CVS commit: pkgsrc/databases/redis

["Adam Ciarcinski" <adam%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   adam
Date:           Wed Mar  1 07:51:09 UTC 2023

Modified Files:
        pkgsrc/databases/redis: Makefile distinfo

Log Message:
redis: updated to 7.0.9

Redis 7.0.9

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2023-25155) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD
  commands can trigger an integer overflow, resulting in a runtime assertion
  and termination of the Redis server process.
* (CVE-2022-36021) String matching commands (like SCAN or KEYS) with a specially
  crafted pattern to trigger a denial-of-service attack on Redis, causing it to
  hang and consume 100% CPU time.

Bug Fixes
=========
* Fix a crash when reaching the maximum invalidations limit of client-side tracking
* Fix a crash when SPUBLISH is used after passing the cluster-link-sendbuf-limit
* Fix possible memory corruption in FLUSHALL when a client watches more than one key
* Fix cluster inbound link keepalive time
* Flush propagation list in active-expire of writable replicas to fix an assertion
* Avoid propagating DEL of lazy expire from SCAN and RANDOMKEY as MULTI-EXEC

Performance and resource utilization improvements
=================================================
* Avoid realloc to reduce size of strings when it is unneeded
* Improve CLUSTER SLOTS reply efficiency for non-continuous slots


To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 pkgsrc/databases/redis/Makefile
cvs rdiff -u -r1.70 -r1.71 pkgsrc/databases/redis/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/databases/redis/Makefile
diff -u pkgsrc/databases/redis/Makefile:1.77 pkgsrc/databases/redis/Makefile:1.78
--- pkgsrc/databases/redis/Makefile:1.77        Tue Jan 17 11:05:56 2023
+++ pkgsrc/databases/redis/Makefile     Wed Mar  1 07:51:09 2023
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.77 2023/01/17 11:05:56 adam Exp $
+# $NetBSD: Makefile,v 1.78 2023/03/01 07:51:09 adam Exp $
 
-DISTNAME=      redis-7.0.8
+DISTNAME=      redis-7.0.9
 CATEGORIES=    databases
 MASTER_SITES=  http://download.redis.io/releases/
 

Index: pkgsrc/databases/redis/distinfo
diff -u pkgsrc/databases/redis/distinfo:1.70 pkgsrc/databases/redis/distinfo:1.71
--- pkgsrc/databases/redis/distinfo:1.70        Tue Jan 17 11:05:56 2023
+++ pkgsrc/databases/redis/distinfo     Wed Mar  1 07:51:09 2023
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.70 2023/01/17 11:05:56 adam Exp $
+$NetBSD: distinfo,v 1.71 2023/03/01 07:51:09 adam Exp $
 
-BLAKE2s (redis-7.0.8.tar.gz) = 3a83663d93dae0c4f2d26660e5649e3f6c43fccfe6b5c1b1e0f2074dc01ffb08
-SHA512 (redis-7.0.8.tar.gz) = d760fce02203265551198082f75b1e6be78a2cdb3d464e518d65a31839a3b6e45401c6bca6a091f59e121212aee7363d5e83c25365ab347a66b807015b32eeb6
-Size (redis-7.0.8.tar.gz) = 2981212 bytes
+BLAKE2s (redis-7.0.9.tar.gz) = 47a9da9106bae4e3899c12ecf8b1000f3de13743f39e1964232b1b6fb9ee1af0
+SHA512 (redis-7.0.9.tar.gz) = e984a19583e4aae0a5dce85a434d3255f4f13725eba0f11a1fe1a1189b17035152a26b65f1a3a8834f0dd8218f4a65986c918f96386120ea9419bd02366c8293
+Size (redis-7.0.9.tar.gz) = 2984823 bytes
 SHA1 (patch-redis.conf) = ee657a9d82711263ceb0fb8f7d8059ed23528fe9
 SHA1 (patch-src_Makefile) = 2c23fb065e827e0cb25fdfba1bc1976db03dc789
 SHA1 (patch-src_hyperloglog.c) = e9bdd3c630024a6fbe02c2c1d85e26131ad938cf