diff --git a/keys.zip b/keys.zip new file mode 100644 index 0000000..a940c4a --- /dev/null +++ b/keys.zip @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:58f83435356f3456ff912a88047d90b1f4600f573b3f9bc10d32ed1acdb39578 +size 9481 diff --git a/python-redis.changes b/python-redis.changes index 18168d2..c6f617d 100644 --- a/python-redis.changes +++ b/python-redis.changes @@ -1,3 +1,31 @@ +------------------------------------------------------------------- +Fri Mar 31 16:57:04 UTC 2023 - Matej Cepl + +- Upgrade to 4.4.4 (also bsc#1209811, CVE-2023-28858 & + bsc#1209812, CVE-2023-28859) to fix possible async command + information disclosure. +- Upgrade to 4.4.3: + Update urgency: HIGH: There is a critical bug that may affect a + subset of users. Upgrade! + - CWE-404 AsyncIO Race Condition Fix +- Upgrade to 4.4.2: + - Add support for BF.CARD + - Add support for custom connection pool class in NodesManager + Allow replica to master promotion in nodes_cache + Security Fix: Updating graph parser for potential injection cases +- Upgrade to 4.4.0: + - Async clusters: Support creating locks inside async functions + - Async: added 'blocking' argument to call lock method + - Added a replacement for the default cluster node in the event + of failure. + - Fixed geosearch: Wrong number of arguments for geosearch + command + - Updating dev dependencies + - Removing deprecated LGTM + - Added an explicit index name in RediSearch example + - Adding connection step to bloom filter examples +- Skip test_acl_list test (gh#redis/redis-py#2679) + ------------------------------------------------------------------- Wed Jan 18 13:09:12 UTC 2023 - Daniel Garcia diff --git a/python-redis.spec b/python-redis.spec index 3eac1f6..e5fb035 100644 --- a/python-redis.spec +++ b/python-redis.spec @@ -18,7 +18,7 @@ %define skip_python2 1 Name: python-redis -Version: 4.3.5 +Version: 4.4.4 Release: 0 Summary: Python client for Redis key-value store License: MIT @@ -26,6 +26,7 @@ Group: Development/Languages/Python URL: https://github.com/redis/redis-py Source0: https://files.pythonhosted.org/packages/source/r/redis/redis-%{version}.tar.gz Source1: https://github.com/redis/redis-py/raw/v%{version}/tox.ini +Source2: keys.zip BuildRequires: %{python_module Deprecated >= 1.2.3} BuildRequires: %{python_module async-timeout >= 4.0.2} BuildRequires: %{python_module base >= 3.6} @@ -42,6 +43,7 @@ BuildRequires: fdupes BuildRequires: psmisc BuildRequires: python-rpm-macros BuildRequires: redis +BuildRequires: unzip Requires: python-Deprecated >= 1.2.3 Requires: python-async-timeout >= 4.0.2 Requires: python-packaging >= 20.4 @@ -62,6 +64,10 @@ The Python interface to the Redis key-value store. # tox.ini for pytest markers cp %{SOURCE1} . +# keys and certificates for testing +mkdir -p docker/stunnel/ && cd docker/stunnel +unzip %{SOURCE2} + %build %python_build @@ -93,7 +99,8 @@ if [ $(getconf LONG_BIT) -ne 64 ]; then donttest=" or test_geopos" fi # gh#redis/redis-py#2554 -donttest=" or test_xautoclaim" +# gh#redis/redis-py#2679 +donttest=" or test_xautoclaim or test_acl_list" %pytest -m 'not (onlycluster or redismod)' -k "not (dummyprefix $donttest)" --ignore tests/test_ssl.py %files %{python_files} diff --git a/redis-4.3.5.tar.gz b/redis-4.3.5.tar.gz deleted file mode 100644 index bd93de8..0000000 --- a/redis-4.3.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:30c07511627a4c5c4d970e060000772f323174f75e745a26938319817ead7a12 -size 4577422 diff --git a/redis-4.4.4.tar.gz b/redis-4.4.4.tar.gz new file mode 100644 index 0000000..4f8cb83 --- /dev/null +++ b/redis-4.4.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:68226f7ede928db8302f29ab088a157f41061fa946b7ae865452b6d7838bbffb +size 4549578 diff --git a/tox.ini b/tox.ini index 2f9b788..07de61e 100644 --- a/tox.ini +++ b/tox.ini @@ -9,15 +9,16 @@ markers = asyncio: marker for async tests replica: replica tests experimental: run only experimental tests +asyncio_mode = auto [tox] minversion = 3.2.0 requires = tox-docker -envlist = {standalone,cluster}-{plain,hiredis,ocsp}-{uvloop,asyncio}-{py36,py37,py38,py39,pypy3},linters,docs +envlist = {standalone,cluster}-{plain,hiredis,ocsp}-{uvloop,asyncio}-{py37,py38,py39,pypy3},linters,docs [docker:master] name = master -image = redisfab/redis-py:6.2.6-buster +image = redisfab/redis-py:6.2.6 ports = 6379:6379/tcp healtcheck_cmd = python -c "import socket;print(True) if 0 == socket.socket(socket.AF_INET, socket.SOCK_STREAM).connect_ex(('127.0.0.1',6379)) else False" @@ -26,7 +27,7 @@ volumes = [docker:replica] name = replica -image = redisfab/redis-py:6.2.6-buster +image = redisfab/redis-py:6.2.6 links = master:master ports = @@ -37,7 +38,7 @@ volumes = [docker:unstable] name = unstable -image = redisfab/redis-py:unstable-bionic +image = redisfab/redis-py:unstable ports = 6378:6378/tcp healtcheck_cmd = python -c "import socket;print(True) if 0 == socket.socket(socket.AF_INET, socket.SOCK_STREAM).connect_ex(('127.0.0.1',6378)) else False" @@ -46,7 +47,7 @@ volumes = [docker:unstable_cluster] name = unstable_cluster -image = redisfab/redis-py-cluster:unstable-bionic +image = redisfab/redis-py-cluster:unstable ports = 6372:6372/tcp 6373:6373/tcp @@ -60,7 +61,7 @@ volumes = [docker:sentinel_1] name = sentinel_1 -image = redisfab/redis-py-sentinel:6.2.6-buster +image = redisfab/redis-py-sentinel:6.2.6 links = master:master ports = @@ -71,7 +72,7 @@ volumes = [docker:sentinel_2] name = sentinel_2 -image = redisfab/redis-py-sentinel:6.2.6-buster +image = redisfab/redis-py-sentinel:6.2.6 links = master:master ports = @@ -82,7 +83,7 @@ volumes = [docker:sentinel_3] name = sentinel_3 -image = redisfab/redis-py-sentinel:6.2.6-buster +image = redisfab/redis-py-sentinel:6.2.6 links = master:master ports = @@ -100,7 +101,7 @@ healtcheck_cmd = python -c "import socket;print(True) if 0 == socket.socket(sock [docker:redis_cluster] name = redis_cluster -image = redisfab/redis-py-cluster:6.2.6-buster +image = redisfab/redis-py-cluster:6.2.6 ports = 16379:16379/tcp 16380:16380/tcp @@ -114,7 +115,7 @@ volumes = [docker:redismod_cluster] name = redismod_cluster -image = redisfab/redis-py-modcluster:6.2.6 +image = redisfab/redis-py-modcluster:edge ports = 46379:46379/tcp 46380:46380/tcp @@ -279,7 +280,6 @@ docker = sentinel_3 redis_cluster redismod - redismod_cluster stunnel extras = hiredis: hiredis @@ -288,10 +288,10 @@ setenv = CLUSTER_URL = "redis://localhost:16379/0" UNSTABLE_CLUSTER_URL = "redis://localhost:6372/0" commands = - standalone: pytest --cov=./ --cov-report=xml:coverage_redis.xml -W always -m 'not onlycluster' {posargs} - standalone-uvloop: pytest --cov=./ --cov-report=xml:coverage_redis.xml -W always -m 'not onlycluster' --uvloop {posargs} - cluster: pytest --cov=./ --cov-report=xml:coverage_cluster.xml -W always -m 'not onlynoncluster and not redismod' --redis-url={env:CLUSTER_URL:} --redis-unstable-url={env:UNSTABLE_CLUSTER_URL:} {posargs} - cluster-uvloop: pytest --cov=./ --cov-report=xml:coverage_cluster.xml -W always -m 'not onlynoncluster and not redismod' --redis-url={env:CLUSTER_URL:} --redis-unstable-url={env:UNSTABLE_CLUSTER_URL:} --uvloop {posargs} + standalone: pytest --cov=./ --cov-report=xml:coverage_redis.xml -W always -m 'not onlycluster' --junit-xml=standalone-results.xml {posargs} + standalone-uvloop: pytest --cov=./ --cov-report=xml:coverage_redis.xml -W always -m 'not onlycluster' --junit-xml=standalone-uvloop-results.xml --uvloop {posargs} + cluster: pytest --cov=./ --cov-report=xml:coverage_cluster.xml -W always -m 'not onlynoncluster and not redismod' --redis-url={env:CLUSTER_URL:} --redis-unstable-url={env:UNSTABLE_CLUSTER_URL:} --junit-xml=cluster-results.xml {posargs} + cluster-uvloop: pytest --cov=./ --cov-report=xml:coverage_cluster.xml -W always -m 'not onlynoncluster and not redismod' --redis-url={env:CLUSTER_URL:} --redis-unstable-url={env:UNSTABLE_CLUSTER_URL:} --junit-xml=cluster-uvloop-results.xml --uvloop {posargs} [testenv:redis5] deps = @@ -343,7 +343,7 @@ deps_files = dev_requirements.txt docker = commands = flake8 - black --target-version py36 --check --diff . + black --target-version py37 --check --diff . isort --check-only --diff . vulture redis whitelist.py --min-confidence 80 flynt --fail-on-change --dry-run .