HomeFreeBSD

databases/redis: update to 7.2.4 with fix CVE-2023-41056

Description

databases/redis: update to 7.2.4 with fix CVE-2023-41056

Security fixes:

  • (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory buffers which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.

Bug fixes:

  • Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
  • Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
  • Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)

Changelog: https://github.com/redis/redis/releases/tag/7.2.4

PR: 276255
Approved by: yasu (maintainer, timeout > 14 days), arrowd (mentor)
MFH: 2024Q1

(cherry picked from commit 7bb0b75a6693d2dd9c39468bdc2392598632d0da)

Details

Provenance
vvdAuthored on Jan 28 2024, 8:39 PM
Parents
R11:55b98a4db8f6: graphics/diplib: Broken on aarch64 due to runaway builds
Branches
Unknown
Tags
Unknown