mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-05-07 17:19:23 +00:00
Code Issues Projects Releases Wiki Activity

redis: upgrade 6.2.14 -> 6.2.16

Browse Source 
ChangeLog:

Security fixes
==============
* (CVE-2024-31449) Lua library commands may lead to stack overflow and
  potential RCE.
* (CVE-2024-31228) Potential Denial-of-service due to unbounded pattern
  matching.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Yi Zhao
2024-10-10 09:58:44 +08:00
committed by Khem Raj
parent 21bdd363c9
commit f702405fe9
8 changed files with 36 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-extended/redis/redis/hiredis-use-default-CC-if-it-is-set.patch → meta-oe/recipes-extended/redis/redis/0001-hiredis-use-default-CC-if-it-is-set.patch
+7 -7
View File
@@ -1,11 +1,16 @@
From dc745a33f3875cc72d41bd34ed490b352e546352 Mon Sep 17 00:00:00 2001 From 67990f216f2fbbc8a6699c700dfc089aa617905f Mon Sep 17 00:00:00 2001
From: Venture Research <tech@ventureresearch.com> From: Venture Research <tech@ventureresearch.com>
Date: Fri, 8 Feb 2013 17:39:52 -0600 Date: Fri, 8 Feb 2013 17:39:52 -0600
Subject: [PATCH] hiredis: use default CC if it is set Subject: [PATCH] hiredis: use default CC if it is set
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Instead of trying to automagically figure out CC, which breaks with OE Instead of trying to automagically figure out CC, which breaks with OE
as CC has spaces in it, just skip it if one was already passed in. as CC has spaces in it, just skip it if one was already passed in.
Upstream-Status: Pending
Signed-off-by: Venture Research <tech@ventureresearch.com> Signed-off-by: Venture Research <tech@ventureresearch.com>
Update to work with 4.0.8 Update to work with 4.0.8
@@ -14,13 +19,11 @@ Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reworked for 6.0.4 Reworked for 6.0.4
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
--- ---
Upstream-Status: Pending
deps/hiredis/Makefile | 2 -- deps/hiredis/Makefile | 2 --
1 file changed, 2 deletions(-) 1 file changed, 2 deletions(-)
diff --git a/deps/hiredis/Makefile b/deps/hiredis/Makefile diff --git a/deps/hiredis/Makefile b/deps/hiredis/Makefile
index 25ac154..569f82b 100644 index 7e41c97..54717e3 100644
--- a/deps/hiredis/Makefile --- a/deps/hiredis/Makefile
+++ b/deps/hiredis/Makefile +++ b/deps/hiredis/Makefile
@@ -42,8 +42,6 @@ endef @@ -42,8 +42,6 @@ endef
@@ -32,6 +35,3 @@ index 25ac154..569f82b 100644
OPTIMIZATION?=-O3 OPTIMIZATION?=-O3
WARNINGS=-Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers WARNINGS=-Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers
DEBUG_FLAGS?= -g -ggdb DEBUG_FLAGS?= -g -ggdb
--
2.21.3
meta-oe/recipes-extended/redis/redis/lua-update-Makefile-to-use-environment-build-setting.patch → meta-oe/recipes-extended/redis/redis/0002-lua-update-Makefile-to-use-environment-build-setting.patch
+5 -5
View File
@@ -1,4 +1,4 @@
From 097a2b259cb266c2c861dc74fa6f80712d6138c5 Mon Sep 17 00:00:00 2001 From ef989aab052510bfda32b2b325a5f80b76c42677 Mon Sep 17 00:00:00 2001
From: Venture Research <tech@ventureresearch.com> From: Venture Research <tech@ventureresearch.com>
Date: Fri, 8 Feb 2013 20:22:19 -0600 Date: Fri, 8 Feb 2013 20:22:19 -0600
Subject: [PATCH] lua: update Makefile to use environment build settings Subject: [PATCH] lua: update Makefile to use environment build settings
@@ -6,6 +6,8 @@ Subject: [PATCH] lua: update Makefile to use environment build settings
OE-specific parameters, instead of overriding all of these simply use OE-specific parameters, instead of overriding all of these simply use
the ones that are already passed in. Also configure for only Linux... the ones that are already passed in. Also configure for only Linux...
Upstream-Status: Pending
Signed-off-by: Venture Research <tech@ventureresearch.com> Signed-off-by: Venture Research <tech@ventureresearch.com>
Updated to work with 3.0.x Updated to work with 3.0.x
@@ -15,18 +17,16 @@ Signed-off-by: Armin Kuster <akust808@gmail.com>
updated to work wtih 6.2.1 updated to work wtih 6.2.1
Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com> Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
--- ---
Upstream-Status: Pending
deps/Makefile | 1 - deps/Makefile | 1 -
deps/lua/Makefile | 1 - deps/lua/Makefile | 1 -
deps/lua/src/Makefile | 16 ++++++---------- deps/lua/src/Makefile | 16 ++++++----------
3 files changed, 6 insertions(+), 12 deletions(-) 3 files changed, 6 insertions(+), 12 deletions(-)
diff --git a/deps/Makefile b/deps/Makefile diff --git a/deps/Makefile b/deps/Makefile
index ff16ee9..d8d64aa 100644 index cbe3aef..76bc222 100644
--- a/deps/Makefile --- a/deps/Makefile
+++ b/deps/Makefile +++ b/deps/Makefile
@@ -74,7 +74,6 @@ LUA_LDFLAGS+= $(LDFLAGS) @@ -81,7 +81,6 @@ endif
# lua's Makefile defines AR="ar rcu", which is unusual, and makes it more # lua's Makefile defines AR="ar rcu", which is unusual, and makes it more
# challenging to cross-compile lua (and redis). These defines make it easier # challenging to cross-compile lua (and redis). These defines make it easier
# to fit redis into cross-compilation environments, which typically set AR. # to fit redis into cross-compilation environments, which typically set AR.
meta-oe/recipes-extended/redis/redis/oe-use-libc-malloc.patch → meta-oe/recipes-extended/redis/redis/0003-hack-to-force-use-of-libc-malloc.patch
+4 -5
View File
@@ -1,4 +1,4 @@
From 1fa047162983d4a7e0576f0837a73a6027a783bd Mon Sep 17 00:00:00 2001 From b9586abcb803747301f6cc4ff93c7642bef693ea Mon Sep 17 00:00:00 2001
From: Venture Research <tech@ventureresearch.com> From: Venture Research <tech@ventureresearch.com>
Date: Wed, 6 Feb 2013 20:51:02 -0600 Date: Wed, 6 Feb 2013 20:51:02 -0600
Subject: [PATCH] hack to force use of libc malloc Subject: [PATCH] hack to force use of libc malloc
@@ -9,19 +9,18 @@ removed in favor of magic.
Note that this of course doesn't allow tcmalloc and jemalloc, however Note that this of course doesn't allow tcmalloc and jemalloc, however
jemalloc wasn't building correctly. jemalloc wasn't building correctly.
Upstream-Status: Pending
Signed-off-by: Venture Research <tech@ventureresearch.com> Signed-off-by: Venture Research <tech@ventureresearch.com>
Update to work with 4.0.8 Update to work with 4.0.8
Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
--- ---
Upstream-Status: Pending
src/Makefile | 3 ++- src/Makefile | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-) 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/Makefile b/src/Makefile diff --git a/src/Makefile b/src/Makefile
index ecd6929..c7f43c5 100644 index 7d75c83..35dd314 100644
--- a/src/Makefile --- a/src/Makefile
+++ b/src/Makefile +++ b/src/Makefile
@@ -13,7 +13,8 @@ @@ -13,7 +13,8 @@
meta-oe/recipes-extended/redis/redis/0001-src-Do-not-reset-FINAL_LIBS.patch → meta-oe/recipes-extended/redis/redis/0004-src-Do-not-reset-FINAL_LIBS.patch
+4 -4
View File
@@ -1,4 +1,4 @@
From 97584e1eb78dc18599534b47b6670c20c63f5ee2 Mon Sep 17 00:00:00 2001 From a4d87aca1c00c53b386ee7490223971e00873add Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com> From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 10 Sep 2019 20:04:26 -0700 Date: Tue, 10 Sep 2019 20:04:26 -0700
Subject: [PATCH] src: Do not reset FINAL_LIBS Subject: [PATCH] src: Do not reset FINAL_LIBS
@@ -9,17 +9,17 @@ environment to get it going
e.g. -latomic is needed on clang/x86 to provide for 64bit atomics e.g. -latomic is needed on clang/x86 to provide for 64bit atomics
Upstream-Status: Pending Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
--- ---
src/Makefile | 2 +- src/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-) 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Makefile b/src/Makefile diff --git a/src/Makefile b/src/Makefile
index 5564351..83ccd76 100644 index 35dd314..3770f96 100644
--- a/src/Makefile --- a/src/Makefile
+++ b/src/Makefile +++ b/src/Makefile
@@ -91,7 +91,7 @@ endif @@ -93,7 +93,7 @@ endif
FINAL_CFLAGS=$(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS) $(REDIS_CFLAGS) FINAL_CFLAGS=$(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS) $(REDIS_CFLAGS)
FINAL_LDFLAGS=$(LDFLAGS) $(REDIS_LDFLAGS) $(DEBUG) FINAL_LDFLAGS=$(LDFLAGS) $(REDIS_LDFLAGS) $(DEBUG)
meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch → meta-oe/recipes-extended/redis/redis/0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch
+2 -4
View File
@@ -1,4 +1,4 @@
From 98d526f76049be21bf3d77158236b2189419a78e Mon Sep 17 00:00:00 2001 From 2e6311c9c7cd85bf63eab8fe92c08ec1ec01b6fc Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com> From: Khem Raj <raj.khem@gmail.com>
Date: Sat, 21 Dec 2019 12:09:51 -0800 Date: Sat, 21 Dec 2019 12:09:51 -0800
Subject: [PATCH] Define _GNU_SOURCE to get PTHREAD_MUTEX_INITIALIZER Subject: [PATCH] Define _GNU_SOURCE to get PTHREAD_MUTEX_INITIALIZER
@@ -9,6 +9,7 @@ Fixes
| | ^~~~~~~~~~~~~~~~~~~~~~~~~ | | ^~~~~~~~~~~~~~~~~~~~~~~~~
Upstream-Status: Pending Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
--- ---
src/zmalloc.c | 1 + src/zmalloc.c | 1 +
@@ -26,6 +27,3 @@ index 1f33d09..5e182d1 100644
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdint.h> #include <stdint.h>
--
2.25.1
meta-oe/recipes-extended/redis/redis/0006-Define-correct-gregs-for-RISCV32.patch
+5 -7
View File
@@ -1,9 +1,10 @@
From 26bd72f3b8de22e5036d86e6c79f815853b83473 Mon Sep 17 00:00:00 2001 From 6149911f7a6fbaef3ed418408e2b501fa9479ffa Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com> From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 26 Oct 2020 21:32:22 -0700 Date: Mon, 26 Oct 2020 21:32:22 -0700
Subject: [PATCH] Define correct gregs for RISCV32 Subject: [PATCH] Define correct gregs for RISCV32
Upstream-Status: Pending Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Updated patch for 6.2.1 Updated patch for 6.2.1
@@ -13,10 +14,10 @@ Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
1 file changed, 24 insertions(+), 2 deletions(-) 1 file changed, 24 insertions(+), 2 deletions(-)
diff --git a/src/debug.c b/src/debug.c diff --git a/src/debug.c b/src/debug.c
index 5318c14..8c21b47 100644 index bb76c5d..55a0696 100644
--- a/src/debug.c --- a/src/debug.c
+++ b/src/debug.c +++ b/src/debug.c
@@ -1055,7 +1055,9 @@ static void* getAndSetMcontextEip(ucontext_t *uc, void *eip) { @@ -1067,7 +1067,9 @@ static void* getAndSetMcontextEip(ucontext_t *uc, void *eip) {
#endif #endif
#elif defined(__linux__) #elif defined(__linux__)
/* Linux */ /* Linux */
@@ -27,7 +28,7 @@ index 5318c14..8c21b47 100644
GET_SET_RETURN(uc->uc_mcontext.gregs[14], eip); GET_SET_RETURN(uc->uc_mcontext.gregs[14], eip);
#elif defined(__X86_64__) || defined(__x86_64__) #elif defined(__X86_64__) || defined(__x86_64__)
GET_SET_RETURN(uc->uc_mcontext.gregs[16], eip); GET_SET_RETURN(uc->uc_mcontext.gregs[16], eip);
@@ -1222,8 +1224,28 @@ void logRegisters(ucontext_t *uc) { @@ -1234,8 +1236,28 @@ void logRegisters(ucontext_t *uc) {
#endif #endif
/* Linux */ /* Linux */
#elif defined(__linux__) #elif defined(__linux__)
@@ -57,6 +58,3 @@ index 5318c14..8c21b47 100644
serverLog(LL_WARNING, serverLog(LL_WARNING,
"\n" "\n"
"EAX:%08lx EBX:%08lx ECX:%08lx EDX:%08lx\n" "EAX:%08lx EBX:%08lx ECX:%08lx EDX:%08lx\n"
--
2.25.1
meta-oe/recipes-extended/redis/redis/init-redis-server
Executable → Regular
View File
meta-oe/recipes-extended/redis/redis_6.2.14.bb → meta-oe/recipes-extended/redis/redis_6.2.16.bb
+9 -8
View File
@@ -10,19 +10,20 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
file://redis.conf \ file://redis.conf \
file://init-redis-server \ file://init-redis-server \
file://redis.service \ file://redis.service \
file://hiredis-use-default-CC-if-it-is-set.patch \ file://0001-hiredis-use-default-CC-if-it-is-set.patch \
file://lua-update-Makefile-to-use-environment-build-setting.patch \ file://0002-lua-update-Makefile-to-use-environment-build-setting.patch \
file://oe-use-libc-malloc.patch \ file://0003-hack-to-force-use-of-libc-malloc.patch \
file://0001-src-Do-not-reset-FINAL_LIBS.patch \ file://0004-src-Do-not-reset-FINAL_LIBS.patch \
file://GNU_SOURCE.patch \ file://0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch \
file://0006-Define-correct-gregs-for-RISCV32.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \
" "
SRC_URI[sha256sum] = "34e74856cbd66fdb3a684fb349d93961d8c7aa668b06f81fd93ff267d09bc277"
SRC_URI[sha256sum] = "846bff83c26d827d49f8cc8114ea9d1e72eea1169f7de36b8135ea2cec104e7d"
inherit autotools-brokensep update-rc.d systemd useradd inherit autotools-brokensep update-rc.d systemd useradd
FINAL_LIBS:x86:toolchain-clang = "-latomic" FINAL_LIBS:x86:toolchain-clang = "-latomic"
FINAL_LIBS:riscv32:toolchain-clang = "-latomic" FINAL_LIBS:riscv32 = "-latomic"
FINAL_LIBS:mips = "-latomic" FINAL_LIBS:mips = "-latomic"
FINAL_LIBS:arm = "-latomic" FINAL_LIBS:arm = "-latomic"
FINAL_LIBS:powerpc = "-latomic" FINAL_LIBS:powerpc = "-latomic"