stable

redis-7.2.2-1.fc39

FEDORA-2023-fd75e4f307 created by remi 12 months ago for Fedora 39

Redis 7.2.2 Released Wed 18 Oct 2023 10:33:40 IDT

Upgrade urgency SECURITY: See security fixes below.

Security fixes

  • (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup.

Bug fixes

  • WAITAOF could timeout in the absence of write traffic in case a new AOF is created and an AOF rewrite can't immediately start (#12620)

Redis cluster

  • Fix crash when running rebalance command in a mixed cluster of 7.0 and 7.2 nodes (#12604)
  • Fix the return type of the slot number in cluster shards to integer, which makes it consistent with past behavior (#12561)
  • Fix CLUSTER commands are called from modules or scripts to return TLS info appropriately (#12569)

Changes in CLI tools

  • redis-cli, fix crash on reconnect when in SUBSCRIBE mode (#12571)

Module API changes

  • Fix overflow calculation for next timer event (#12474)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-fd75e4f307

This update has been submitted for testing by remi.

12 months ago

This update's test gating status has been changed to 'ignored'.

12 months ago

remi edited this update.

12 months ago

This update has been pushed to testing.

12 months ago

remi edited this update.

12 months ago

This update has been submitted for stable by bodhi.

There is an ongoing freeze; this will be pushed to stable after the freeze is over.

12 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
12 months ago
in testing
12 months ago
in stable
11 months ago
modified
12 months ago
approved
12 months ago
BZ#2244940 CVE-2023-45145 redis: possible bypass of Unix socket permissions on startup
0
0
BZ#2244942 CVE-2023-45145 redis: possible bypass of Unix socket permissions on startup [fedora-all]
0
0

Automated Test Results