stable

redis-7.2.7-1.fc40

FEDORA-2025-72fd0442cc created by remi a month ago for Fedora 40

Redis 7.2.7 Released Mon 6 Jan 2025 12:30:00 IDT

Upgrade urgency SECURITY: See security fixes below.

Security fixes

  • (CVE-2024-46981) Lua script commands may lead to remote code execution
  • (CVE-2024-51741) Denial-of-service due to malformed ACL selectors

Bug fixes

  • 13380 Possible crash due to OOM panic on invalid command
  • 13338 Streams: XINFO lag field is wrong when tombstone is after the last_id of the consume group
  • 13473 Streams: XTRIM does not update the maximal tombstone, leading to an incorrect lag
  • 13311 Cluster: crash due to unblocking client during slot migration
  • 13443 Cluster: crash when loading cluster config
  • 13422 Cluster: CLUSTER SHARDS returns empty array
  • 13465 Cluster: incompatibility with older node versions

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-72fd0442cc

This update has been submitted for testing by remi.

a month ago

This update's test gating status has been changed to 'ignored'.

a month ago

This update has been pushed to testing.

a month ago

remi edited this update.

a month ago

This update has been submitted for stable by bodhi.

a month ago

This update has been pushed to stable.

a month ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a month ago
in testing
a month ago
in stable
a month ago
modified
a month ago
approved
a month ago
BZ#2336072 CVE-2024-51741 redis: Redis allows denial-of-service due to malformed ACL selectors [fedora-40]
0
0
BZ#2336073 CVE-2024-46981 redis: Redis' Lua library commands may lead to remote code execution [fedora-40]
0
0

Automated Test Results