Upstream 3.2.3

- Security fix for CVE-2013-7458 (redis-cli history world readable)
- RHBZ#1363670 RHBZ#1363671
This commit is contained in:
Haikel Guemar 2016-08-04 23:44:42 +02:00
parent 60268427b7
commit 5612b666bc
8 changed files with 116 additions and 106 deletions

View File

@ -1,52 +0,0 @@
From 99c028fdf6723f5a32c3fa5e308f9339f95f66ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ha=C3=AFkel=20Gu=C3=A9mar?= <hguemar@fedoraproject.org>
Date: Fri, 5 Dec 2014 14:11:15 +0100
Subject: [PATCH 1/5] redis 2.8.18: redis conf
---
redis.conf | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/redis.conf b/redis.conf
index 6c76569..dd0ef34 100644
--- a/redis.conf
+++ b/redis.conf
@@ -38,7 +38,7 @@ daemonize no
# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
# default. You can specify a custom pid file location here.
-pidfile /var/run/redis.pid
+pidfile /var/run/redis/redis.pid
# Accept connections on the specified port, default is 6379.
# If port 0 is specified Redis will not listen on a TCP socket.
@@ -61,7 +61,7 @@ tcp-backlog 511
# Examples:
#
# bind 192.168.1.100 10.0.0.1
-# bind 127.0.0.1
+bind 127.0.0.1
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
@@ -100,7 +100,7 @@ loglevel notice
# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
-logfile ""
+logfile /var/log/redis/redis.log
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
@@ -184,7 +184,7 @@ dbfilename dump.rdb
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
-dir ./
+dir /var/lib/redis/
################################# REPLICATION #################################
--
2.1.0

View File

@ -0,0 +1,43 @@
From 2875336337c14d15878fcc36de83cea350fc47f1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ha=C3=AFkel=20Gu=C3=A9mar?= <hguemar@fedoraproject.org>
Date: Fri, 5 Dec 2014 14:11:15 +0100
Subject: [PATCH 1/5] redis 3.2.3: redis conf
---
redis.conf | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/redis.conf b/redis.conf
index 22e00bc..46a0154 100644
--- a/redis.conf
+++ b/redis.conf
@@ -147,7 +147,7 @@ supervised no
#
# Creating a pid file is best effort: if Redis is not able to create it
# nothing bad happens, the server will start and run normally.
-pidfile /var/run/redis_6379.pid
+pidfile /var/run/redis/redis.pid
# Specify the server verbosity level.
# This can be one of:
@@ -160,7 +160,7 @@ loglevel notice
# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
-logfile ""
+logfile /var/log/redis/redis.log
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
@@ -244,7 +244,7 @@ dbfilename dump.rdb
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
-dir ./
+dir /var/lib/redis
################################# REPLICATION #################################
--
2.9.0

View File

@ -1,39 +0,0 @@
From 4325ecb8fadeb36c7d09b994360110fa9c7b63a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ha=C3=AFkel=20Gu=C3=A9mar?= <hguemar@fedoraproject.org>
Date: Mon, 8 Dec 2014 10:02:54 +0100
Subject: [PATCH 2/5] redis 2.8.18: deps library fPIC performance tuning
---
deps/Makefile | 2 +-
deps/linenoise/Makefile | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/deps/Makefile b/deps/Makefile
index 1f623ea..4c2df41 100644
--- a/deps/Makefile
+++ b/deps/Makefile
@@ -58,7 +58,7 @@ ifeq ($(uname_S),SunOS)
LUA_CFLAGS= -D__C99FEATURES__=1
endif
-LUA_CFLAGS+= -O2 -Wall -DLUA_ANSI -DENABLE_CJSON_GLOBAL $(CFLAGS)
+LUA_CFLAGS+= -O2 -Wall -DLUA_ANSI -DENABLE_CJSON_GLOBAL $(CFLAGS) -fPIC
LUA_LDFLAGS+= $(LDFLAGS)
# lua's Makefile defines AR="ar rcu", which is unusual, and makes it more
# challenging to cross-compile lua (and redis). These defines make it easier
diff --git a/deps/linenoise/Makefile b/deps/linenoise/Makefile
index 1dd894b..712f2a6 100644
--- a/deps/linenoise/Makefile
+++ b/deps/linenoise/Makefile
@@ -2,7 +2,7 @@ STD=
WARN= -Wall
OPT= -Os
-R_CFLAGS= $(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS)
+R_CFLAGS= $(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS) -fPIC
R_LDFLAGS= $(LDFLAGS)
DEBUG= -g
--
2.1.0

View File

@ -0,0 +1,53 @@
From 0a7d1df14b256dc77249f8d5d0d483b1b4a6c97d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ha=C3=AFkel=20Gu=C3=A9mar?= <hguemar@fedoraproject.org>
Date: Mon, 8 Dec 2014 10:02:54 +0100
Subject: [PATCH 2/5] redis 3.2.3: deps library fPIC performance tuning
---
deps/Makefile | 2 +-
deps/geohash-int/Makefile | 2 +-
deps/linenoise/Makefile | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/deps/Makefile b/deps/Makefile
index 1c10bce..14839de 100644
--- a/deps/Makefile
+++ b/deps/Makefile
@@ -59,7 +59,7 @@ ifeq ($(uname_S),SunOS)
LUA_CFLAGS= -D__C99FEATURES__=1
endif
-LUA_CFLAGS+= -O2 -Wall -DLUA_ANSI -DENABLE_CJSON_GLOBAL -DREDIS_STATIC='' $(CFLAGS)
+LUA_CFLAGS+= -O2 -Wall -DLUA_ANSI -DENABLE_CJSON_GLOBAL -DREDIS_STATIC='' $(CFLAGS) -fPIC
LUA_LDFLAGS+= $(LDFLAGS)
# lua's Makefile defines AR="ar rcu", which is unusual, and makes it more
# challenging to cross-compile lua (and redis). These defines make it easier
diff --git a/deps/geohash-int/Makefile b/deps/geohash-int/Makefile
index b7c2595..d8b5b40 100644
--- a/deps/geohash-int/Makefile
+++ b/deps/geohash-int/Makefile
@@ -2,7 +2,7 @@ STD=
WARN= -Wall
OPT= -O2
-R_CFLAGS= $(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS)
+R_CFLAGS= $(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS) -fPIC
R_LDFLAGS= $(LDFLAGS)
DEBUG= -g
diff --git a/deps/linenoise/Makefile b/deps/linenoise/Makefile
index 1dd894b..712f2a6 100644
--- a/deps/linenoise/Makefile
+++ b/deps/linenoise/Makefile
@@ -2,7 +2,7 @@ STD=
WARN= -Wall
OPT= -Os
-R_CFLAGS= $(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS)
+R_CFLAGS= $(STD) $(WARN) $(OPT) $(DEBUG) $(CFLAGS) -fPIC
R_LDFLAGS= $(LDFLAGS)
DEBUG= -g
--
2.9.0

View File

@ -1,4 +1,4 @@
From d3cdf6aafbe700cd856440058e3b8a345838d326 Mon Sep 17 00:00:00 2001
From 16501b1430c43d66736ea5530cd68b571af809f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ha=C3=AFkel=20Gu=C3=A9mar?= <hguemar@fedoraproject.org>
Date: Mon, 8 Dec 2014 10:03:40 +0100
Subject: [PATCH 3/5] redis 2.8.18: use system jemalloc
@ -8,10 +8,10 @@ Subject: [PATCH 3/5] redis 2.8.18: use system jemalloc
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/Makefile b/src/Makefile
index 8b3e959..af6a4fe 100644
index 648127a..d513859 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -90,8 +90,8 @@ endif
@@ -94,8 +94,8 @@ endif
ifeq ($(MALLOC),jemalloc)
DEPENDENCY_TARGETS+= jemalloc
@ -23,5 +23,5 @@ index 8b3e959..af6a4fe 100644
REDIS_CC=$(QUIET_CC)$(CC) $(FINAL_CFLAGS)
--
2.1.0
2.9.0

View File

@ -1,4 +1,4 @@
From 2d056b8da3fb3ee4480b7849eefae6637e9ed22c Mon Sep 17 00:00:00 2001
From 851ea8154a2a8e974d1588be3d6d38262ca2ae33 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ha=C3=AFkel=20Gu=C3=A9mar?= <hguemar@fedoraproject.org>
Date: Mon, 8 Dec 2014 10:04:18 +0100
Subject: [PATCH 4/5] redis 2.8.18: disable test failed on slow machine
@ -8,10 +8,10 @@ Subject: [PATCH 4/5] redis 2.8.18: disable test failed on slow machine
1 file changed, 1 deletion(-)
diff --git a/tests/test_helper.tcl b/tests/test_helper.tcl
index d1ebde1..369ebc2 100644
index 9a6e673..0891619 100644
--- a/tests/test_helper.tcl
+++ b/tests/test_helper.tcl
@@ -33,7 +33,6 @@ set ::all_tests {
@@ -36,7 +36,6 @@ set ::all_tests {
integration/replication-2
integration/replication-3
integration/replication-4
@ -20,5 +20,5 @@ index d1ebde1..369ebc2 100644
integration/rdb
integration/convert-zipmap-hash-on-load
--
2.1.0
2.9.0

View File

@ -1,4 +1,4 @@
From 35e87543975c05e3f4d07de7c1dba2f7b88add59 Mon Sep 17 00:00:00 2001
From 9502fee0927389b6feb274f2778dfb0b7b4a1459 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ha=C3=AFkel=20Gu=C3=A9mar?= <hguemar@fedoraproject.org>
Date: Sat, 13 Sep 2014 14:03:04 +0200
Subject: [PATCH 5/5] redis 2.8.18: sentinel configuration file fix
@ -23,5 +23,5 @@ index 39d1044..543d40d 100644
--
2.1.0
2.9.0

View File

@ -11,8 +11,8 @@
%global with_tests %{?_with_tests:1}%{!?_with_tests:0}
Name: redis
Version: 3.0.6
Release: 3%{?dist}
Version: 3.2.3
Release: 1%{?dist}
Summary: A persistent key-value database
License: BSD
URL: http://redis.io
@ -32,8 +32,8 @@ Source9: %{name}-limit-init
# Then refresh your patches
# git format-patch HEAD~<number of expected patches>
# Update configuration for Fedora
Patch0001: 0001-redis-2.8.18-redis-conf.patch
Patch0002: 0002-redis-2.8.18-deps-library-fPIC-performance-tuning.patch
Patch0001: 0001-redis-3.2.3-redis-conf.patch
Patch0002: 0002-redis-3.2.3-deps-library-fPIC-performance-tuning.patch
Patch0003: 0003-redis-2.8.18-use-system-jemalloc.patch
# tests/integration/replication-psync.tcl failed on slow machines(GITHUB #1417)
Patch0004: 0004-redis-2.8.18-disable-test-failed-on-slow-machine.patch
@ -219,7 +219,7 @@ fi
%files
%{!?_licensedir:%global license %%doc}
%license COPYING
%doc 00-RELEASENOTES BUGS CONTRIBUTING MANIFESTO README
%doc 00-RELEASENOTES BUGS CONTRIBUTING MANIFESTO README.md
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%attr(0644, redis, root) %config(noreplace) %{_sysconfdir}/%{name}.conf
%attr(0644, redis, root) %config(noreplace) %{_sysconfdir}/%{name}-sentinel.conf
@ -243,6 +243,11 @@ fi
%changelog
* Thu Aug 4 2016 Haïkel Guémar <hguemar@fedoraproject.org> - 3.2.3-1
- Upstream 3.2.3
- Security fix for CVE-2013-7458 (redis-cli history world readable)
- RHBZ#1363670 RHBZ#1363671
* Mon Feb 8 2016 Haïkel Guémar <hguemar@fedoraproject.org> - 3.0.6-3
- Fix redis-shutdown to handle password-protected instances shutdown