redis/issues/5017 for + more information. + - A bug with SCAN, SSCAN, HSCAN and ZSCAN, that may not return + all the elements. We also add a regression test that can + trigger the issue often when present, and may in theory be able + to find unrelated regressions. + - A PSYNC2 bug is fixed: Redis should not expire keys when saving + RDB files because otherwise it is no longer possible to use + such RDB file as a base for partial resynchronization. It no + longer represents the right state. + - Compatibility of AOF with RDB preamble when the RDB checksum is + disabled. + - Sentinel bug that in some cases prevented Sentinel to detect + that the master was down immediately. A delay was added to the + detection. + ------------------------------------------------------------------- Tue Apr 17 16:13:17 UTC 2018 - guillaume.gardet@opensuse.org -- Update redis-enable-bactrace-on-x86-and-ia64-only.patch to handle +- Update redis-enable-bactrace-on-x86-and-ia64-only.patch to handle arm and rename it to redis-enable-bactrace-on-x86-ia64-and_arm32_only.patch -- Add redis-disable_integration_logging.patch to disable logging test +- Add redis-disable_integration_logging.patch to disable logging test when backtrace is not enabled -------------------------------------------------------------------