diff options
author | Oran Agra <oran@redislabs.com> | 2021-07-21 18:02:09 +0300 |
---|---|---|
committer | Oran Agra <oran@redislabs.com> | 2021-07-21 21:07:02 +0300 |
commit | e0cf85b8484d0985cdd80fc295e4963ab3970877 (patch) | |
tree | 169a7af54f45b03b2c4230f480d0892a559c8cfa | |
parent | 5f49f4fb40531e9157b801694c94eba9f5571da4 (diff) | |
download | redis-e0cf85b8484d0985cdd80fc295e4963ab3970877.tar.gz |
Redis 6.0.156.0.15
-rw-r--r-- | 00-RELEASENOTES | 33 | ||||
-rw-r--r-- | src/version.h | 4 |
2 files changed, 35 insertions, 2 deletions
diff --git a/00-RELEASENOTES b/00-RELEASENOTES index a2e0b6d76..b78affb2f 100644 --- a/00-RELEASENOTES +++ b/00-RELEASENOTES @@ -12,6 +12,39 @@ SECURITY: There are security fixes in the release. -------------------------------------------------------------------------------- ================================================================================ +Redis 6.0.15 Released Wed Jul 21 16:32:19 IDT 2021 +================================================================================ + +Upgrade urgency: SECURITY, contains fixes to security issues that affect +authenticated client connections on 32-bit versions. MODERATE otherwise. + +Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761). +An integer overflow bug in Redis version 2.2 or newer can be exploited using the +BITFIELD command to corrupt the heap and potentially result with remote code +execution. + +Bug fixes that involve behavior changes: +* Change reply type for ZPOPMAX/MIN with count in RESP3 to nested array (#8981). + Was using a flat array like in RESP2 instead of a nested array like ZRANGE does. + +Bug fixes: +* Fail EXEC command in case a watched key is expired (#9194) +* Fix SMOVE not to invalidate dest key (WATCH and tracking) when member already exists (#9244) +* Fix SINTERSTORE not to delete dest key when getting a wrong type error (#9032) +* Fix overflows on 32-bit versions in GETBIT, SETBIT, BITCOUNT, BITPOS, and BITFIELD (#9191) +* Set TCP keepalive on inbound cluster bus connections (#9230) +* Fix ziplist length updates on big-endian platforms (#2080) +* Fix diskless replica loading to recover from RDB short read on module AUX data (#9199) +* Fix race in client side tracking (#9116) +* If diskless repl child is killed, make sure to reap the child pid (#7742) +* Add a timeout mechanism for replicas stuck in fullsync (#8762) + +CLI tools: +* redis-cli cluster import support source and target that require auth (#7994) +* redis-cli cluster import command may issue wrong MIGRATE command, sending COPY instead of REPLACE (#8945) +* redis-cli support for RESP3 set type in CSV and RAW output (#7338) + +================================================================================ Redis 6.0.14 Released Tue June 1 12:00:00 IST 2021 ================================================================================ diff --git a/src/version.h b/src/version.h index b7b853cf3..43a8f4e12 100644 --- a/src/version.h +++ b/src/version.h @@ -1,2 +1,2 @@ -#define REDIS_VERSION "6.0.14" -#define REDIS_VERSION_NUM 0x0006000e +#define REDIS_VERSION "6.0.15" +#define REDIS_VERSION_NUM 0x0006000f |