Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

redis-8.6.2-1.1 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Name: redis Distribution: openSUSE Tumbleweed
Version: 8.6.2 Vendor: openSUSE
Release: 1.1 Build date: Tue Mar 24 14:26:28 2026
Group: Unspecified Build host: reproducible
Size: 6684788 Source RPM: redis-8.6.2-1.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/redis/redis
Summary: Persistent key-value database
redis is an advanced key-value store. It is similar to memcached but the dataset
is not volatile, and values can be strings, exactly like in memcached,
but also lists, sets, and ordered sets. All this data types can be manipulated
with atomic operations to push/pop elements, add/remove elements, perform server
side union, intersection, difference between sets, and so forth. Redis supports
different kind of sorting abilities.

Provides

Requires

License

AGPL-3.0-only

Changelog

* Tue Mar 24 2026 Илья Индиго <ilya@ilya.top>
  - Updated to 8.6.2 (boo#1260399)
    * https://github.com/redis/redis/releases/tag/8.6.2
    * Fixed potential UAF: don't use reply copy avoidance for module strings.
    * Fixed crash during command processing on replicas performing.
      full synchronization.
    * Fixed potential Memory leaks.
    * Fixed potential crash during ACL checks on wrong-arity commands.
    * Fixed HSETEX HGETEX do not validate that FIELDS is specified only once.
* Mon Feb 23 2026 Илья Индиго <ilya@ilya.top>
  - Updated to 8.6.1 (boo#1258706)
    * https://github.com/redis/redis/releases/tag/8.6.1
    * Fixed user can manipulate data read by a connection by
      injecting \r\n sequences into a Redis error reply.
    * Fixed INFO command may display module information,
      and the missing HOTKEYS HELP subcommand has been added.
    * Fixed RDB loading prevented hash table expansion.
* Tue Feb 10 2026 Marcus Rueckert <mrueckert@suse.de>
  - Updated to 8.6.0
    Major changes compared to 8.4
    - Substantial performance improvements
    - Substantial memory reduction for hashes (hashtable-encoded) and
      sorted sets (skiplist-encoded)
    - Streams: XADD idempotency (at-most-once guarantee) with new
      IDMPAUTO and IDMP arguments
    - New eviction policies - least recently modified: volatile-lrm
      and allkeys-lrm
    - Hot keys detection and reporting; new command: HOTKEYS
    - TLS certificate-based automatic client authentication
    - Time series: support NaN values; new aggregators: COUNTNAN and
      COUNTALL
    New Features
    - #14695 Keys memory size histograms
    - #14615 Streams: XADD idempotency (at-most-once guarantee) with
      new IDMPAUTO and IDMP arguments
    - #14624 New eviction policies - least recently modified:
      volatile-lrm and allkeys-lrm
    - #14680 Hot keys detection and reporting; new command: HOTKEYS
    - #14610 TLS certificate-based automatic client authentication
    - RedisTimeSeries/RedisTimeSeries#1853 Time series: support NaN
      values; new aggregators: COUNTNAN and COUNTALL Security and
      privacy fixes
    - #14645 Hide Personally Identifiable Information from ACL log
    - #14659 ACL: Key-pattern bypass in MSETEX
    - RedisTimeSeries/RedisTimeSeries#1837, RedisJSON/RedisJSON#1474
      Hide Personally Identifiable Information from server log
    - RedisBloom/RedisBloom#950 Out-of-bounds read when loading an
      invalid RDB file (MOD-12802) Bugfixes
    - #14545 ACL: AOF loading fails if ACL rules are changed and
      don't allow some commands in MULTI-EXEC
    - #14637 Atomic slot migration: wrong adjacent slot range
      behavior
    - #14567 Atomic slot migration: support delay trimming slots
      after finishing migrating slots
    - #14623 Streams: XTRIM/XADD with approx mode (~) don’t delete
      entries for DELREF/ACKED strategies
    - #14552 Streams: Incorrect behavior when using
      XDELEX...ACKEDafterXGROUP DESTROY`
    - #14537 SCAN: restore original filter order (revert change
      introduced in 8.2)
    - #14581 Rare server hang at shutdown
    - #14597 Panic when cluster node is uninitialized
    - #14583 FLUSHALL ASYNC on a writable replica may block the main
      thread for an extended period
    - #14504 Cluster: fix race condition in broadcast configuration
    - #14416 Fixed argument position handling in Redis APIs
    - RedisTimeSeries/RedisTimeSeries#1784,
      RedisTimeSeries/RedisTimeSeries#1839,
      RedisBloom/RedisBloom#952, RedisJSON/RedisJSON#1477 Atomic slot
      migration support
    - RedisBloom/RedisBloom#946 MEMORY USAGE: fix reported value
      (MOD-12799)
    - RedisJSON/RedisJSON#1473 Adding escapes to already-escaped
      characters (MOD-8137)
    - RedisJSON/RedisJSON#1475 JSON.CLEAR does not error if more than
      one path is specified (MOD-13109) Performance and resource
      utilization improvements
    - #14608 Reply copy-avoidance path to reduce memory copies for
      bulk string replies
    - #14595 Hash: unify field name and value into a single struct
    - #14701 Sorted set: unify score and value into a single struct
    - #14662 Optimize listpack iterator on hash fields
    - #14699 Optimize set commands with expiration
    - #14700 Optimize prefetching
    - #14715 Optimize prefetch sizing logic
    - #14636 Optimize ZRANK
    - #14676 Utilize hardware clock by default on ARM AArch64
    - #14575 Disable RDB compression when diskless replication is
      used
    - #14714 Optimize user ACL permission verification
    - #14692 Optimize peak memory metric collection
    - #14739 Avoid allocating and releasing list node in reply copy
      avoidance
    - #14713 Reduce per command syscalls by reusing cached time when
      hardware monotonic clock is available
    - #14726 Optimize XREADGROUP CLAIM
    - #13962 Vector set: replace manual popcount with
      __builtin_popcountll for binary vector distance (Intel, AMD,
      ARM)
    - #14474 Vector set: vectorized the quantized 8-bit vector
      distance calculation (Intel, AMD)
    - #14492 Vector set: vectorize binary quantization path for
      vectorsets distance calculation (Intel, AMD) Configuration
      parameters
    - #14719 cluster-slot-stats-enabled - per-slot resource
      consumptions statistics to collect
    - #14695 key-memory-histograms collect memory consumption
      histograms per data type Metrics
    - #14695 db0_distrib_lists_sizes, db0_distrib_sets_sizes,
      db0_distrib_hashes_sizes, db0_distrib_zsets_sizes
    - #14610 acl_access_denied_tls_cert - failed TLS
      certificate–based authentication attempts Modules API
    - #14445
    - RM_CreateKeyMetaClass - define a new key-metadata class
    - RM_ReleaseKeyMetaClass - release a key-metadata class
    - RM_SetKeyMeta - attach or update a metadata value for a key
      under a specific metadata-key class
    - RM_GetKeyMeta - get a metadata value for a key under a
      specific metadata-key class Configuration parameters
    - #14624 maxmemory-policy: new eviction policies: volatile-lrm,
      allkeys-lrm
    - #14615 stream-idmp-duration, stream-idmp-maxsize - defaults for
      streams idempotent production
    - #14610 tls-auth-clients-user TLS certificate-based automatic
      client authentication
    - #14596 flushdb option for repl-diskless-load: always flush the
      entire dataset before diskless load Known bugs and limitations
    - Streams: avoid using XADD with the new IDMP or IDMPAUTO options
      when using appendonly yes with aof-use-rdb-preamble no (non
      default). This limitation will be removed in the next patch.
    - Redis Query Engine: In case of load rebalancing operations
      (such as Atomic Slot Migration) taking place during the
      lifetime of a cursor, there is a chance that some results may
      be missing.
    for all the details see:
    https://github.com/redis/redis/releases/tag/8.6.0
* Sun Feb 08 2026 Marcus Rueckert <mrueckert@suse.de>
  - Updated to 8.4.1
    * https://github.com/redis/redis/releases/tag/8.4.1
    * Atomic slot migration: wrong adjacent slot range behavior.
    * Atomic slot migration: support delay trimming slots after
      finishing migrating slots.
    * Fixed CLUSTER SLOT-STATS few memory tracking bugs.
* Sat Nov 29 2025 Marcus Rueckert <mrueckert@suse.de>
  - Fix filename of the config template
* Tue Nov 18 2025 Marcus Rueckert <mrueckert@suse.de>
  - Updated to 8.4.0
    - Major changes compared to 8.2
    - DIGEST, DELEX; SET extensions - atomic compare-and-set and
      compare-and-delete for string keys
    - MSETEX - atomically set multiple string keys and update their
      expiration
    - XREADGROUP - new CLAIM option for reading both idle pending
      and incoming stream entries
    - CLUSTER MIGRATION - atomic slot migration
    - CLUSTER SLOT-STATS - per-slot usage metrics: key count, CPU
      time, and network I/O
    - Redis query engine: FT.HYBRID - hybrid search and fused
      scoring
    - Redis query engine: I/O threading with performance boost for
      search and query commands (FT.*)
    - I/O threading: substantial throughput increase (e.g. >30% for
      caching use cases (10% SET, 90% GET), 4 cores)
    - JSON: substantial memory reduction for homogenous arrays (up
      to 91%)
    for all the details see:
    https://github.com/redis/redis/releases/tag/8.4.0
    https://github.com/redis/redis/releases/tag/8.4-rc1
* Sun Nov 02 2025 Marcus Rueckert <mrueckert@suse.de>
  - Updated to 8.2.3 (boo#1252996 CVE-2025-62507)
    * https://github.com/redis/redis/releases/tag/8.2.3
    - Security fixes
    - (CVE-2025-62507) Bug in `XACKDEL` may lead to stack overflow
      and potential RCE
    - Bug fixes
    - `HGETEX`: A missing `numfields` argument when `FIELDS` is
      used can lead to Redis crash
    - An overflow in `HyperLogLog` with 2GB+ entries may result in
      a Redis crash
    - Cuckoo filter - Division by zero in Cuckoo filter insertion
    - Cuckoo filter - Counter overflow
    - Bloom filter - Arbitrary memory read/write with invalid
      filter
    - Bloom filter - Out-of-bounds access with empty chain
    - Top-k - Out-of-bounds access
    - Bloom filter - Restore invalid filter [We thank AWS security
      for responsibly disclosing the security bug]
* Sat Oct 04 2025 Илья Индиго <ilya@ilya.top>
  - Updated to 8.2.2 (boo#1250995)
    * https://github.com/redis/redis/releases/tag/8.2.2
    * Fixed Lua script may lead to remote code execution (CVE-2025-49844).
    * Fixed Lua script may lead to integer overflow (CVE-2025-46817).
    * Fixed Lua script can be executed in the context of another user
      (CVE-2025-46818).
    * Fixed LUA out-of-bound read (CVE-2025-46819).
    * Fixed potential crash on Lua script or streams and HFE defrag.
    * Fixed potential crash when using ACL rules.
    * Added VSIM: new EPSILON argument to specify maximum distance.
    * Added SVS-VAMANA: allow use of BUILD_INTEL_SVS_OPT flag.
    * Added RESP3 serialization performance.
    * Added INFO SEARCH: new SVS-VAMANA metrics.
* Mon Aug 18 2025 Marcus Rueckert <mrueckert@suse.de>
  - Updated to 8.2.1
    * https://github.com/redis/redis/releases/tag/8.2.1
    - Bug fixes
    * #14240 INFO KEYSIZES - potential incorrect histogram updates
      on cluster mode with modules
    * #14274 Disable Active Defrag during flushing replica
    * #14276 XADD or XTRIM can crash the server after loading RDB
    * #Q6601 Potential crash when running FLUSHDB (MOD-10681)
    * Performance and resource utilization
    * Query Engine - LeanVec and LVQ proprietary Intel
      optimizations were removed from Redis Open Source
    * #Q6621 Fix regression in INFO (MOD-10779)
* Mon Aug 04 2025 Marcus Rueckert <mrueckert@suse.de>
  - Updated to 8.2.0
    * https://github.com/redis/redis/releases/tag/8.2.0
    * Added commands: XDELEX and XACKDEL; extension to XADD and XTRIM.
    * Added operators: DIFF, DIFF1, ANDOR, and ONE.
    * Added SVS-VAMANA vector index type which supports vector compression.
* Sun Jul 06 2025 Илья Индиго <ilya@ilya.top>
  - Updated to 8.0.3
    * https://github.com/redis/redis/releases/tag/8.0.3
    * Fixed out-of-bounds write in HyperLogLog commands (CVE-2025-32023).
    * Fixed retry accepting other connections even if the accepted
      connection reports an error (CVE-2025-48367).
    * Fixed a short read may lead to an exit() on a replica.
    * Fixed db->expires is not defragmented.
    * Added new WITHATTRIBS to return the JSON attribute associated
      with an element.
* Fri Jun 06 2025 Илья Индиго <ilya@ilya.top>
  - Added conflict with valkey-compat-redis.
  - Changed license to AGPL-3.0-only.
* Tue May 27 2025 Marcus Rueckert <mrueckert@suse.de>
  - redis 8.0.2:
    Update urgency: SECURITY: There are security fixes in the release.
    - Security fixes
    - (CVE-2025-27151) redis-check-aof may lead to stack overflow
      and potential RCE
    - Bug fixes
    - #14081 Cron-based timers run twice as fast when active defrag
      is enabled
    - Other general improvements -#14048 LOLWUT for Redis 8
* Tue May 13 2025 Marcus Rueckert <mrueckert@suse.de>
  - redis 8.0.1:
    Update urgency: MODERATE: Program an upgrade of the server, but it's not urgent.
    - Performance and resource utilization improvements
    - #13959 Vector sets - faster VSIM FILTER parsing
    - Bug fixes
    - #QE6083 Query Engine - revert default policy
      search-on-timeout to RETURN
    - #QE6050 Query Engine - @__key on FT.AGGREGATE used as
      reserved field name preventing access to Redis keyspace
    - #QE6077 Query Engine - crash when calling FT.CURSOR DEL while
      retrieving from the CURSOR
    - Notes
    - Fixed wrong text in the license files
* Fri May 02 2025 Marcus Rueckert <mrueckert@suse.de>
  - redis 8.0.0:
    This is the General Availability release of Redis Open Source
    8.0.
    Redis 8.0 deprecates previous Redis and Redis Stack versions.
    Stand alone RediSearch, RedisJSON, RedisTimeSeries, and
    RedisBloom are no longer needed as they are now part of Redis.
    - Major changes compared to 7.4.2
    - Name change: Redis Community Edition is now Redis Open Source
    - License change: licensed under your choice of
    - (a) the Redis Source Available License 2.0 (RSALv2); or
    - (b) the Server Side Public License v1 (SSPLv1); or
    - (c) the GNU Affero General Public License (AGPLv3)
    - Redis Query engine and 8 new data structures are now an
      integral part of Redis 8
    - (1) Redis Query Engine, which now supports both horizontal
      and vertical scaling for search, query and vector workloads
    - (2) JSON - a queryable JSON document
    - (3) Time series
    - (4-8) Five probabilistic data structures: Bloom filter,
      Cuckoo filter, Count-min sketch, Top-k, and t-digest
    - (9) Vector set [beta] - a data structure designed for Vector
      Similarity Search, inspired by Sorted set
    - These nine components are included in all binary
      distributions
    - See instructions in the README.md file on how to build from
      source with all these components
    - New configuration file: redis-full.conf - loads Redis with
      all these components, and contains new configuration
      parameters for Redis Query engine and the new data structures
    - New ACL categories: @search, @json, @timeseries, @bloom,
      @cuckoo, @cms, @topk, @tdigest
    - Commands are also included in the existing ACL categories
      (@read, @write, etc.)
    - More than 30 performance and resource utilization improvements
    - A new I/O threading implementation which enables throughput
      increase on multi-core environments (set with io-threads
      configuration parameter)
    - An improved replication mechanism which is more performant and
      robust
    - New hash commands - HGETDEL, HGETEX, HSETEX
    - For more details, see the release notes of 8.0-M01, 8.0-M02,
      8.0-M03, 8.0-M04, and 8.0-RC1
    - Bug fixes (compared to 8.0-RC1)
    - #13966, #13932 CLUSTER SLOTS - TLS port update not reflected
    - #13958 XTRIM, XADD - incorrect lag due to trimming stream
    - #13931 HGETEX - wrong order of keyspace notifications
  - fast_float intree copy need gcc-c++
* Wed Apr 23 2025 Marcus Rueckert <mrueckert@suse.de>
  - redis 7.4.3:
    - Security fixes
    - (CVE-2025-21605) An unauthenticated client can cause an
      unlimited growth of output buffers
    - Bug fixes
    - #13661 FUNCTION FLUSH - memory leak when using jemalloc
    - #13793 WAITAOF returns prematurely
    - #13853 SLAVEOF - crash when clients are blocked on lazy free
    - #13863 RANDOMKEY - infinite loop during client pause
    - #13877 ShardID inconsistency when both primary and replica
      support it
* Sun Mar 23 2025 Marcus Rueckert <mrueckert@suse.de>
  - add build conditional to skip the testsuite if you want test
    other aspects of the build
* Sun Mar 23 2025 Marcus Rueckert <mrueckert@suse.de>
  - update redis-conf.patch
    instead of copying the whole default example config we can also
    have it as include file and start out with a very minimal
    configuration for each instance.
* Thu Jan 09 2025 Antonio Teixeira <antonio.teixeira@suse.com>
  - redis 7.4.2:
    - Security fixes
    - (CVE-2024-46981, boo#1235387) Lua script commands may lead to
      remote code execution
    - (CVE-2024-51741, boo#1235386) Denial-of-service due to malformed
      ACL selectors
    - Bug fixes
    - #13627 Crash on module memory defragmentation
    - #13338 Streams: XINFO lag field is wrong when tombstone is after
      the last_id of the consume group
    - #13473 Streams: XTRIM does not update the maximal tombstone,
      leading to an incorrect lag
    - #13470 INFO after HDEL show wrong number of hash keys with
      expiration
    - #13476 Fix a race condition in the cache_memory of functionsLibCtx
    - #13626 Memory leak on failed RDB loading
    - #13539 Hash: fix key ref for a hash that no longer has fields with
      expiration on RENAME/MOVE/SWAPDB/RESTORE
    - #13443 Cluster: crash when loading cluster config
    - #13422 Cluster: CLUSTER SHARDS returns empty array
    - #13465 Cluster: incompatibility with older node versions
    - #13608 Cluster: SORT ... GET #: incorrect error message
* Wed Oct 02 2024 Marcus Rueckert <mrueckert@suse.de>
  - redis 7.4.1: (boo#1231264 boo#1231265 boo#1231266)
    - (CVE-2024-31449) Lua library commands may lead to stack
      overflow and potential RCE.
    - (CVE-2024-31227) Potential Denial-of-service due to malformed
      ACL selectors.
    - (CVE-2024-31228) Potential Denial-of-service due to unbounded
      pattern matching.
* Mon Jul 29 2024 Marcus Rueckert <mrueckert@suse.de>
  - Refreshed patch
    redis-conf.patch
    reproducible.patch
    ppc-atomic.patch
  - Also track series file
* Mon Jul 29 2024 Marcus Rueckert <mrueckert@suse.de>
  - redis 7.4.0:
    - New Features
    - #13391,#13438 Hash - expiration of individual fields: RDB
      file format changes
    - #13372 Hash - expiration of individual fields: rename and fix
      counting of expired_subkeys metric
    - #13372 Hash - expiration of individual fields: rename INFO
      keyspace field to subexpiry
    - #13343 Hash - expiration of individual fields: when key does
      not exist - reply with an array (nonexisting code for each
      field)
    - #13329 Hash - expiration of individual fields: new keyspace
      event: hexpired
    - #13303 Hash - expiration of individual fields. 9 commands
      were introduced:
    - HEXPIRE and HPEXPIRE set the remaining time to live for
      specific fields
    - HEXPIREAT and HPEXPIREAT set the expiration time to a UNIX
      timestamp for specific fields
    - HPERSIST removes the expiration for specific fields
    - HEXPIRETIME and HPEXPIRETIME get the expiration time for
      specific fields
    - HTTL and HPTTL get the remaining time to live for specific
      fields
    - #13117 XREAD: new id value + to start reading from the last
      message
    - #12765 HSCAN: new NOVALUES flag to report only field names
    - #12728 SORT, SORT_RO: allow BY and GET options in cluster
      mode when the pattern maps to the same slot as the key
    - #12299 CLIENT KILL: new optional filter: MAXAGE maxage - kill
      connections older than maxage seconds
    - #12971 Lua: expose os.clock() API for getting the elapsed
      time of Lua code execution
    - #13276 Allow SPUBLISH command within MULTI ... EXEC
      transactions on replica
    - Bug fixes
    - #13407 Trigger Lua GC after SCRIPT LOAD
    - #13380 Fix possible crash due to OOM panic on invalid command
    - #13383 FUNCTION FLUSH - improve Lua GC behavior and fix
      thread race in ASYNC mode
    - #13408 HEXPIRE-like commands should emit HDEL keyspace
      notification if expire time is in the past
    - #12898 XREADGROUP: fix entries-read inconsistency between
      master and replicas
    - #13042 SORT ... STORE: fix created lists to respect list
      compression and packing configs
    - #12817, #12905 Fix race condition issues between the main
      thread and module threads
    - #12577 Unsubscribe all clients from replica for shard channel
      if the master ownership changes
    - #12622 WAITAOF could timeout or hang if used after a module
      command that propagated effects only to replicas and not to
      AOF
    - #11734 BITCOUNT and BITPOS with nonexistent key and illegal
      arguments return an error, not 0
    - #12394 BITCOUNT: check for wrong argument before checking if
      key exists
    - #12961 Allow execution of read-only transactions when out of
      memory
    - #13274 Fix crash when a client performs ACL change that
      disconnects itself
    - #13311 Cluster: Fix crash due to unblocking client during
      slot migration
    - Security improvements
    - #13108 Lua: LRU eviction for scripts generated with EVAL ***
      BEHAVIOR CHANGE ***
    - #12961 Restrict the total request size of MULTI ... EXEC
      transactions
    - #12860 Redact ACL username information and mark
    * -key-file-pass configs as sensitive
    - Performance and resource utilization improvements
    - #13296 Optimize CPU cache efficiency
    - #12838 Improve performance when many clients call
      PUNSUBSCRIBE / SUNSUBSCRIBE simultaneously
    - #12627 Reduce lag when waking WAITAOF clients and there is
      not much traffic
    - #12754 Optimize KEYS when pattern includes hashtag and
      implies a single slot
    - #11695 Reduce memory and improve performance by replacing
      cluster metadata with slot specific dictionaries
    - #13087 SCRIPT FLUSH ASYNC now does not block the main thread
    - #12996 Active memory defragmentation efficiency improvements
    - #12899 Improve performance of read/update operation during
      rehashing
    - #12536 SCAN ... MATCH: Improve performance when the pattern
      implies cluster slot
    - #12450 ZRANGE ... LIMIT: improved performance
    - Other general improvements
    - #13133 Lua: allocate VM code with jemalloc instead of libc
      and count it as used memory *** BEHAVIOR CHANGE ***
    - #12171 ACL LOAD: do not disconnect all clients *** BEHAVIOR
      CHANGE ***
    - #13020 Allow adjusting defrag configurations while active
      defragmentation is running
    - #12949 Increase the accuracy of avg_ttl (the average keyspace
      keys TTL)
    - #12977 Allow running WAITAOF in scripts
    - #12782 Implement TCP Keep-Alives across most Unix-like
      systems
    - #12707 Improved error codes when rejecting scripts in cluster
      mode
    - #12596 Support XREAD ... BLOCK in scripts; rejected only if
      it ends up blocking
    - New metrics
    - #12849 INFO: pubsub_clients - number of clients in Pub/Sub
      mode
    - #12966 INFO: watching_clients - number of clients that are
      watching keys
    - #12966 INFO: total_watched_keys - number of watched keys
    - #12476 INFO: client_query_buffer_limit_disconnections - count
      client input buffer OOM events
    - #12476 INFO: client_output_buffer_limit_disconnections -
      count client output buffer OOM events
    - #12996 INFO: allocator_muzzy - memory returned to the OS but
      still shows as RSS until the OS reclaims it
    - #13108 INFO: evicted_scripts - number of evicted eval
      scripts. Users can check it to see if they are abusing EVAL
    - #12996 MEMORY STATS: allocator.muzzy - memory returned to the
      OS but still shows as RSS until the OS reclaims it
    - #12913 INFO MEMORY mem_overhead_db_hashtable_rehashing -
      memory resharding overhead (only the memory that will be
      released soon)
    - #12913 MEMORY STATS: overhead.db.hashtable.lut - total
      overhead of dictionary buckets in databases
    - #12913 MEMORY STATS: overhead.db.hashtable.rehashing -
      temporary memory overhead of database dictionaries currently
      being rehashed
    - #12913 MEMORY STATS: db.dict.rehashing.count - number of top
      level dictionaries currently being rehashed
    - #12966 CLIENT LIST: watch - number of keys each client is
      currently watching
    - Modules API
    - #13326 Hash - expiration of individual fields: avoid lazy
      expire when called from a Modules API function
    - #12985 New API calls: RM_TryCalloc and RM_TryRealloc - allow
      modules to handle memory allocation failures gracefully
    - #13069 New API call: RM_ClusterKeySlot - which slot a key
      will hash to
    - #13069 New API call: RM_ClusterCanonicalKeyNameInSlot - get a
      consistent key that will map to a slot
    - #12486 New API call: RM_AddACLCategory - allow modules to
      declare new ACL categories
    - Configuration parameters
    - #13400 Add hide-user-data-from-log - allows hiding user data
      from the log file
    - #12178 New configuration parameters:
      max-new-connections-per-cycle and
      max-new-tls-connections-per-cycle to limit the number of new
      client connections per event-loop cycle
    - #7351 Rename some CPU configuration parameters for style
      alignment. Added alias to the old names to avoid breaking
      change
    - CLI tools
    - #10609 redis-cli: new -t <timeout> argument: specify server
      connection timeout in seconds
    - #11315 redis-cli: new -4 and -6 flags to prefer IPV4 or IPV6
      on DNS lookup
    - #12862 redis-cli: allows pressing up arrow to return any
      command (including sensitive commands which are still not
      persisted)
    - #12543 redis-cli: add reverse history search (like Ctrl+R in
      terminals)
    - #12826 redis-cli: add --keystats and --keystats-samples to
      combines --memkeys and --bigkeys with additional distribution
      data
    - #12735 redis-cli: fix: --bigkeys and --memkeys now work on
      cluster replicas
    - #9411 redis-benchmark: add support for binary strings
    - #12986 redis-benchmark: fix: pick random slot for a node to
      distribute operation across slots
* Sun May 19 2024 Andreas Stieger <andreas.stieger@gmx.de>
  - redis 7.2.5:
    * A single shard cluster leaves failed replicas in CLUSTER SLOTS
      instead of removing them
    * Crash in LSET command when replacing small items and exceeding
      4GB
    * Blocking commands timeout is reset due to re-processing command
    * Conversion of numbers in Lua args to redis args can fail
    * redis-cli: --count (for --scan, --bigkeys, etc) was ignored
      unless --pattern was also used
    * redis-check-aof: incorrectly considering data in manifest
      format as MP-AOF
* Sat Apr 27 2024 Илья Индиго <13ilya@gmail.com>
  - Fixed privileges of /run/redis directory (rpm -qlv redis | grep /run).
* Fri Mar 01 2024 Danilo Spinella <danilo.spinella@suse.com>
  - The following issue has been fixed in TW but has not been
    mentioned before:
    * bsc#1208235
    * bsc#1207448
  - The following patch was removed from SLE:
    * bsc1198952.patch
    * redis-CVE-2022-24834.patch
    * redis-CVE-2022-36021.patch
    * redis-CVE-2023-25155.patch
    * redis-CVE-2023-45145.patch
    * redis-CVE-2023-45145.patch
* Tue Jan 09 2024 Marcus Rueckert <mrueckert@suse.de>
  - redis 7.2.4: (boo#1218646)
    - Security fixes
    - (CVE-2023-41056) In some cases, Redis may incorrectly handle
      resizing of memory buffers which can result in incorrect
      accounting of buffer sizes and lead to heap overflow and
      potential remote code execution.
    - Bug fixes
    - Fix crashes of cluster commands clusters with mixed versions
      of 7.0 and 7.2 (#12805, #12832)
    - Fix slot ownership not being properly handled when deleting a
      slot from a node (#12564)
    - Fix atomicity issues with the RedisModuleEvent_Key module API
      event (#12733)
* Fri Nov 03 2023 Marcus Rueckert <mrueckert@suse.de>
  - redis 7.2.3:
    - Fix file descriptor leak preventing deleted files from freeing
      disk space on replicas (#12693)
    - Fix a possible crash after cluster node removal (#12702)
* Fri Oct 20 2023 Danilo Spinella <oss@danyspin97.org>
  - redis 7.2.2:
    * (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
      race condition that can be used by another process to bypass desired Unix
      socket permissions on startup, bsc#1216376
    * WAITAOF could timeout in the absence of write traffic in case a new AOF is
      created and an AOF rewrite can't immediately start
    * Fix crash when running rebalance command in a mixed cluster of 7.0 and 7.2
      nodes
    * Fix the return type of the slot number in cluster shards to integer, which
      makes it consistent with past behavior
    * Fix CLUSTER commands are called from modules or scripts to return TLS info
      appropriately
      redis-cli, fix crash on reconnect when in SUBSCRIBE mode
    * Fix overflow calculation for next timer event
* Thu Sep 07 2023 Danilo Spinella <danilo.spinella@suse.com>
  - redis 7.2.1:
    * (CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and,
      as a result, may grant users executing this command access to keys that are not
      explicitly authorized by the ACL configuration. (bsc#1215094)
    * Fix crashes when joining a node to an existing 7.0 Redis Cluster
    * Correct request_policy and response_policy command tips on for some admin /
      configuration commands
  - Refresh redis.hashes
* Tue Aug 15 2023 Marcus Rueckert <mrueckert@suse.de>
  - redis 7.2.0
    - Bug Fixes
    - redis-cli in cluster mode handles unknown-endpoint (#12273)
    - Update request / response policy hints for a few commands
      (#12417)
    - Ensure that the function load timeout is disabled during
      loading from RDB/AOF and on replicas. (#12451)
    - Fix false success and a memory leak for ACL selector with bad
      parenthesis combination (#12452)
    - Fix the assertion when script timeout occurs after it
      signaled a blocked client (#12459)
    - Fixes for issues in previous releases of Redis 7.2
    - Update MONITOR client's memory correctly for INFO and
      client-eviction (#12420)
    - The response of cluster nodes was unnecessarily adding an
      extra comma when no hostname was present. (#12411)
  - refreshed redis-conf.patch:
  - switch to autosetup now that we switched the last patch to patch
    level 1
* Wed Jul 12 2023 Danilo Spinella <danilo.spinella@suse.com>
  - redis 7.0.12:
    * (CVE-2022-24834) A specially crafted Lua script executing in Redis can trigger
      a heap overflow in the cjson and cmsgpack libraries, and result in heap
      corruption and potentially remote code execution. The problem exists in all
      versions of Redis with Lua scripting support, starting from 2.6, and affects
      only authenticated and authorized users. (bsc#1213193)
    * (CVE-2023-36824) Extracting key names from a command and a list of arguments
      may, in some cases, trigger a heap overflow and result in reading random heap
      memory, heap corruption and potentially remote code execution. Specifically:
      using COMMAND GETKEYS* and validation of key names in ACL rules. (bsc#1213249)
    * Re-enable downscale rehashing while there is a fork child
    * Fix possible hang in HRANDFIELD, SRANDMEMBER, ZRANDMEMBER when used with <count>
    * Improve fairness issue in RANDOMKEY, HRANDFIELD, SRANDMEMBER, ZRANDMEMBER,
      SPOP, and eviction
    * Fix WAIT to be effective after a blocked module command being unblocked
    * Avoid unnecessary full sync after master restart in a rare case
* Fri May 19 2023 Jiri Srain <jsrain@suse.com>
  - refresh redis-hashes from upstream source
* Mon Apr 17 2023 Marcus Rueckert <mrueckert@suse.de>
  - redis 7.0.11
    - (CVE-2023-28856) Authenticated users can use the HINCRBYFLOAT
      command to create an invalid hash field that will crash Redis
      on access (boo#1210548)
    - Add a missing fsync of AOF file in rare cases
    - Disconnect pub-sub subscribers when revoking allchannels
      permission
    - Fix a compiler fortification induced crash when used with link
      time optimizations
  - Drop get-old-size-calculations.patch:
    replaced with proper fix
* Fri Mar 24 2023 Marcus Rueckert <mrueckert@suse.de>
  - Added get-old-size-calculations.patch:
    my workaround for https://github.com/redis/redis/issues/11965
* Mon Mar 20 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - redis 7.0.10
    * CVE-2023-28425: Specially crafted MSETNX command can lead to
      assertion and denial-of-service (boo#1209528)
    * Large blocks of replica client output buffer may lead to psync
      loops and unnecessary memory usage
    * Fix CLIENT REPLY OFF|SKIP to not silence push notifications
    * Trim excessive memory usage in stream nodes when exceeding
      `stream-node-max-bytes`
    * Fix module RM_Call commands failing with OOM when maxmemory is
      changed to zero
* Mon Mar 20 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - redis 7.0.9
    * CVE-2023-25155: Specially crafted SRANDMEMBER, ZRANDMEMBER, and
      HRANDFIELD commands can trigger an integer overflow, resulting
      in a runtime assertion and termination of the Redis server
      process. Previously patched, drop
      Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
    * CVE-2022-36021: String matching commands (like SCAN or KEYS)
      with a specially crafted pattern to trigger a denial-of-service
      attack on Redis, causing it to hang and consume 100% CPU time.
      Previously upatched, drop
      String-pattern-matching-had-exponential-time-complex.patch
    * Fix a crash when reaching the maximum invalidations limit of
      client-side tracking
    * Fix a crash when SPUBLISH is used after passing the
      cluster-link-sendbuf-limit
    * Fix possible memory corruption in FLUSHALL when a client
      watches more than one key
    * Fix cluster inbound link keepalive time
    * Flush propagation list in active-expire of writable replicas to
      fix an assertion
    * Avoid propagating DEL of lazy expire from SCAN and RANDOMKEY as
      MULTI-EXEC
    * Avoid realloc to reduce size of strings when it is unneeded
    * Improve CLUSTER SLOTS reply efficiency for non-continuous slots
* Wed Mar 01 2023 Valentin Lefebvre <valentin.lefebvre@suse.com>
  - Fix CVE-2022-36021 (bsc#1208790 CVE-2022-36021)
    * String-pattern-matching-had-exponential-time-complex.patch
  - Fix CVE-2023-25155 (bsc#1208793 CVE-2023-25155)
    * Integer-Overflow-in-RAND-commands-can-lead-to-assert.patch
* Mon Jan 16 2023 Andreas Stieger <andreas.stieger@gmx.de>
  - redis 7.0.8
    * CVE-2022-35977: Integer overflow in the Redis SETRANGE and
      SORT/SORT_RO commands can drive Redis to OOM panic boo#1207202
    * CVE-2023-22458: Integer overflow in the Redis HRANDFIELD and
      ZRANDMEMBER commands can lead to denial-of-service boo#1207203
    * Avoid possible hang when client issues long KEYS, SRANDMEMBER,
      HRANDFIELD, and ZRANDMEMBER commands and gets disconnected by
      client output buffer limit
    * Make sure that fork child doesn't do incremental rehashing
    * Fix a bug where blocking commands with a sub-second timeout
      would block forever
    * Fix sentinel issue if replica changes IP

Files

/etc/redis
/etc/redis/includes
/etc/redis/includes/redis.defaults.conf
/etc/redis/includes/sentinel.defaults.conf
/etc/redis/redis.default.conf.template
/etc/redis/sentinel.default.conf.template
/run/redis
/usr/bin/redis-benchmark
/usr/bin/redis-check-aof
/usr/bin/redis-check-rdb
/usr/bin/redis-cli
/usr/etc/logrotate.d/redis
/usr/lib/sysctl.d/00-redis.conf
/usr/lib/systemd/system/redis-sentinel.target
/usr/lib/systemd/system/redis-sentinel@.service
/usr/lib/systemd/system/redis.target
/usr/lib/systemd/system/redis@.service
/usr/lib/sysusers.d/redis-user.conf
/usr/lib/tmpfiles.d/redis.conf
/usr/sbin/rcredis
/usr/sbin/redis-check-aof
/usr/sbin/redis-check-rdb
/usr/sbin/redis-sentinel
/usr/sbin/redis-server
/usr/share/doc/packages/redis
/usr/share/doc/packages/redis/00-RELEASENOTES
/usr/share/doc/packages/redis/BUGS
/usr/share/doc/packages/redis/CODE_OF_CONDUCT.md
/usr/share/doc/packages/redis/CONTRIBUTING.md
/usr/share/doc/packages/redis/README.SUSE
/usr/share/doc/packages/redis/README.md
/usr/share/doc/packages/redis/REDISCONTRIBUTIONS.txt
/usr/share/doc/packages/redis/SECURITY.md
/usr/share/doc/packages/redis/TLS.md
/usr/share/doc/packages/redis/redis-full.conf
/usr/share/licenses/redis
/usr/share/licenses/redis/LICENSE.txt
/var/lib/redis
/var/lib/redis/default
/var/log/redis


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 21 22:32:08 2026