Releases: redis/redis
Releases · redis/redis
7.2.5
Upgrade urgency MODERATE: Program an upgrade of the server, but it's not urgent.
Bug fixes
- A single shard cluster leaves failed replicas in CLUSTER SLOTS instead of removing them (#12824)
- Crash in LSET command when replacing small items and exceeding 4GB (#12955)
- Blocking commands timeout is reset due to re-processing command (#13004)
- Conversion of numbers in Lua args to redis args can fail. Bug introduced in 7.2.0 (#13115)
Bug fixes in CLI tools
7.2.4
Upgrade urgency SECURITY: See security fixes below.
Security fixes
- (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
Bug fixes
7.0.15
Upgrade urgency SECURITY: See security fixes below.
Security fixes
- (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
7.2.3
7.2.2
Upgrade urgency SECURITY: See security fixes below.
Security fixes
- (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
race condition that can be used by another process to bypass desired Unix
socket permissions on startup.
Platform / toolchain support related changes
- Fix compilation error on MacOS 13 (#12611)
Bug fixes
- WAITAOF could timeout in the absence of write traffic in case a new AOF is
created and an AOF rewrite can't immediately start (#12620)
Redis cluster
- Fix crash when running rebalance command in a mixed cluster of 7.0 and 7.2
nodes (#12604) - Fix the return type of the slot number in cluster shards to integer, which
makes it consistent with past behavior (#12561) - Fix CLUSTER commands are called from modules or scripts to return TLS info
appropriately (#12569)
Changes in CLI tools
- redis-cli, fix crash on reconnect when in SUBSCRIBE mode (#12571)
Module API changes
- Fix overflow calculation for next timer event (#12474)
7.0.14
6.2.14
7.2.1
Upgrade urgency SECURITY: See security fixes below.
Security Fixes
- (CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and,
as a result, may grant users executing this command access to keys that are not
explicitly authorized by the ACL configuration.
Bug Fixes
7.0.13
Upgrade urgency SECURITY: See security fixes below.
Security Fixes
- (CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and
as a result may grant users executing this command access to keys that are not
explicitly authorized by the ACL configuration.
Bug Fixes
- Cluster: fix a race condition where a slot migration may revert on a
subsequent failover or node joining (#12344) - Ensure that the function load timeout is disabled during loading from RDB/AOF
and on replicas. (#12451) - Fix the assertion when script timeout occurs after it signaled a blocked client (#12459)
7.2.0
Upgrade urgency LOW: This is the first stable Release for Redis 7.2.
Bug Fixes
- redis-cli in cluster mode handles
unknown-endpoint
(#12273) - Update request / response policy hints for a few commands (#12417)
- Ensure that the function load timeout is disabled during loading from RDB/AOF and on replicas. (#12451)
- Fix false success and a memory leak for ACL selector with bad parenthesis combination (#12452)
- Fix the assertion when script timeout occurs after it signaled a blocked client (#12459)