diff options
| -rw-r--r-- | 00-RELEASENOTES | 25 | ||||
| -rw-r--r-- | src/version.h | 4 |
2 files changed, 27 insertions, 2 deletions
diff --git a/00-RELEASENOTES b/00-RELEASENOTES index 4f6cb9978..9411714e4 100644 --- a/00-RELEASENOTES +++ b/00-RELEASENOTES @@ -12,6 +12,31 @@ SECURITY: There are security fixes in the release. -------------------------------------------------------------------------------- ================================================================================ +Redis 6.2.4 Released Tue July 1 12:00:00 IST 2021 +================================================================================ + +Upgrade urgency: SECURITY, Contains fixes to security issues that affect +authenticated client connections. MODERATE otherwise. + +Fix integer overflow in STRALGO LCS (CVE-2021-32625) +An integer overflow bug in Redis version 6.0 or newer can be exploited using the +STRALGO LCS command to corrupt the heap and potentially result with remote code +execution. This is a result of an incomplete fix by CVE-2021-29477. + +Bug fixes that are only applicable to previous releases of Redis 6.2: +* Fix crash after a diskless replication fork child is terminated (#8991) +* Fix redis-benchmark crash on unsupported configs (#8916) + +Other bug fixes: +* Fix crash in UNLINK on a stream key with deleted consumer groups (#8932) +* SINTERSTORE: Add missing keyspace del event when none of the sources exist (#8949) +* Sentinel: Fix CONFIG SET of empty string sentinel-user/sentinel-pass configs (#8958) +* Enforce client output buffer soft limit when no traffic (#8833) + +Improvements: +* Hide AUTH passwords in MIGRATE command from slowlog (#8859) + +================================================================================ Redis 6.2.3 Released Mon May 3 19:00:00 IST 2021 ================================================================================ diff --git a/src/version.h b/src/version.h index b87f2b9c3..c355ecfed 100644 --- a/src/version.h +++ b/src/version.h @@ -1,2 +1,2 @@ -#define REDIS_VERSION "6.2.3" -#define REDIS_VERSION_NUM 0x00060203 +#define REDIS_VERSION "6.2.4" +#define REDIS_VERSION_NUM 0x00060204 |