diff --git a/python-redis.changes b/python-redis.changes index 18168d2..160c056 100644 --- a/python-redis.changes +++ b/python-redis.changes @@ -1,3 +1,45 @@ +------------------------------------------------------------------- +Tue Apr 18 03:12:39 UTC 2023 - Steve Kowalik + +- Update to 4.5.4: + * Security + + Cancelling an async future does not, properly trigger, leading to a + potential data leak in specific cases. (CVE-2023-28858, bsc#1209811) + + Cancelling an async future does not, properly trigger, leading to a + potential data leak in specific cases. (CVE-2023-28859, bsc#1209812) + * New Features + + Introduce AbstractConnection so that UnixDomainSocketConnection can + call super().init (#2588) + + Added queue_class to REDIS_ALLOWED_KEYS (#2577) + + Made search document subscriptable (#2615) + + Sped up the protocol parsing (#2596) + + Use hiredis::pack_command to serialized the commands. (#2570) + + Add support for unlink in cluster pipeline (#2562) + * Bug Fixes + + Fixing cancelled async futures (#2666) + + Fix: do not use asyncio's timeout lib before 3.11.2 (#2659) + + Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor + argument (#2630) + + CWE-404 AsyncIO Race Condition Fix (#2624, #2579) + + Fix behaviour of async PythonParser to match RedisParser as for + issue #2349 (#2582) + + Replace async_timeout by asyncio.timeout (#2602) + + Update json().arrindex() default values (#2611) + + Fix #2581 UnixDomainSocketConnection object has no attribute + _command_packer (#2583) + + Fix issue with pack_commands returning an empty byte sequence (#2416) + + Async HiredisParser should finish parsing after a + Connection.disconnect() (#2557) + + Check for none, prior to raising exception (#2569) + + Tuple function cannot be passed more than one argument (#2573) + + Synchronise concurrent command calls to single-client to single-client + mode (#2568) + + Async: added 'blocking' argument to call lock method (#2454) + + Added a replacement for the default cluster node in the event of + failure. (#2463) + + Fixed geosearch: Wrong number of arguments for geosearch command (#2464) +- Clean up BuildRequires and Requires. + ------------------------------------------------------------------- Wed Jan 18 13:09:12 UTC 2023 - Daniel Garcia diff --git a/python-redis.spec b/python-redis.spec index 3eac1f6..d239df9 100644 --- a/python-redis.spec +++ b/python-redis.spec @@ -16,40 +16,27 @@ # -%define skip_python2 1 Name: python-redis -Version: 4.3.5 +Version: 4.5.4 Release: 0 Summary: Python client for Redis key-value store License: MIT -Group: Development/Languages/Python URL: https://github.com/redis/redis-py Source0: https://files.pythonhosted.org/packages/source/r/redis/redis-%{version}.tar.gz Source1: https://github.com/redis/redis-py/raw/v%{version}/tox.ini -BuildRequires: %{python_module Deprecated >= 1.2.3} BuildRequires: %{python_module async-timeout >= 4.0.2} -BuildRequires: %{python_module base >= 3.6} -BuildRequires: %{python_module importlib-metadata >= 1.0 if %python-base < 3.8} -# requires mock.AsyncMock -BuildRequires: %{python_module mock if %python-base < 3.8} -BuildRequires: %{python_module packaging >= 20.4} +BuildRequires: %{python_module base >= 3.7} +BuildRequires: %{python_module packaging} BuildRequires: %{python_module pytest-asyncio} BuildRequires: %{python_module pytest-timeout} BuildRequires: %{python_module pytest} BuildRequires: %{python_module setuptools} -BuildRequires: %{python_module typing-extensions if %python-base < 3.8} BuildRequires: fdupes BuildRequires: psmisc BuildRequires: python-rpm-macros BuildRequires: redis -Requires: python-Deprecated >= 1.2.3 Requires: python-async-timeout >= 4.0.2 -Requires: python-packaging >= 20.4 Requires: redis -%if 0%{?python_version_nodots} < 38 -Requires: python-importlib-metadata >= 1.0 -Requires: python-typing-extensions -%endif Recommends: python-hiredis >= 1.0.0 BuildArch: noarch %python_subpackages @@ -92,9 +79,9 @@ if [ $(getconf LONG_BIT) -ne 64 ]; then # reference precision issues on 32-bit donttest=" or test_geopos" fi -# gh#redis/redis-py#2554 -donttest=" or test_xautoclaim" -%pytest -m 'not (onlycluster or redismod)' -k "not (dummyprefix $donttest)" --ignore tests/test_ssl.py +# gh#redis/redis-py#2554 and gh#redis/redis-py#2679 +donttest=" or test_xautoclaim or test_acl_list" +%pytest -m 'not (onlycluster or redismod)' -k "not (dummyprefix $donttest)" --ignore tests/test_ssl.py --ignore tests/test_asyncio/test_cluster.py --redis-url=redis://localhost:6379/ %files %{python_files} %license LICENSE diff --git a/redis-4.3.5.tar.gz b/redis-4.3.5.tar.gz deleted file mode 100644 index bd93de8..0000000 --- a/redis-4.3.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:30c07511627a4c5c4d970e060000772f323174f75e745a26938319817ead7a12 -size 4577422 diff --git a/redis-4.5.4.tar.gz b/redis-4.5.4.tar.gz new file mode 100644 index 0000000..a52549d --- /dev/null +++ b/redis-4.5.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:73ec35da4da267d6847e47f68730fdd5f62e2ca69e3ef5885c6a78a9374c3893 +size 4552103 diff --git a/tox.ini b/tox.ini index 2f9b788..420b081 100644 --- a/tox.ini +++ b/tox.ini @@ -9,15 +9,16 @@ markers = asyncio: marker for async tests replica: replica tests experimental: run only experimental tests +asyncio_mode = auto [tox] minversion = 3.2.0 requires = tox-docker -envlist = {standalone,cluster}-{plain,hiredis,ocsp}-{uvloop,asyncio}-{py36,py37,py38,py39,pypy3},linters,docs +envlist = {standalone,cluster}-{plain,hiredis,ocsp}-{uvloop,asyncio}-{py37,py38,py39,pypy3},linters,docs [docker:master] name = master -image = redisfab/redis-py:6.2.6-buster +image = redisfab/redis-py:6.2.6 ports = 6379:6379/tcp healtcheck_cmd = python -c "import socket;print(True) if 0 == socket.socket(socket.AF_INET, socket.SOCK_STREAM).connect_ex(('127.0.0.1',6379)) else False" @@ -26,7 +27,7 @@ volumes = [docker:replica] name = replica -image = redisfab/redis-py:6.2.6-buster +image = redisfab/redis-py:6.2.6 links = master:master ports = @@ -37,7 +38,7 @@ volumes = [docker:unstable] name = unstable -image = redisfab/redis-py:unstable-bionic +image = redisfab/redis-py:unstable ports = 6378:6378/tcp healtcheck_cmd = python -c "import socket;print(True) if 0 == socket.socket(socket.AF_INET, socket.SOCK_STREAM).connect_ex(('127.0.0.1',6378)) else False" @@ -46,7 +47,7 @@ volumes = [docker:unstable_cluster] name = unstable_cluster -image = redisfab/redis-py-cluster:unstable-bionic +image = redisfab/redis-py-cluster:unstable ports = 6372:6372/tcp 6373:6373/tcp @@ -60,7 +61,7 @@ volumes = [docker:sentinel_1] name = sentinel_1 -image = redisfab/redis-py-sentinel:6.2.6-buster +image = redisfab/redis-py-sentinel:6.2.6 links = master:master ports = @@ -71,7 +72,7 @@ volumes = [docker:sentinel_2] name = sentinel_2 -image = redisfab/redis-py-sentinel:6.2.6-buster +image = redisfab/redis-py-sentinel:6.2.6 links = master:master ports = @@ -82,7 +83,7 @@ volumes = [docker:sentinel_3] name = sentinel_3 -image = redisfab/redis-py-sentinel:6.2.6-buster +image = redisfab/redis-py-sentinel:6.2.6 links = master:master ports = @@ -91,16 +92,16 @@ healtcheck_cmd = python -c "import socket;print(True) if 0 == socket.socket(sock volumes = bind:rw:{toxinidir}/docker/redis6.2/sentinel/sentinel_3.conf:/sentinel.conf -[docker:redismod] -name = redismod -image = redislabs/redismod:edge +[docker:redis_stack] +name = redis_stack +image = redis/redis-stack-server:edge ports = 36379:6379/tcp healtcheck_cmd = python -c "import socket;print(True) if 0 == socket.socket(socket.AF_INET, socket.SOCK_STREAM).connect_ex(('127.0.0.1',36379)) else False" [docker:redis_cluster] name = redis_cluster -image = redisfab/redis-py-cluster:6.2.6-buster +image = redisfab/redis-py-cluster:6.2.6 ports = 16379:16379/tcp 16380:16380/tcp @@ -114,7 +115,7 @@ volumes = [docker:redismod_cluster] name = redismod_cluster -image = redisfab/redis-py-modcluster:6.2.6 +image = redisfab/redis-py-modcluster:edge ports = 46379:46379/tcp 46380:46380/tcp @@ -278,8 +279,7 @@ docker = sentinel_2 sentinel_3 redis_cluster - redismod - redismod_cluster + redis_stack stunnel extras = hiredis: hiredis @@ -288,10 +288,10 @@ setenv = CLUSTER_URL = "redis://localhost:16379/0" UNSTABLE_CLUSTER_URL = "redis://localhost:6372/0" commands = - standalone: pytest --cov=./ --cov-report=xml:coverage_redis.xml -W always -m 'not onlycluster' {posargs} - standalone-uvloop: pytest --cov=./ --cov-report=xml:coverage_redis.xml -W always -m 'not onlycluster' --uvloop {posargs} - cluster: pytest --cov=./ --cov-report=xml:coverage_cluster.xml -W always -m 'not onlynoncluster and not redismod' --redis-url={env:CLUSTER_URL:} --redis-unstable-url={env:UNSTABLE_CLUSTER_URL:} {posargs} - cluster-uvloop: pytest --cov=./ --cov-report=xml:coverage_cluster.xml -W always -m 'not onlynoncluster and not redismod' --redis-url={env:CLUSTER_URL:} --redis-unstable-url={env:UNSTABLE_CLUSTER_URL:} --uvloop {posargs} + standalone: pytest --cov=./ --cov-report=xml:coverage_redis.xml -W always -m 'not onlycluster' --junit-xml=standalone-results.xml {posargs} + standalone-uvloop: pytest --cov=./ --cov-report=xml:coverage_redis.xml -W always -m 'not onlycluster' --junit-xml=standalone-uvloop-results.xml --uvloop {posargs} + cluster: pytest --cov=./ --cov-report=xml:coverage_cluster.xml -W always -m 'not onlynoncluster and not redismod' --redis-url={env:CLUSTER_URL:} --redis-unstable-url={env:UNSTABLE_CLUSTER_URL:} --junit-xml=cluster-results.xml {posargs} + cluster-uvloop: pytest --cov=./ --cov-report=xml:coverage_cluster.xml -W always -m 'not onlynoncluster and not redismod' --redis-url={env:CLUSTER_URL:} --redis-unstable-url={env:UNSTABLE_CLUSTER_URL:} --junit-xml=cluster-uvloop-results.xml --uvloop {posargs} [testenv:redis5] deps = @@ -343,7 +343,7 @@ deps_files = dev_requirements.txt docker = commands = flake8 - black --target-version py36 --check --diff . + black --target-version py37 --check --diff . isort --check-only --diff . vulture redis whitelist.py --min-confidence 80 flynt --fail-on-change --dry-run .