[1/1] package/redis: bump to v7.0.3

Message ID	20220712114510.1434413-1-titouanchristophe@gmail.com
State	Accepted
Headers	show Return-Path: <buildroot-bounces@buildroot.org> From: Titouan Christophe <titouanchristophe@gmail.com> To: buildroot@buildroot.org Date: Tue, 12 Jul 2022 13:45:10 +0200 Message-Id: <20220712114510.1434413-1-titouanchristophe@gmail.com> MIME-Version: 1.0 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=8YckjPg68lyRSyX2vjLA2DPlTewWCX+bScR+RE4v0mQ=; b=AE2bjYriNPn1JtS38T8V81YJTng5+Qtd+kLZdFG70V7g+RY7FkBDbZNSQE82O6cnky UKWXOqSYKTlwkQTDYhpyl7SJbCYP1+La+JZrW265RqakbgC8zq2UULOfbimNEo2tZKD0 Lbvl58i6KoQWvAo2n7dH19Vp0vGOnKBruGt1KiPdFJ9Ro8VKrviP/YsQEnPR5pquta3S s96tvD2MXjYTIgR4a/7JfKhUAp+v4ENgZHJo1tq4RRLfkbC7atlFioEGIE2fcRKzIm8L MTwxuLCBwzHArq4x9R0Puub4+KM/crbQDERVQWIwjiwW7TiWngCNCDK3lPz0lP5Wi6Ar lYvw== X-Mailman-Original-Authentication-Results: smtp3.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=AE2bjYri Subject: [Buildroot] [PATCH 1/1] package/redis: bump to v7.0.3 Precedence: list Cc: Titouan Christophe <titouanchristophe@gmail.com>, Daniel Price <daniel.price@gmail.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" <buildroot-bounces@buildroot.org>
Series	[1/1] package/redis: bump to v7.0.3 \| expand [1/1] package/redis: bump to v7.0.3

Message ID

20220712114510.1434413-1-titouanchristophe@gmail.com

State

Accepted

Headers

From: Titouan Christophe <titouanchristophe@gmail.com>
To: buildroot@buildroot.org
Date: Tue, 12 Jul 2022 13:45:10 +0200
Message-Id: <20220712114510.1434413-1-titouanchristophe@gmail.com>
MIME-Version: 1.0
X-Mailman-Original-Authentication-Results: smtp3.osuosl.org;
 dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.a=rsa-sha256 header.s=20210112 header.b=AE2bjYri
Subject: [Buildroot] [PATCH 1/1] package/redis: bump to v7.0.3
X-BeenThere: buildroot@buildroot.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.buildroot.org>
List-Unsubscribe: <https://lists.buildroot.org/mailman/options/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=unsubscribe>
List-Archive: <http://lists.buildroot.org/pipermail/buildroot/>
List-Post: <mailto:buildroot@buildroot.org>
List-Help: <mailto:buildroot-request@buildroot.org?subject=help>
List-Subscribe: <https://lists.buildroot.org/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=subscribe>
Cc: Titouan Christophe <titouanchristophe@gmail.com>,
 Daniel Price <daniel.price@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: buildroot-bounces@buildroot.org
Sender: "buildroot" <buildroot-bounces@buildroot.org>

Series

[1/1] package/redis: bump to v7.0.3 | expand

Comments

Yann E. MORIN July 17, 2022, 1:21 p.m. UTC | #1

Titoua, All,

On 2022-07-12 13:45 +0200, Titouan Christophe spake thusly:
> Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>

Applied to master, thanks.

Regards,
Yann E. MORIN.

> ---
>  package/redis/redis.hash | 2 +-
>  package/redis/redis.mk   | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/package/redis/redis.hash b/package/redis/redis.hash
> index 582c3afa03..bff478fe7c 100644
> --- a/package/redis/redis.hash
> +++ b/package/redis/redis.hash
> @@ -1,5 +1,5 @@
>  # From https://github.com/redis/redis-hashes/blob/master/README
> -sha256  284d8bd1fd85d6a55a05ee4e7c31c31977ad56cbf344ed83790beeb148baa720  redis-7.0.0.tar.gz
> +sha256  2cde7d17214ffe305953da9fff12333e8a72caa57fd4923e4872f6362a208e73  redis-7.0.3.tar.gz
>  
>  # Locally calculated
>  sha256  97f0a15b7bbae580d2609dad2e11f1956ae167be296ab60f4691ab9c30ee9828  COPYING
> diff --git a/package/redis/redis.mk b/package/redis/redis.mk
> index 3b91fbf8c8..b292782acf 100644
> --- a/package/redis/redis.mk
> +++ b/package/redis/redis.mk
> @@ -4,7 +4,7 @@
>  #
>  ################################################################################
>  
> -REDIS_VERSION = 7.0.0
> +REDIS_VERSION = 7.0.3
>  REDIS_SITE = http://download.redis.io/releases
>  REDIS_LICENSE = BSD-3-Clause (core); MIT and BSD family licenses (Bundled components)
>  REDIS_LICENSE_FILES = COPYING
> -- 
> 2.36.1
> 
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot

Peter Korsgaard Aug. 10, 2022, 10:37 a.m. UTC | #2

>>>>> "Titouan" == Titouan Christophe <titouanchristophe@gmail.com> writes:

 > Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>

Committed to 2022.05.x given the fixes, thanks.

I see there is also a 7.0.4 release with security fixes, care to send a
patch?

================================================================================
Redis 7.0.4 Released Monday Jul 18 12:00:00 IST 2022
================================================================================

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream
  key in a specific state may result with heap overflow, and potentially
  remote code execution. The problem affects Redis versions 7.0.0 or
  newer.

Titouan Christophe Aug. 11, 2022, 7 p.m. UTC | #3

Hello Peter and all,

I just sent the patch to the ML even before seeing your message below.

Could you also please backport it onto 2022.05.x ?

Best regards,

Titouan

On 10/08/22 12:37, Peter Korsgaard wrote:
>>>>>> "Titouan" == Titouan Christophe <titouanchristophe@gmail.com> writes:
>   > Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
>
> Committed to 2022.05.x given the fixes, thanks.
>
> I see there is also a 7.0.4 release with security fixes, care to send a
> patch?
>
> ================================================================================
> Redis 7.0.4 Released Monday Jul 18 12:00:00 IST 2022
> ================================================================================
>
> Upgrade urgency: SECURITY, contains fixes to security issues.
>
> Security Fixes:
> * (CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream
>    key in a specific state may result with heap overflow, and potentially
>    remote code execution. The problem affects Redis versions 7.0.0 or
>    newer.
>

Peter Korsgaard Aug. 11, 2022, 7:20 p.m. UTC | #4

>>>>> "Titouan" == Titouan Christophe <titouanchristophe@gmail.com> writes:

 > Hello Peter and all,
 > I just sent the patch to the ML even before seeing your message below.

Great ;)

 > Could you also please backport it onto 2022.05.x ?

Sure, I will. I'm running a bit behind on backports, but I will get to
it.

diff --git a/package/redis/redis.hash b/package/redis/redis.hash
index 582c3afa03..bff478fe7c 100644
--- a/package/redis/redis.hash
+++ b/package/redis/redis.hash
@@ -1,5 +1,5 @@ 
 # From https://github.com/redis/redis-hashes/blob/master/README
-sha256  284d8bd1fd85d6a55a05ee4e7c31c31977ad56cbf344ed83790beeb148baa720  redis-7.0.0.tar.gz
+sha256  2cde7d17214ffe305953da9fff12333e8a72caa57fd4923e4872f6362a208e73  redis-7.0.3.tar.gz
 
 # Locally calculated
 sha256  97f0a15b7bbae580d2609dad2e11f1956ae167be296ab60f4691ab9c30ee9828  COPYING
diff --git a/package/redis/redis.mk b/package/redis/redis.mk
index 3b91fbf8c8..b292782acf 100644
--- a/package/redis/redis.mk
+++ b/package/redis/redis.mk
@@ -4,7 +4,7 @@ 
 #
 ################################################################################
 
-REDIS_VERSION = 7.0.0
+REDIS_VERSION = 7.0.3
 REDIS_SITE = http://download.redis.io/releases
 REDIS_LICENSE = BSD-3-Clause (core); MIT and BSD family licenses (Bundled components)
 REDIS_LICENSE_FILES = COPYING

[1/1] package/redis: bump to v7.0.3

Commit Message

Comments

Patch