mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-05-07 17:19:23 +00:00
Gyorgy Sarvari
ec741a75f0
License-Update: - Upstream has removed incorrect gplv3 text from the license (because agplv3 is the correct), which changed the checksum - The recipe had incorrect license indication. Redis 8 is not BSD licensed, but depending on the user's choice, it's agplv3 or sspl (or custom redis license, which is not added to the list) Changelogs: 8.0.6: - Security fix: A user can manipulate data read by a connection by injecting \r\n sequences into a Redis error reply 8.0.5: Bugfixes: - HGETEX - potential crash when FIELDS is used and numfields is missing - Potential crash on HyperLogLog with 2GB+ entries - Cuckoo filter - Division by zero in Cuckoo filter insertion - Cuckoo filter - Counter overflow - Bloom filter - Arbitrary memory read/write with invalid filter - Bloom filter - Out-of-bounds access with empty chain - Bloom filter - Restore invalid filter [We thank AWS security for responsibly disclosing the security bug] - Top-k - Out-of-bounds access 8.0.4: Security fixes - (CVE-2025-49844) A Lua script may lead to remote code execution - (CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE - (CVE-2025-46818) A Lua script can be executed in the context of another user - (CVE-2025-46819) LUA out-of-bound read New Features - VSIM: new EPSILON argument to specify maximum distance Bug fixes - Potential use-after-free after pubsub and Lua defrag - Potential crash on Lua script defrag - HINCRBYFLOAT removes field expiration on replica - Prevent CLIENT UNBLOCK from unblocking CLIENT PAUSE - Endless client blocking for blocking commands - Vector sets - RDB format is not compatible with big endian machines - EVAL crash when error table is empty - Gracefully handle short read errors for hashes with TTL during full sync 8.0.3: Security fixes - (CVE-2025-32023) Fix out-of-bounds write in HyperLogLog commands - (CVE-2025-48367) Retry accepting other connections even if the accepted connection reports an error New Features - VSIM: Add new WITHATTRIBS to return the JSON attribute associated with an element Bug fixes - A short read may lead to an exit() on a replica - db->expires is not defragmented 8.0.2: Security fixes - (CVE-2025-27151) redis-check-aof may lead to stack overflow and potential RCE Bug fixes - Cron-based timers run twice as fast when active defrag is enabled Other general improvements - LOLWUT for Redis 8 8.0.1: Performance and resource utilization improvements - Vector sets - faster VSIM FILTER parsing Bug fixes - Query Engine - revert default policy search-on-timeout to RETURN - Query Engine - @__key on FT.AGGREGATE used as reserved field name preventing access to Redis keyspace - Query Engine - crash when calling FT.CURSOR DEL while retrieving from the CURSOR Notes - Fixed wrong text in the license files Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Collection of layers for the OE-core universe
Main layer maintainer: Khem Raj raj.khem@gmail.com
This repository is a collection of layers to supplement OE-Core with additional packages, Each layer have designated maintainer Please see the respective READMEs in the layer subdirectories