package/redis: security bump to v7.0.5

From the release notes: (https://github.com/redis/redis/blob/7.0.5/00-RELEASENOTES) ================================================================================ Redis 7.0.5 Released Wed Sep 21 20:00:00 IST 2022 ================================================================================ Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: * (CVE-2022-35951) Executing a XAUTOCLAIM command on a stream key in a specific state, with a specially crafted COUNT argument, may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. The problem affects Redis versions 7.0.0 or newer [reported by Xion (SeungHyun Lee) of KAIST GoN]. Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit af56cfe372) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-09-26 12:17:24 +02:00 · 2022-09-26 12:17:24 +02:00 · e665d20f7a
commit e665d20f7a
parent 0c058e9932
2 changed files with 2 additions and 2 deletions
--- a/package/redis/redis.hash
+++ b/package/redis/redis.hash
@ -1,5 +1,5 @@
 # From https://github.com/redis/redis-hashes/blob/master/README
-sha256  f0e65fda74c44a3dd4fa9d512d4d4d833dd0939c934e946a5c622a630d057f2f  redis-7.0.4.tar.gz
+sha256  67054cc37b58c125df93bd78000261ec0ef4436a26b40f38262c780e56315cc3  redis-7.0.5.tar.gz

 # Locally calculated
 sha256  97f0a15b7bbae580d2609dad2e11f1956ae167be296ab60f4691ab9c30ee9828  COPYING
--- a/package/redis/redis.mk
+++ b/package/redis/redis.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-REDIS_VERSION = 7.0.4
+REDIS_VERSION = 7.0.5
 REDIS_SITE = http://download.redis.io/releases
 REDIS_LICENSE = BSD-3-Clause (core); MIT and BSD family licenses (Bundled components)
 REDIS_LICENSE_FILES = COPYING