Projetos/rpi-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/redis: security bump to v7.2.10

Browse Source 
This fixes the following vulnerabilities:

- CVE-2025-32023:
    An authenticated user may use a specially crafted string to trigger a
    stack/heap out of bounds write on hyperloglog operations, potentially
    leading to remote code execution.
    https://github.com/redis/redis/security/advisories/GHSA-rp2m-q4j6-gr43

- CVE-2025-48367:
    An unauthenticated connection can cause repeated IP protocol errors,
    leading to client starvation and, ultimately, a denial of service.
    https://github.com/redis/redis/security/advisories/GHSA-4q32-c38c-pwgq

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
(cherry picked from commit c87ddd6ee4)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
This commit is contained in:
Titouan Christophe
2025-07-07 10:11:13 +02:00
committed by Thomas Perale
parent f28089db0b
commit bdd3382ea5
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
package/redis/redis.hash
View File

@@ -1,5 +1,5 @@
# From https://github.com/redis/redis-hashes/blob/master/README
sha256 2343cc49db3beb9d2925a44e13032805a608821a58f25bd874c84881115a20b7 redis-7.2.9.tar.gz
sha256 e576ad54bc53770649c556933ecd555b975e3dac422e46356102436a437b43c7 redis-7.2.10.tar.gz
# Locally calculated
sha256 97f0a15b7bbae580d2609dad2e11f1956ae167be296ab60f4691ab9c30ee9828 COPYING

2
package/redis/redis.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
REDIS_VERSION = 7.2.9
REDIS_VERSION = 7.2.10
REDIS_SITE = http://download.redis.io/releases
REDIS_LICENSE = BSD-3-Clause (core); MIT and BSD family licenses (Bundled components)
REDIS_LICENSE_FILES = COPYING