Skip to content

Commit

Permalink
Redis 7.0.9
Browse files Browse the repository at this point in the history
  • Loading branch information
@oranagra
oranagra committed Feb 28, 2023
1 parent 2a2a582 commit 8692053
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 2 deletions.
31 changes: 31 additions & 0 deletions 00-RELEASENOTES
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,37 @@ CRITICAL: There is a critical bug affecting MOST USERS. Upgrade ASAP.
SECURITY: There are security fixes in the release.
--------------------------------------------------------------------------------

================================================================================
Redis 7.0.9 Released Tue Feb 28 12:00:00 IST 2023
================================================================================

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2023-25155) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD
commands can trigger an integer overflow, resulting in a runtime assertion
and termination of the Redis server process.
* (CVE-2022-36021) String matching commands (like SCAN or KEYS) with a specially
crafted pattern to trigger a denial-of-service attack on Redis, causing it to
hang and consume 100% CPU time.

Bug Fixes
=========

* Fix a crash when reaching the maximum invalidations limit of client-side tracking (#11814)
* Fix a crash when SPUBLISH is used after passing the cluster-link-sendbuf-limit (#11752)
* Fix possible memory corruption in FLUSHALL when a client watches more than one key (#11854)
* Fix cluster inbound link keepalive time (#11785)
* Flush propagation list in active-expire of writable replicas to fix an assertion (#11615)
* Avoid propagating DEL of lazy expire from SCAN and RANDOMKEY as MULTI-EXEC (#11788)

Performance and resource utilization improvements
=================================================

* Avoid realloc to reduce size of strings when it is unneeded (#11766)
* Improve CLUSTER SLOTS reply efficiency for non-continuous slots (#11745)


================================================================================
Redis 7.0.8 Released Mon Jan 16 12:00:00 IDT 2023
================================================================================
Expand Down
4 changes: 2 additions & 2 deletions src/version.h
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
#define REDIS_VERSION "7.0.8"
#define REDIS_VERSION_NUM 0x00070008
#define REDIS_VERSION "7.0.9"
#define REDIS_VERSION_NUM 0x00070009

0 comments on commit 8692053

Please sign in to comment.