- Update to version 7.0.5 (boo#1203638)
+ Security Fixes:
* (CVE-2022-35951) Executing a XAUTOCLAIM command on a stream key in a specific
state, with a specially crafted COUNT argument, may cause an integer overflow,
a subsequent heap overflow, and potentially lead to remote code execution.
The problem affects Redis versions 7.0.0 or newer
[reported by Xion (SeungHyun Lee) of KAIST GoN].
+ Module API changes
* Fix RM_Call execution of scripts when used with M/W/S flags to properly
handle script flags (#11159)
* Fix RM_SetAbsExpire and RM_GetAbsExpire API registration (#11025, #8564)
+ Bug Fixes
* Fix a hang when eviction is combined with lazy-free and maxmemory-eviction-tenacity is set to 100 (#11237)
* Fix a crash when a replica may attempt to set itself as its master as a result of a manual failover (#11263)
* Fix a bug where a cluster-enabled replica node may permanently set its master's hostname to '?' (#10696)
* Fix a crash when a Lua script returns a meta-table (#11032)
+ Fixes for issues in previous releases of Redis 7.0
* Fix redis-cli to do DNS lookup before sending CLUSTER MEET (#11151)
* Fix crash when a key is lazy expired during cluster key migration (#11176)
* Fix AOF rewrite to fsync the old AOF file when a new one is created (#11004)
* Fix some crashes involving a list containing entries larger than 1GB (#11242)
* Correctly handle scripts with a non-read-only shebang on a cluster replica (#11223)
* Fix memory leak when unloading a module (#11147)
* Fix bug with scripts ignoring client tracking NOLOOP (#11052)
* Fix client-side tracking breaking protocol when FLUSHDB / FLUSHALL / SWAPDB is used inside MULTI-EXEC (#11038)
* Fix ACL: BITFIELD with GET and also SET / INCRBY can be executed with read-only key permission (#11086)
* Fix missing sections for INFO ALL when also requesting a module info section (#11291)
OBS-URL: https://build.opensuse.org/request/show/1005288
OBS-URL: https://build.opensuse.org/package/show/server:database/redis?expand=0&rev=205
- add BR pkgconfig(libsystemd) for the rewritten systemd support
and force building with it
- Update to 6.0.1
* https://raw.githubusercontent.com/antirez/redis/6.0.1/00-RELEASENOTES
* XCLAIM AOF/replicas propagation fixed.
* Client side caching: new NOLOOP option to avoid getting
notified about changes performed by ourselves.
* ACL GENPASS now uses HMAC-SHA256 and have an optional
"bits" argument. It means you can use it as a general purpose
"secure random strings" primitive!
* Cluster "SLOTS" subcommand memory optimization.
* The LCS command is now a subcommand of STRALGO.
* Meaningful offset for replicas as well. More successful
partial resynchronizations.
* Optimize memory usage of deferred replies.
* Faster CRC64 algorithm for faster RDB loading.
* XINFO STREAM FULL, a new subcommand to get the whole stream
state.
* CLIENT KILL USER <username>.
* MIGRATE AUTH2 option, for ACL style authentication support.
* Other random bugfixes.
OBS-URL: https://build.opensuse.org/request/show/800054
OBS-URL: https://build.opensuse.org/package/show/server:database/redis?expand=0&rev=143
