From f4b1cda06131931d713d33723355f71e4036b73d Mon Sep 17 00:00:00 2001 From: Titouan Christophe Date: Mon, 26 Jul 2021 11:16:35 +0200 Subject: [PATCH] package/redis: security bump to v6.2.5 From the release notes: ================================================================================ Redis 6.2.5 Released Wed Jul 21 16:32:19 IDT 2021 ================================================================================ Upgrade urgency: SECURITY, contains fixes to security issues that affect authenticated client connections on 32-bit versions. MODERATE otherwise. Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761). An integer overflow bug in Redis version 2.2 or newer can be exploited using the BITFIELD command to corrupt the heap and potentially result with remote code execution. See https://github.com/redis/redis/blob/6.2.5/00-RELEASENOTES Signed-off-by: Titouan Christophe Signed-off-by: Thomas Petazzoni --- package/redis/redis.hash | 2 +- package/redis/redis.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/redis/redis.hash b/package/redis/redis.hash index f5e5827dab..3d207fa4c1 100644 --- a/package/redis/redis.hash +++ b/package/redis/redis.hash @@ -1,5 +1,5 @@ # From https://github.com/redis/redis-hashes/blob/master/README -sha256 ba32c406a10fc2c09426e2be2787d74ff204eb3a2e496d87cff76a476b6ae16e redis-6.2.4.tar.gz +sha256 4b9a75709a1b74b3785e20a6c158cab94cf52298aa381eea947a678a60d551ae redis-6.2.5.tar.gz # Locally calculated sha256 97f0a15b7bbae580d2609dad2e11f1956ae167be296ab60f4691ab9c30ee9828 COPYING diff --git a/package/redis/redis.mk b/package/redis/redis.mk index 4e16b346c1..c1d435015d 100644 --- a/package/redis/redis.mk +++ b/package/redis/redis.mk @@ -4,7 +4,7 @@ # ################################################################################ -REDIS_VERSION = 6.2.4 +REDIS_VERSION = 6.2.5 REDIS_SITE = http://download.redis.io/releases REDIS_LICENSE = BSD-3-Clause (core); MIT and BSD family licenses (Bundled components) REDIS_LICENSE_FILES = COPYING