Update dependency redis/redis to v7.2.5
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| redis/redis | minor |
7.0.15 -> 7.2.5
|
Release Notes
redis/redis (redis/redis)
v7.2.5
Upgrade urgency MODERATE: Program an upgrade of the server, but it's not urgent.
Bug fixes
- A single shard cluster leaves failed replicas in CLUSTER SLOTS instead of removing them (#12824)
- Crash in LSET command when replacing small items and exceeding 4GB (#12955)
- Blocking commands timeout is reset due to re-processing command (#13004)
- Conversion of numbers in Lua args to redis args can fail. Bug introduced in 7.2.0 (#13115)
Bug fixes in CLI tools
- redis-cli: --count (for --scan, --bigkeys, etc) was ignored unless --pattern was also used (#13092)
- redis-check-aof: incorrectly considering data in manifest format as MP-AOF (#12958)
v7.2.4
Upgrade urgency SECURITY: See security fixes below.
Security fixes
- (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
Bug fixes
- Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
- Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
- Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)
v7.2.3
Upgrade urgency: HIGH, Fixes critical bugs affecting most users.
Bug fixes
- Fix file descriptor leak preventing deleted files from freeing disk space on replicas (#12693)
- Fix a possible crash after cluster node removal (#12702)
v7.2.2
Upgrade urgency SECURITY: See security fixes below.
Security fixes
- (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup.
Platform / toolchain support related changes
- Fix compilation error on MacOS 13 (#12611)
Bug fixes
- WAITAOF could timeout in the absence of write traffic in case a new AOF is created and an AOF rewrite can't immediately start (#12620)
Redis cluster
- Fix crash when running rebalance command in a mixed cluster of 7.0 and 7.2 nodes (#12604)
- Fix the return type of the slot number in cluster shards to integer, which makes it consistent with past behavior (#12561)
- Fix CLUSTER commands are called from modules or scripts to return TLS info appropriately (#12569)
Changes in CLI tools
- redis-cli, fix crash on reconnect when in SUBSCRIBE mode (#12571)
Module API changes
- Fix overflow calculation for next timer event (#12474)
v7.2.1
Upgrade urgency SECURITY: See security fixes below.
Security Fixes
- (CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration.
Bug Fixes
- Fix crashes when joining a node to an existing 7.0 Redis Cluster (#12538)
- Correct request_policy and response_policy command tips on for some admin / configuration commands (#12545, #12530)
v7.2.0
Upgrade urgency LOW: This is the first stable Release for Redis 7.2.
Bug Fixes
- redis-cli in cluster mode handles
unknown-endpoint(#12273) - Update request / response policy hints for a few commands (#12417)
- Ensure that the function load timeout is disabled during loading from RDB/AOF and on replicas. (#12451)
- Fix false success and a memory leak for ACL selector with bad parenthesis combination (#12452)
- Fix the assertion when script timeout occurs after it signaled a blocked client (#12459)
Fixes for issues in previous releases of Redis 7.2
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by Soos