Releases: redis/redis
6.2.2
Upgrade urgency: HIGH, if you're using ACL and pub/sub, CONFIG REWRITE, or
suffering from performance regression. see below.
Bug fixes for regressions in previous releases of Redis 6.2:
- Fix BGSAVE, AOFRW, and replication slowdown due to child reporting CoW (#8645)
- Fix short busy loop when a timer event is about to fire (#8764)
- Fix default user, overwritten and reset users losing Pub/Sub channel permissions (#8723)
- Fix config rewrite with an empty
save
config resulting in defaultsave
values (#8719) - Fix not starting on alpine/libmusl without IPv6 (#8655)
- Fix issues with propagation and MULTI/EXEC in modules (#8617)
Several issues around nested calls and thread-safe contexts
Bug fixes that are only applicable to previous releases of Redis 6.2:
- ACL Pub/Sub channels permission handling for save/load scenario (#8794)
- Fix early rejection of PUBLISH inside MULTI-EXEC transaction (#8534)
- Fix missing SLOWLOG records for blocked commands (#8632)
- Allow RESET command during busy scripts (#8629)
- Fix some error replies that were not counted on stats (#8659)
Bug fixes:
- Add a timeout mechanism for replicas stuck in fullsync (#8762)
- Process HELLO command even if the default user has no permissions (#8633)
- Client issuing a long-running script and using a pipeline, got disconnected (#8715)
- Fix script kill to work also on scripts that use
pcall
(#8661) - Fix list-compress-depth may compress more node than required (#8311)
- Fix redis-cli handling of rediss:// URL scheme (#8705)
- Cluster: Skip unnecessary check which may prevent failure detection (#8585)
- Cluster: Fix hang manual failover when replica just started (#8651)
- Sentinel: Fix info-refresh time field before sentinel gets a first response (#8567)
- Sentinel: Fix possible crash on failed connection attempt (#8627)
- Systemd: Send the readiness notification when a replica is ready to accept connections (#8409)
Command behavior changes:
- ZADD: fix awrong reply when INCR used with GT/LT which blocked the update (#8717)
It was responding with the incremented value rather than nil - XAUTOCLAIM: fix response to return the next available id as the cursor (#8725)
Previous behavior was returning the last one which was already scanned - XAUTOCLAIM: fix JUSTID to prevent incrementing delivery_count (#8724)
New config options:
- Add cluster-allow-replica-migration config option (#5285)
- Add replica-announced config option (#8653)
- Add support for plaintext clients in TLS cluster (#8587)
- Add support for reading encrypted keyfiles (#8644)
Improvements:
- Fix performance regression in BRPOP on Redis 6.0 (#8689)
- Avoid adding slowlog entries for config with sensitive data (#8584)
- Improve redis-cli non-binary safe string handling (#8566)
- Optimize CLUSTER SLOTS reply (#8541)
- Handle remaining fsync errors (#8419)
Info fields and introspection changes:
- Strip % sign from current_fork_perc info field (#8628)
- Fix RSS memory info on FreeBSD (#8620)
- Fix client_recent_max_input/output_buffer in 'INFO CLIENTS' when all clients drop (#8588)
- Fix invalid master_link_down_since_seconds in info replication (#8785)
Platform and deployment-related changes:
- Fix FreeBSD <12.x builds (#8603)
Modules:
- Add macros for RedisModule_log logging levels (#4246)
- Add RedisModule_GetAbsExpire / RedisModule_SetAbsExpire (#8564)
- Add a module type for key space notification (#8759)
- Set module eviction context flag only in masters (#8631)
- Fix unusable RedisModule_IsAOFClient API (#8596)
- Fix missing EXEC on modules propagation after failed EVAL execution (#8654)
- Fix edge-case when a module client is unblocked (#8618)
6.2.1
Upgrade urgency: LOW.
Here is a comprehensive list of changes in this release compared to 6.2.0,
each one includes the PR number that added it, so you can get more details
at https://github.com/redis/redis/pull/
Bug fixes:
- Fix sanitize-dump-payload for stream with deleted records (#8568)
- Prevent client-query-buffer-limit config from being set to lower than 1mb (#8557)
Improvements:
- Make port, tls-port and bind config options modifiable at runtime (#8510)
Platform and deployment-related changes:
- Fix compilation error on non-glibc systems if jemalloc is not used (#8533)
- Improved memory consumption and memory usage tracking on FreeBSD (#8545)
- Fix compilation on ARM64 MacOS with jemalloc (#8458)
Modules:
6.0.12
5.0.12
6.2.0
Upgrade urgency: SECURITY if you use 32bit build of redis (see bellow), MODERATE
if you used earlier versions of Redis 6.2, LOW otherwise.
Integer overflow on 32-bit systems (CVE-2021-21309):
Redis 4.0 or newer uses a configurable limit for the maximum supported bulk
input size. By default, it is 512MB which is a safe value for all platforms.
If the limit is significantly increased, receiving a large request from a client
may trigger several integer overflow scenarios, which would result with buffer
overflow and heap corruption.
Here is a comprehensive list of changes in this release compared to 6.2 RC3,
each one includes the PR number that added it, so you can get more details
at https://github.com/redis/redis/pull/
Bug fixes:
- Avoid 32-bit overflows when proto-max-bulk-len is set high (#8522)
- Fix broken protocol in client tracking tracking-redir-broken message (#8456)
- Avoid unsafe field name characters in INFO commandstats, errorstats, modules (#8492)
- XINFO able to access expired keys during CLIENT PAUSE WRITE (#8436)
- Fix allowed length for REPLCONF ip-address, needed due to Sentinel's support for hostnames (#8517)
- Fix broken protocol in redis-benchmark when used with -a or --dbnum (#8486)
- XADD counts deleted records too when considering switching to a new listpack (#8390)
Bug fixes that are only applicable to previous releases of Redis 6.2:
- Fixes in GEOSEARCH bybox (accuracy and mismatch between width and height) (#8445)
- Fix risk of OOM panic in HRANDFIELD, ZRANDMEMBER commands with huge negative count (#8429)
- Fix duplicate replicas issue in Sentinel, needed due to hostname support (#8481)
- Fix Sentinel configuration rewrite, an improvement of #8271 (#8480)
Command behavior changes:
- SRANDMEMBER uses RESP3 array type instead of set type (#8504)
- EXPIRE, EXPIREAT, SETEX, GETEX: Return error when provided expire time overflows (#8287)
Other behavior changes:
- Remove ACL subcommand validation if fully added command exists. (#8483)
Improvements:
- Optimize sorting in GEORADIUS / GEOSEARCH with COUNT (#8326)
- Optimize HRANDFIELD and ZRANDMEMBER case 4 when ziplist encoded (#8444)
- Optimize in-place replacement of elements in HSET, HINCRBY, LSET (#8493)
- Remove redundant list to store pubsub patterns (#8472)
- Add --insecure option to command line tools (#8416)
Info fields and introspection changes:
- Add INFO fields to track progress of BGSAVE, AOFRW, replication (#8414)
Modules:
6.0.11
Upgrade urgency: SECURITY if you use 32bit build of redis (see bellow), LOW
otherwise.
Integer overflow on 32-bit systems (CVE-2021-21309):
Redis 4.0 or newer uses a configurable limit for the maximum supported bulk
input size. By default, it is 512MB which is a safe value for all platforms.
If the limit is significantly increased, receiving a large request from a client
may trigger several integer overflow scenarios, which would result with buffer
overflow and heap corruption.
Bug fixes:
- Avoid 32-bit overflows when proto-max-bulk-len is set high (#8522)
- Fix handling of threaded IO and CLIENT PAUSE (failover), could lead to data loss or a crash (#8520)
- Fix the selection of a random element from large hash tables (#8133)
- Fix broken protocol in client tracking tracking-redir-broken message (#8456)
- XINFO able to access expired keys on a replica (#8436)
- Fix broken protocol in redis-benchmark when used with -a or --dbnum (#8486)
- Avoid assertions (on older kernels) when testing arm64 CoW bug (#8405)
- CONFIG REWRITE should honor umask settings (#8371)
- Fix firstkey,lastkey,step in COMMAND command for some commands (#8367)
Modules:
- RM_ZsetRem: Delete key if empty, the bug could leave empty zset keys (#8453)
5.0.11
Upgrade urgency: SECURITY if you use 32bit build of redis (see bellow), LOW
otherwise.
Integer overflow on 32-bit systems (CVE-2021-21309):
Redis 4.0 or newer uses a configurable limit for the maximum supported bulk
input size. By default, it is 512MB which is a safe value for all platforms.
If the limit is significantly increased, receiving a large request from a client
may trigger several integer overflow scenarios, which would result with buffer
overflow and heap corruption.
Bug fixes:
- Avoid 32-bit overflows when proto-max-bulk-len is set high (#8522)
- Fix an issue where a forked process deletes the parent's pidfile (#8231)
- Fix flock cluster config may cause failure to restart after kill -9 (#7674)
- Avoid an out-of-bounds read in the redis-sentinel (#7443)
Platform and deployment-related changes:
- Fix setproctitle related crashes. (#8150, #8088)
Caused various crashes on startup, mainly on Apple M1 chips or under
instrumentation. - Add a check for an ARM64 Linux kernel bug (#8224)
Due to the potential severity of this issue, Redis will refuse to run on
affected platforms by default.
Modules:
- RM_ZsetRem: Delete key if empty, the bug could leave empty zset keys (#8453)
6.2-rc3
Upgrade urgency LOW: This is the third Release Candidate of Redis 6.2.
Here is a comprehensive list of changes in this release compared to 6.2 RC2,
each one includes the PR number that added it, so you can get more details
at https://github.com/redis/redis/pull/
New commands / args:
- Add HRANDFIELD and ZRANDMEMBER commands (#8297)
- Add FAILOVER command (#8315)
- Add GETEX, GETDEL commands (#8327)
- Add PXAT/EXAT arguments to SET command (#8327)
- Add SYNC arg to FLUSHALL and FLUSHDB, and ASYNC/SYNC arg to SCRIPT FLUSH (#8258)
Sentinel:
- Add hostname support to Sentinel (#8282)
- Prevent file descriptors from leaking into Sentinel scripts (#8242)
- Fix config file line order dependency and config rewrite sequence (#8271)
New configuration options:
- Add set-proc-title config option to disable changes to the process title (#3623)
- Add proc-title-template option to control what's shown in the process title (#8397)
- Add lazyfree-lazy-user-flush config option to control FLUSHALL, FLUSHDB and SCRIPT FLUSH (#8258)
Bug fixes:
- AOF: recover from last write error by turning on/off appendonly config (#8030)
- Exit on fsync error when the AOF fsync policy is 'always' (#8347)
- Avoid assertions (on older kernels) when testing arm64 CoW bug (#8405)
- CONFIG REWRITE should honor umask settings (#8371)
- Fix firstkey,lastkey,step in COMMAND command for some commands (#8367)
Special considerations:
- Fix misleading description of the save configuration directive (#8337)
Improvements:
- A way to get RDB file via replication without excessive replication buffers (#8303)
- Optimize performance of clusterGenNodesDescription for large clusters (#8182)
Info fields and introspection changes:
- SLOWLOG and LATENCY monitor include unblocking time of blocked commands (#7491)
Modules:
- Add modules API for streams (#8288)
- Add event for fork child birth and termination (#8289)
- Add RM_BlockedClientMeasureTime* etc, to track background processing in commandstats (#7491)
- Fix bug in v6.2, wrong value passed to the new unlink callback (#8381)
- Fix bug in v6.2, modules blocked on keys unblock on commands like LPUSH (#8356)
6.0.10
Upgrade urgency MODERATE: several bugs with moderate impact are fixed,
Here is a comprehensive list of changes in this release compared to 6.0.9.
Command behavior changes:
- SWAPDB invalidates WATCHed keys (#8239)
- SORT command behaves differently when used on a writable replica (#8283)
- EXISTS should not alter LRU (#8016)
In Redis 5.0 and 6.0 it would have touched the LRU/LFU of the key. - OBJECT should not reveal logically expired keys (#8016)
Will now behave the same TYPE or any other non-DEBUG command. - GEORADIUS[BYMEMBER] can fail with -OOM if Redis is over the memory limit (#8107)
Other behavior changes:
- Sentinel: Fix missing updates to the config file after SENTINEL SET command (#8229)
- CONFIG REWRITE is atomic and safer, but requires write access to the config file's folder (#7824, #8051)
This change was already present in 6.0.9, but was missing from the release notes.
Bug fixes with compatibility implications (bugs introduced in Redis 6.0):
- Fix RDB CRC64 checksum on big-endian systems (#8270)
If you're using big-endian please consider the compatibility implications with
RESTORE, replication and persistence. - Fix wrong order of key/value in Lua's map response (#8266)
If your scripts use redis.setresp() or return a map (new in Redis 6.0), please
consider the implications.
Bug fixes:
- Fix an issue where a forked process deletes the parent's pidfile (#8231)
- Fix crashes when enabling io-threads-do-reads (#8230)
- Fix a crash in redis-cli after executing cluster backup (#8267)
- Handle output buffer limits for module blocked clients (#8141)
Could result in a module sending reply to a blocked client to go beyond the limit. - Fix setproctitle related crashes. (#8150, #8088)
Caused various crashes on startup, mainly on Apple M1 chips or under instrumentation. - Backup/restore cluster mode keys to slots map for repl-diskless-load=swapdb (#8108)
In cluster mode with repl-diskless-load, when loading failed, slot map wouldn't
have been restored. - Fix oom-score-adj-values range, and bug when used in config file (#8046)
Enabling setting this in the config file in a line after enabling it, would
have been buggy. - Reset average ttl when empty databases (#8106)
Just causing misleading metric in INFO - Disable rehash when Redis has child process (#8007)
This could have caused excessive CoW during BGSAVE, replication or AOFRW. - Further improved ACL algorithm for picking categories (#7966)
Output of ACL GETUSER is now more similar to the one provided by ACL SETUSER. - Fix bug with module GIL being released prematurely (#8061)
Could in theory (and rarely) cause multi-threaded modules to corrupt memory. - Reduce effect of client tracking causing feedback loop in key eviction (#8100)
- Fix cluster access to unaligned memory (SIGBUS on old ARM) (#7958)
- Fix saving of strings larger than 2GB into RDB files (#8306)
Additional improvements:
Platform / toolchain support related improvements:
- Fix crash log registers output on ARM. (#8020)
- Add a check for an ARM64 Linux kernel bug (#8224)
Due to the potential severity of this issue, Redis will print log warning on startup. - Raspberry build fix. (#8095)
New configuration options:
- oom-score-adj-values config can now take absolute values (besides relative ones) (#8046)
Module related fixes:
6.2-rc2
Upgrade urgency LOW: This is the second Release Candidate of Redis 6.2.
IMPORTANT: If you're running Redis on ARM64 or a big-endian system, upgrade may
have significant implications. Please be sure to read the notes below.
Here is a comprehensive list of changes in this release compared to 6.2 RC1,
each one includes the PR number that added it, so you can get more details
at https://github.com/redis/redis/pull/
New commands / args:
- Add the REV, BYLEX and BYSCORE arguments to ZRANGE, and the ZRANGESTORE command (#7844)
- Add the XAUTOCLAIM command (#7973)
- Add the MINID trimming strategy and the LIMIT argument to XADD and XTRIM (#8169)
- Add the ANY argument to GEOSEARCH and GEORADIUS (#8259)
- Add the CH, NX, XX arguments to GEOADD (#8227)
- Add the COUNT argument to LPOP and RPOP (#8179)
- Add the WRITE argument to CLIENT PAUSE for pausing write commands exclusively (#8170)
- Change the proto-ver argument of HELLO to optional (#7377)
- Add the CLIENT TRACKINGINFO subcommand (#7309)
Command behavior changes:
- CLIENT TRACKING yields an error when given overlapping BCAST prefixes (#8176)
- SWAPDB invalidates WATCHed keys (#8239)
- SORT command behaves differently when used on a writable replica (#8283)
Other behavior changes:
- Avoid propagating MULTI/EXEC for read-only transactions (#8216)
- Remove the read-only flag from TIME, ECHO, ROLE, LASTSAVE (#8216)
- Fix the command flags of PFDEBUG (#8222)
- Tracking clients will no longer receive unnecessary key invalidation messages after FLUSHDB (#8039)
- Sentinel: Fix missing updates to the config file after SENTINEL SET command (#8229)
Bug fixes with compatibility implications (bugs introduced in Redis 6.0):
- Fix RDB CRC64 checksum on big-endian systems (#8270)
If you're using big-endian please consider the compatibility implications with
RESTORE, replication and persistence. - Fix wrong order of key/value in Lua's map response (#8266)
If your scripts use redis.setresp() or return a map (new in Redis 6.0), please
consider the implications. - Fix saving of strings larger than 2GB into RDB files (#8306)
Bug fixes that are only applicable to previous releases of Redis 6.2:
Bug fixes:
- Fix the selection of a random element from large hash tables (#8133)
- Fix an issue where a forked process deletes the parent's pidfile (#8231)
- Fix crashes when enabling io-threads-do-reads (#8230)
- Fix a crash in redis-cli after executing cluster backup (#8267)
- Fix redis-benchmark to use an IP address for the first cluster node (#8154)
Additional improvements:
- Improve replication handshake time (#8214)
- Release client tracking table memory asynchronously in cases where the DB is also freed asynchronously (#8039)
- Avoid wasteful transient memory allocation in certain cases (#8286, #5954)
- Handle binary string values by the 'requirepass' and 'masterauth' configs (#8200)
Platform and deployment-related changes:
- Install redis-check-rdb and redis-check-aof as symlinks to redis-server (#5745)
- Add a check for an ARM64 Linux kernel bug (#8224)
Due to the potential severity of this issue, Redis will refuse to run on
affected platforms by default.
Info fields and introspection changes:
- Add the errorstats section to the INFO command (#8217)
- Add the failed_calls and rejected_calls fields INFO's commandstats section (#8217)
- Report child copy-on-write metrics continuously (#8264)
Module API changes: