Package: redis / 5:8.0.2-3+deb13u1

Metadata

Package Version Patches format
redis 5:8.0.2-3+deb13u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
debian packaging/0001 Set Debian configuration defaults.patch | (download)

redis.conf | 10 5 + 5 - 0 !
sentinel.conf | 8 4 + 4 - 0 !
2 files changed, 9 insertions(+), 9 deletions(-)

 
 set debian configuration defaults
0001 Fix FTBFS on kFreeBSD.patch | (download)

src/fmacros.h | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 fix ftbfs on kfreebsd
0002 Add CPPFLAGS to upstream makefiles.patch | (download)

deps/fast_float/Makefile | 2 1 + 1 - 0 !
deps/fpconv/Makefile | 2 1 + 1 - 0 !
deps/hdr_histogram/Makefile | 2 1 + 1 - 0 !
deps/linenoise/Makefile | 2 1 + 1 - 0 !
src/Makefile | 2 1 + 1 - 0 !
5 files changed, 5 insertions(+), 5 deletions(-)

 
 add cppflags and cxxflags to upstream makefiles

.
0003 Use get_current_dir_name over PATHMAX.patch | (download)

src/rdb.c | 6 2 + 4 - 0 !
1 file changed, 2 insertions(+), 4 deletions(-)

 
 use get_current_dir_name over pathmax, etc.
0004 Add support for USE_SYSTEM_JEMALLOC flag.patch | (download)

deps/Makefile | 2 2 + 0 - 0 !
src/Makefile | 5 5 + 0 - 0 !
src/zmalloc.c | 2 2 + 0 - 0 !
src/zmalloc.h | 13 13 + 0 - 0 !
4 files changed, 22 insertions(+)

 
 add support for use_system_jemalloc flag.
0005 CVE 2025 32023.patch | (download)

src/hyperloglog.c | 47 42 + 5 - 0 !
tests/unit/hyperloglog.tcl | 51 51 + 0 - 0 !
2 files changed, 93 insertions(+), 5 deletions(-)

 
 [patch] fix out of bounds write in hyperloglog commands
  (CVE-2025-32023)

Co-authored-by: oranagra <oran@redislabs.com>
0006 CVE 2025 48367.patch | (download)

src/anet.c | 24 24 + 0 - 0 !
src/anet.h | 1 1 + 0 - 0 !
src/cluster_legacy.c | 2 2 + 0 - 0 !
src/socket.c | 2 2 + 0 - 0 !
src/tls.c | 2 2 + 0 - 0 !
src/unix.c | 2 2 + 0 - 0 !
6 files changed, 33 insertions(+)

 
 [patch] retry accept() even if accepted connection reports an error
  (CVE-2025-48367)

In case of accept4() returns an error, we should check errno value and decide if we should retry accept4() without waiting next event loop iteration.
0007 Add Redis ver. REDIS_VERSION to LOLWUT 8 output as a.patch | (download)

src/lolwut8.c | 4 3 + 1 - 0 !
1 file changed, 3 insertions(+), 1 deletion(-)

 
 add "redis ver. $redis_version" to lolwut 8 output as a some
 testsuites were relying on it.

eg. python-redis (https://github.com/redis/redis-py/blob/master/tests/test_commands.py#L1092)
0008 CVE 2025 49844.patch | (download)

deps/lua/src/lparser.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 
 [patch] lua script may lead to remote code execution (cve-2025-49844)
0009 CVE 2025 46819.patch | (download)

deps/lua/src/llex.c | 34 21 + 13 - 0 !
tests/unit/scripting.tcl | 52 45 + 7 - 0 !
2 files changed, 66 insertions(+), 20 deletions(-)

 
 [patch] lua out-of-bound read (cve-2025-46819)
0010 CVE 2025 46818.patch | (download)

src/config.c | 1 1 + 0 - 0 !
src/eval.c | 2 2 + 0 - 0 !
src/function_lua.c | 2 2 + 0 - 0 !
src/script_lua.c | 59 52 + 7 - 0 !
src/script_lua.h | 1 1 + 0 - 0 !
src/server.h | 1 1 + 0 - 0 !
tests/unit/scripting.tcl | 70 70 + 0 - 0 !
7 files changed, 129 insertions(+), 7 deletions(-)

 
 [patch] lua script can be executed in the context of another user
 (CVE-2025-46818)
0011 CVE 2025 46817.patch | (download)

deps/lua/src/lbaselib.c | 7 4 + 3 - 0 !
deps/lua/src/ltable.c | 3 1 + 2 - 0 !
tests/unit/scripting.tcl | 39 39 + 0 - 0 !
3 files changed, 44 insertions(+), 5 deletions(-)

 
 [patch] lua script may lead to integer overflow and potential rce
 (CVE-2025-46817)