From: Yi Zhao <yi.z...@windriver.com>

ChangeLog:

Security fixes
==============
* (CVE-2024-31449) Lua library commands may lead to stack overflow and
  potential RCE.
* (CVE-2024-31227) Potential Denial-of-service due to malformed ACL
  selectors.
* (CVE-2024-31228) Potential Denial-of-service due to unbounded pattern
  matching.

Bug fixes
=========
* Fixed crashes in cluster mode (#13315)

Signed-off-by: Yi Zhao <yi.z...@windriver.com>
Signed-off-by: Khem Raj <raj.k...@gmail.com>
Signed-off-by: Divya Chellam <divya.chel...@windriver.com>
---
 ...1-hiredis-use-default-CC-if-it-is-set.patch} |  7 +++----
 ...file-to-use-environment-build-setting.patch} |  6 +++---
 ...0003-hack-to-force-use-of-libc-malloc.patch} |  7 +++----
 .../0004-src-Do-not-reset-FINAL_LIBS.patch}     |  4 ++--
 ...URCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch} |  6 +++---
 .../0006-Define-correct-gregs-for-RISCV32.patch |  4 ++--
 .../init-redis-server                           |  0
 .../{redis-7.2.5 => redis-7.2.6}/redis.conf     |  0
 .../{redis-7.2.5 => redis-7.2.6}/redis.service  |  0
 .../redis/{redis_7.2.5.bb => redis_7.2.6.bb}    | 17 +++++++++--------
 10 files changed, 25 insertions(+), 26 deletions(-)
 rename 
meta-oe/recipes-extended/redis/{redis-7.2.5/hiredis-use-default-CC-if-it-is-set.patch
 => redis-7.2.6/0001-hiredis-use-default-CC-if-it-is-set.patch} (95%)
 rename 
meta-oe/recipes-extended/redis/{redis-7.2.5/lua-update-Makefile-to-use-environment-build-setting.patch
 => 
redis-7.2.6/0002-lua-update-Makefile-to-use-environment-build-setting.patch} 
(97%)
 rename meta-oe/recipes-extended/redis/{redis-7.2.5/oe-use-libc-malloc.patch => 
redis-7.2.6/0003-hack-to-force-use-of-libc-malloc.patch} (94%)
 rename 
meta-oe/recipes-extended/redis/{redis-7.2.5/0001-src-Do-not-reset-FINAL_LIBS.patch
 => redis-7.2.6/0004-src-Do-not-reset-FINAL_LIBS.patch} (92%)
 rename meta-oe/recipes-extended/redis/{redis-7.2.5/GNU_SOURCE-7.patch => 
redis-7.2.6/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch} 
(88%)
 rename meta-oe/recipes-extended/redis/{redis-7.2.5 => 
redis-7.2.6}/0006-Define-correct-gregs-for-RISCV32.patch (97%)
 rename meta-oe/recipes-extended/redis/{redis-7.2.5 => 
redis-7.2.6}/init-redis-server (100%)
 mode change 100755 => 100644
 rename meta-oe/recipes-extended/redis/{redis-7.2.5 => redis-7.2.6}/redis.conf 
(100%)
 rename meta-oe/recipes-extended/redis/{redis-7.2.5 => 
redis-7.2.6}/redis.service (100%)
 rename meta-oe/recipes-extended/redis/{redis_7.2.5.bb => redis_7.2.6.bb} (81%)

diff --git 
a/meta-oe/recipes-extended/redis/redis-7.2.5/hiredis-use-default-CC-if-it-is-set.patch
 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0001-hiredis-use-default-CC-if-it-is-set.patch
similarity index 95%
rename from 
meta-oe/recipes-extended/redis/redis-7.2.5/hiredis-use-default-CC-if-it-is-set.patch
rename to 
meta-oe/recipes-extended/redis/redis-7.2.6/0001-hiredis-use-default-CC-if-it-is-set.patch
index 7785acca5c..63bf403412 100644
--- 
a/meta-oe/recipes-extended/redis/redis-7.2.5/hiredis-use-default-CC-if-it-is-set.patch
+++ 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0001-hiredis-use-default-CC-if-it-is-set.patch
@@ -1,4 +1,4 @@
-From 41efa2f0cf08c91ff935bbb2d16ab233df7f5811 Mon Sep 17 00:00:00 2001
+From af4fc632c03b2a68be4206b4896f27fc4bb865ae Mon Sep 17 00:00:00 2001
 From: Venture Research <t...@ventureresearch.com>
 Date: Fri, 8 Feb 2013 17:39:52 -0600
 Subject: [PATCH] hiredis: use default CC if it is set
@@ -9,6 +9,8 @@ Content-Transfer-Encoding: 8bit
 Instead of trying to automagically figure out CC, which breaks with OE
 as CC has spaces in it, just skip it if one was already passed in.
 
+Upstream-Status: Pending
+
 Signed-off-by: Venture Research <t...@ventureresearch.com>
 
 Update to work with 4.0.8
@@ -16,10 +18,7 @@ Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
 
 Reworked for 6.0.4
 Signed-off-by: Andreas Müller <schnitzelt...@gmail.com>
-
 ---
-Upstream-Status: Pending
-
  deps/hiredis/Makefile | 2 --
  1 file changed, 2 deletions(-)
 
diff --git 
a/meta-oe/recipes-extended/redis/redis-7.2.5/lua-update-Makefile-to-use-environment-build-setting.patch
 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0002-lua-update-Makefile-to-use-environment-build-setting.patch
similarity index 97%
rename from 
meta-oe/recipes-extended/redis/redis-7.2.5/lua-update-Makefile-to-use-environment-build-setting.patch
rename to 
meta-oe/recipes-extended/redis/redis-7.2.6/0002-lua-update-Makefile-to-use-environment-build-setting.patch
index 20708eda1e..46330f5064 100644
--- 
a/meta-oe/recipes-extended/redis/redis-7.2.5/lua-update-Makefile-to-use-environment-build-setting.patch
+++ 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0002-lua-update-Makefile-to-use-environment-build-setting.patch
@@ -1,4 +1,4 @@
-From aa3d31355f3cc140b1dc2f4fcff8e3c0aa261549 Mon Sep 17 00:00:00 2001
+From 45ae5eb5c3482054073e06ab1a78e0aa9b96447f Mon Sep 17 00:00:00 2001
 From: Venture Research <t...@ventureresearch.com>
 Date: Fri, 8 Feb 2013 20:22:19 -0600
 Subject: [PATCH] lua: update Makefile to use environment build settings
@@ -6,6 +6,8 @@ Subject: [PATCH] lua: update Makefile to use environment build 
settings
 OE-specific parameters, instead of overriding all of these simply use
 the ones that are already passed in. Also configure for only Linux...
 
+Upstream-Status: Pending
+
 Signed-off-by: Venture Research <t...@ventureresearch.com>
 
 Updated to work with 3.0.x
@@ -14,8 +16,6 @@ Signed-off-by: Armin Kuster <akust...@gmail.com>
 
 updated to work wtih 6.2.1
 Signed-off-by: Yi Fan Yu <yifan...@windriver.com>
-
-Upstream-Status: Pending
 ---
  deps/Makefile         |  1 -
  deps/lua/Makefile     |  1 -
diff --git 
a/meta-oe/recipes-extended/redis/redis-7.2.5/oe-use-libc-malloc.patch 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0003-hack-to-force-use-of-libc-malloc.patch
similarity index 94%
rename from meta-oe/recipes-extended/redis/redis-7.2.5/oe-use-libc-malloc.patch
rename to 
meta-oe/recipes-extended/redis/redis-7.2.6/0003-hack-to-force-use-of-libc-malloc.patch
index 7b601e02a9..1f97f9783d 100644
--- a/meta-oe/recipes-extended/redis/redis-7.2.5/oe-use-libc-malloc.patch
+++ 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0003-hack-to-force-use-of-libc-malloc.patch
@@ -1,4 +1,4 @@
-From 38a5f403b033d03cdac3ff814687d83f61527d8e Mon Sep 17 00:00:00 2001
+From 7a98e3ac480413ce7db3a5edd5dc70458b921b29 Mon Sep 17 00:00:00 2001
 From: Venture Research <t...@ventureresearch.com>
 Date: Wed, 6 Feb 2013 20:51:02 -0600
 Subject: [PATCH] hack to force use of libc malloc
@@ -9,14 +9,13 @@ removed in favor of magic.
 Note that this of course doesn't allow tcmalloc and jemalloc, however
 jemalloc wasn't building correctly.
 
+Upstream-Status: Pending
+
 Signed-off-by: Venture Research <t...@ventureresearch.com>
 
 Update to work with 4.0.8
 Signed-off-by: Alistair Francis <alistair.fran...@wdc.com>
-
 ---
-Upstream-Status: Pending
-
  src/Makefile | 3 ++-
  1 file changed, 2 insertions(+), 1 deletion(-)
 
diff --git 
a/meta-oe/recipes-extended/redis/redis-7.2.5/0001-src-Do-not-reset-FINAL_LIBS.patch
 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0004-src-Do-not-reset-FINAL_LIBS.patch
similarity index 92%
rename from 
meta-oe/recipes-extended/redis/redis-7.2.5/0001-src-Do-not-reset-FINAL_LIBS.patch
rename to 
meta-oe/recipes-extended/redis/redis-7.2.6/0004-src-Do-not-reset-FINAL_LIBS.patch
index 01e53e3f21..974cf5169f 100644
--- 
a/meta-oe/recipes-extended/redis/redis-7.2.5/0001-src-Do-not-reset-FINAL_LIBS.patch
+++ 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0004-src-Do-not-reset-FINAL_LIBS.patch
@@ -1,4 +1,4 @@
-From d9d1f9a501ef7caa80d1e6595218898e9989ec2b Mon Sep 17 00:00:00 2001
+From 50fc46a12f6cf97e7b927d3ea29eecc9ebdea34d Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.k...@gmail.com>
 Date: Tue, 10 Sep 2019 20:04:26 -0700
 Subject: [PATCH] src: Do not reset FINAL_LIBS
@@ -9,8 +9,8 @@ environment to get it going
 e.g. -latomic is needed on clang/x86 to provide for 64bit atomics
 
 Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.k...@gmail.com>
 
+Signed-off-by: Khem Raj <raj.k...@gmail.com>
 ---
  src/Makefile | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-oe/recipes-extended/redis/redis-7.2.5/GNU_SOURCE-7.patch 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch
similarity index 88%
rename from meta-oe/recipes-extended/redis/redis-7.2.5/GNU_SOURCE-7.patch
rename to 
meta-oe/recipes-extended/redis/redis-7.2.6/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch
index 6e07c25c6a..8e5f30993b 100644
--- a/meta-oe/recipes-extended/redis/redis-7.2.5/GNU_SOURCE-7.patch
+++ 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch
@@ -1,4 +1,4 @@
-From a22512ac1cbd6de1f5646219722e49752d1f60ac Mon Sep 17 00:00:00 2001
+From acd832d76002a1916b3128ac05bc0296425aea6d Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.k...@gmail.com>
 Date: Sat, 21 Dec 2019 12:09:51 -0800
 Subject: [PATCH] Define _GNU_SOURCE to get PTHREAD_MUTEX_INITIALIZER
@@ -9,14 +9,14 @@ Fixes
 |       |                                     ^~~~~~~~~~~~~~~~~~~~~~~~~
 
 Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.k...@gmail.com>
 
+Signed-off-by: Khem Raj <raj.k...@gmail.com>
 ---
  src/zmalloc.c | 1 +
  1 file changed, 1 insertion(+)
 
 diff --git a/src/zmalloc.c b/src/zmalloc.c
-index ba03685..322304f 100644
+index bbfa386..93e07ff 100644
 --- a/src/zmalloc.c
 +++ b/src/zmalloc.c
 @@ -32,6 +32,7 @@
diff --git 
a/meta-oe/recipes-extended/redis/redis-7.2.5/0006-Define-correct-gregs-for-RISCV32.patch
 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0006-Define-correct-gregs-for-RISCV32.patch
similarity index 97%
rename from 
meta-oe/recipes-extended/redis/redis-7.2.5/0006-Define-correct-gregs-for-RISCV32.patch
rename to 
meta-oe/recipes-extended/redis/redis-7.2.6/0006-Define-correct-gregs-for-RISCV32.patch
index 93c3595261..7009048171 100644
--- 
a/meta-oe/recipes-extended/redis/redis-7.2.5/0006-Define-correct-gregs-for-RISCV32.patch
+++ 
b/meta-oe/recipes-extended/redis/redis-7.2.6/0006-Define-correct-gregs-for-RISCV32.patch
@@ -1,14 +1,14 @@
-From 634f62be6c135ece93cb4e44a69ce3cb66f394ca Mon Sep 17 00:00:00 2001
+From dd3ecb07bbf80b986b8f2c656ea11d1346e212f6 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.k...@gmail.com>
 Date: Mon, 26 Oct 2020 21:32:22 -0700
 Subject: [PATCH] Define correct gregs for RISCV32
 
 Upstream-Status: Pending
+
 Signed-off-by: Khem Raj <raj.k...@gmail.com>
 
 Updated patch for 6.2.8
 Signed-off-by: Changqing Li <changqing...@windriver.com>
-
 ---
  src/debug.c | 26 ++++++++++++++++++++++++--
  1 file changed, 24 insertions(+), 2 deletions(-)
diff --git a/meta-oe/recipes-extended/redis/redis-7.2.5/init-redis-server 
b/meta-oe/recipes-extended/redis/redis-7.2.6/init-redis-server
old mode 100755
new mode 100644
similarity index 100%
rename from meta-oe/recipes-extended/redis/redis-7.2.5/init-redis-server
rename to meta-oe/recipes-extended/redis/redis-7.2.6/init-redis-server
diff --git a/meta-oe/recipes-extended/redis/redis-7.2.5/redis.conf 
b/meta-oe/recipes-extended/redis/redis-7.2.6/redis.conf
similarity index 100%
rename from meta-oe/recipes-extended/redis/redis-7.2.5/redis.conf
rename to meta-oe/recipes-extended/redis/redis-7.2.6/redis.conf
diff --git a/meta-oe/recipes-extended/redis/redis-7.2.5/redis.service 
b/meta-oe/recipes-extended/redis/redis-7.2.6/redis.service
similarity index 100%
rename from meta-oe/recipes-extended/redis/redis-7.2.5/redis.service
rename to meta-oe/recipes-extended/redis/redis-7.2.6/redis.service
diff --git a/meta-oe/recipes-extended/redis/redis_7.2.5.bb 
b/meta-oe/recipes-extended/redis/redis_7.2.6.bb
similarity index 81%
rename from meta-oe/recipes-extended/redis/redis_7.2.5.bb
rename to meta-oe/recipes-extended/redis/redis_7.2.6.bb
index 44fb22bc5e..6d076e3131 100644
--- a/meta-oe/recipes-extended/redis/redis_7.2.5.bb
+++ b/meta-oe/recipes-extended/redis/redis_7.2.6.bb
@@ -10,19 +10,20 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
            file://redis.conf \
            file://init-redis-server \
            file://redis.service \
-           file://hiredis-use-default-CC-if-it-is-set.patch \
-           file://lua-update-Makefile-to-use-environment-build-setting.patch \
-           file://oe-use-libc-malloc.patch \
-           file://0001-src-Do-not-reset-FINAL_LIBS.patch \
-           file://GNU_SOURCE-7.patch \
+           file://0001-hiredis-use-default-CC-if-it-is-set.patch \
+           
file://0002-lua-update-Makefile-to-use-environment-build-setting.patch \
+           file://0003-hack-to-force-use-of-libc-malloc.patch \
+           file://0004-src-Do-not-reset-FINAL_LIBS.patch \
+           
file://0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch \
            file://0006-Define-correct-gregs-for-RISCV32.patch \
-           "
-SRC_URI[sha256sum] = 
"5981179706f8391f03be91d951acafaeda91af7fac56beffb2701963103e423d"
+          "
+
+SRC_URI[sha256sum] = 
"fb10d67a2fe2b4556f6cb840064dd6e6e3175ce8ca035f0726990ec2da9f3d0e"
 
 inherit autotools-brokensep pkgconfig update-rc.d systemd useradd
 
 FINAL_LIBS:x86:toolchain-clang = "-latomic"
-FINAL_LIBS:riscv32:toolchain-clang = "-latomic"
+FINAL_LIBS:riscv32 = "-latomic"
 FINAL_LIBS:mips = "-latomic"
 FINAL_LIBS:arm = "-latomic"
 FINAL_LIBS:powerpc = "-latomic"
-- 
2.40.0

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#114070): 
https://lists.openembedded.org/g/openembedded-devel/message/114070
Mute This Topic: https://lists.openembedded.org/mt/109786838/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to