package/redis: security bump to v6.2.5

From the release notes: ================================================================================ Redis 6.2.5 Released Wed Jul 21 16:32:19 IDT 2021 ================================================================================ Upgrade urgency: SECURITY, contains fixes to security issues that affect authenticated client connections on 32-bit versions. MODERATE otherwise. Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761). An integer overflow bug in Redis version 2.2 or newer can be exploited using the BITFIELD command to corrupt the heap and potentially result with remote code execution. See https://github.com/redis/redis/blob/6.2.5/00-RELEASENOTES Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit f4b1cda061) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-07-26 11:16:35 +02:00 · 2021-07-26 11:16:35 +02:00 · f5b86cf2ce
commit f5b86cf2ce
parent 86158609b1
2 changed files with 2 additions and 2 deletions
--- a/package/redis/redis.hash
+++ b/package/redis/redis.hash
@ -1,5 +1,5 @@
 # From https://github.com/redis/redis-hashes/blob/master/README
-sha256  ba32c406a10fc2c09426e2be2787d74ff204eb3a2e496d87cff76a476b6ae16e  redis-6.2.4.tar.gz
+sha256  4b9a75709a1b74b3785e20a6c158cab94cf52298aa381eea947a678a60d551ae  redis-6.2.5.tar.gz

 # Locally calculated
 sha256  97f0a15b7bbae580d2609dad2e11f1956ae167be296ab60f4691ab9c30ee9828  COPYING
--- a/package/redis/redis.mk
+++ b/package/redis/redis.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-REDIS_VERSION = 6.2.4
+REDIS_VERSION = 6.2.5
 REDIS_SITE = http://download.redis.io/releases
 REDIS_LICENSE = BSD-3-Clause (core); MIT and BSD family licenses (Bundled components)
 REDIS_LICENSE_FILES = COPYING