From 24ad0ea9105dbb678ee08e19221a67f174eb750d Mon Sep 17 00:00:00 2001 From: Gyorgy Sarvari Date: Mon, 6 Oct 2025 22:35:46 +0200 Subject: [PATCH] redis: upgrade 7.2.10 -> 7.2.11 Changelog: (CVE-2025-49844) A Lua script may lead to remote code execution (CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE (CVE-2025-46818) A Lua script can be executed in the context of another user (CVE-2025-46819) LUA out-of-bound read Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj --- .../0001-hiredis-use-default-CC-if-it-is-set.patch | 0 ...2-lua-update-Makefile-to-use-environment-build-setting.patch | 0 .../0003-hack-to-force-use-of-libc-malloc.patch | 0 .../0004-src-Do-not-reset-FINAL_LIBS.patch | 0 ...05-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch | 0 .../0006-Define-correct-gregs-for-RISCV32.patch | 0 .../redis/{redis-7.2.10 => redis-7.2.11}/init-redis-server | 0 .../redis/{redis-7.2.10 => redis-7.2.11}/redis.conf | 0 .../redis/{redis-7.2.10 => redis-7.2.11}/redis.service | 0 .../recipes-extended/redis/{redis_7.2.10.bb => redis_7.2.11.bb} | 2 +- 10 files changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/0001-hiredis-use-default-CC-if-it-is-set.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/0002-lua-update-Makefile-to-use-environment-build-setting.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/0003-hack-to-force-use-of-libc-malloc.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/0004-src-Do-not-reset-FINAL_LIBS.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/0006-Define-correct-gregs-for-RISCV32.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/init-redis-server (100%) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/redis.conf (100%) rename meta-oe/recipes-extended/redis/{redis-7.2.10 => redis-7.2.11}/redis.service (100%) rename meta-oe/recipes-extended/redis/{redis_7.2.10.bb => redis_7.2.11.bb} (96%) diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/0001-hiredis-use-default-CC-if-it-is-set.patch b/meta-oe/recipes-extended/redis/redis-7.2.11/0001-hiredis-use-default-CC-if-it-is-set.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/0001-hiredis-use-default-CC-if-it-is-set.patch rename to meta-oe/recipes-extended/redis/redis-7.2.11/0001-hiredis-use-default-CC-if-it-is-set.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/0002-lua-update-Makefile-to-use-environment-build-setting.patch b/meta-oe/recipes-extended/redis/redis-7.2.11/0002-lua-update-Makefile-to-use-environment-build-setting.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/0002-lua-update-Makefile-to-use-environment-build-setting.patch rename to meta-oe/recipes-extended/redis/redis-7.2.11/0002-lua-update-Makefile-to-use-environment-build-setting.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/0003-hack-to-force-use-of-libc-malloc.patch b/meta-oe/recipes-extended/redis/redis-7.2.11/0003-hack-to-force-use-of-libc-malloc.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/0003-hack-to-force-use-of-libc-malloc.patch rename to meta-oe/recipes-extended/redis/redis-7.2.11/0003-hack-to-force-use-of-libc-malloc.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/0004-src-Do-not-reset-FINAL_LIBS.patch b/meta-oe/recipes-extended/redis/redis-7.2.11/0004-src-Do-not-reset-FINAL_LIBS.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/0004-src-Do-not-reset-FINAL_LIBS.patch rename to meta-oe/recipes-extended/redis/redis-7.2.11/0004-src-Do-not-reset-FINAL_LIBS.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch b/meta-oe/recipes-extended/redis/redis-7.2.11/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch rename to meta-oe/recipes-extended/redis/redis-7.2.11/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/0006-Define-correct-gregs-for-RISCV32.patch b/meta-oe/recipes-extended/redis/redis-7.2.11/0006-Define-correct-gregs-for-RISCV32.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/0006-Define-correct-gregs-for-RISCV32.patch rename to meta-oe/recipes-extended/redis/redis-7.2.11/0006-Define-correct-gregs-for-RISCV32.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/init-redis-server b/meta-oe/recipes-extended/redis/redis-7.2.11/init-redis-server similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/init-redis-server rename to meta-oe/recipes-extended/redis/redis-7.2.11/init-redis-server diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/redis.conf b/meta-oe/recipes-extended/redis/redis-7.2.11/redis.conf similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/redis.conf rename to meta-oe/recipes-extended/redis/redis-7.2.11/redis.conf diff --git a/meta-oe/recipes-extended/redis/redis-7.2.10/redis.service b/meta-oe/recipes-extended/redis/redis-7.2.11/redis.service similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.2.10/redis.service rename to meta-oe/recipes-extended/redis/redis-7.2.11/redis.service diff --git a/meta-oe/recipes-extended/redis/redis_7.2.10.bb b/meta-oe/recipes-extended/redis/redis_7.2.11.bb similarity index 96% rename from meta-oe/recipes-extended/redis/redis_7.2.10.bb rename to meta-oe/recipes-extended/redis/redis_7.2.11.bb index f15e07191d..5aea249133 100644 --- a/meta-oe/recipes-extended/redis/redis_7.2.10.bb +++ b/meta-oe/recipes-extended/redis/redis_7.2.11.bb @@ -17,7 +17,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "e576ad54bc53770649c556933ecd555b975e3dac422e46356102436a437b43c7" +SRC_URI[sha256sum] = "2f9886eca68d30114ad6a01da65631f8007d802fd3e6c9fac711251e6390323d" RPROVIDES:${PN} = "virtual-redis"