Commit Graph

19 Commits

Author SHA1 Message Date
Titouan Christophe
dfcb5fc9c9 package/redis: bump to version 5.0.7
Changes announced upstream:

Upgrade urgency HIGH: many issues fixed, some may have an impact.
Redis 5.0.7 fixes a number of bugs, none is very critical, however
there are a few that may have an impact. It's a good idea to upgrade.
There are fixes in the area of replication from modules commands and
callbacks, AOF fsync (non critical issue), memory leaks (very rare and small),
streams beahvior (non critical), and a potential crash in commands
processing multiple keys at the same time that is there for years, and happens
very rarely, but is not impossible to trigger.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-11-23 21:35:42 +01:00
Titouan Christophe
43683d2d9b package/redis: bump to 5.0.6
The release notes at
https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES
say:

==
Upgrade urgency CRITICAL: Only in case of exposed instances to untrusted users.

This Redis release, 5.0.6, is a bugfix and enhancement release. The most
important bugfix is a corruption related to the HyperLogLog. A malformed
HyperLogLog string could cause an invalid access to the memory. At a first
glance the vulnerability appears to be not exploitable but just a DoS. The
way to trigger the issue is complex, we'll not provide any information about
how to do that for the users safety.
==

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-11-18 21:20:28 +01:00
Peter Korsgaard
6cc7f3de53 package/redis: bump version to 5.0.5
>From the release notes:
https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES

================================================================================
Redis 5.0.5     Released Wed May 15 17:57:41 CEST 2019
================================================================================

Upgrade urgency CRITICAL: This release fixes an important AOF fysnc bug
                          and other less critical issues.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-07-14 13:37:46 +02:00
Titouan Christophe
6ee03e29cf package/redis: bump to 5.0.4
* Redis 5 now supports reproducible builds via SOURCE_DATE_EPOCH
* Add myself to DEVELOPERS for Redis

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-09 10:46:57 +02:00
Peter Korsgaard
d929284337 redis: bump to version 4.0.11
>From the release notes
(https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES):

Upgrade urgency HIGH: not critical but very important bugs fixed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-23 16:30:58 +02:00
Titouan Christophe
f3b058ddb1 package/redis: Bump to version 4.0.10
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-23 00:22:03 +02:00
Peter Korsgaard
3bf2745a0f redis: security bump to version 3.2.12
>From the release notes:

================================================================================
Redis 3.2.12     Released Wed Jun 13 12:43:01 CEST 2018
================================================================================

Upgrade urgency CRITICAL:

* Multilple security issues fixed.
* Backport of an older AOF fsync=always fix. Check 4.x release notes.
* Backport of a *SCAN bug. Sometimes elements could be missing from the scan.
* Other minor things.

https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES

For more details about the lua related security issues, see the blog:

http://antirez.com/news/119

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-06-15 14:05:42 +02:00
Peter Korsgaard
751cd4cfab redis: bump to version 3.2.11
3.2.11 fixes important issues. From the release notes:

================================================================================
Redis 3.2.11     Released Thu Sep 21 15:47:53 CEST 2017
================================================================================

Upgrade urgency HIGH: Potentially critical bugs fixed.

AOF flush on SHUTDOWN did not cared to really write the AOF buffers
(not in the kernel but in the Redis process memory) to disk before exiting.
Calling SHUTDOWN during traffic resulted into not every operation to be
persisted on disk.

Also add a hash for the license file while we're at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-27 13:48:57 +02:00
Vicente Olivert Riera
34761b2c40 redis: bump version to 3.2.9
Remove sha1 hash. Upstream provides now a sha256 hash.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-19 15:27:54 +02:00
Gustavo Zacarias
f4cb8f2d4a redis: bump to version 3.2.8
It fixes a regression in the 3.2.7 security release that can cause server
deadlocks.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-02-15 21:26:04 +01:00
Vicente Olivert Riera
bbc042b91e redis: security bump to version 3.2.7
Release notes:
  https://www.reddit.com/r/redis/comments/5r8wxn/redis_327_is_out_important_security_fixes_inside/

From the notes:
Upgrade urgency HIGH.

This release fixes important security and correctness issues.  It is
especially important to upgrade for Redis Cluster users and for users
running Redis in their laptop since a cross-scripting attack is fixed in
this release.

[Peter: extend description]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-01 12:34:58 +01:00
Gustavo Zacarias
4be266220a redis: bump to version 3.2.6
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-18 21:30:29 +01:00
Gustavo Zacarias
6dbd9ad3cc redis: bump to version 3.2.5
Adjust default config patch to match new major version.
localhost binding is now default so drop it, 300s keepalive is now
default as well (instead of 60s from the previous patch and 0 by
default) - which sounds reasonable so keep it.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-10-29 15:41:20 +02:00
Gustavo Zacarias
02681171f3 redis: bump to version 3.0.7
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-01-31 16:39:37 +01:00
Gustavo Zacarias
e537d52b85 redis: bump to version 3.0.6
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-01-27 21:36:49 +01:00
Gustavo Zacarias
1cf76dcf3f redis: bump to version 3.0.5
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-10-16 12:01:23 +02:00
Gustavo Zacarias
6782aaa582 redis: bump to version 3.0.4
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-10-02 21:46:03 +02:00
Martin Bark
aa24cb8b4f package/redis: Bump version to 3.0.3
Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-07-21 23:18:02 +02:00
Gustavo Zacarias
d226500192 redis: bump to version 2.8.19
Add hash file.
Drop redis-002-lua-AR.patch (upstream).
Rename patches to new naming convention.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-01-23 16:45:38 +01:00