From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id KOhpK8PCtmBZYQEAgWs5BA (envelope-from ) for ; Wed, 02 Jun 2021 01:29:07 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id WDijJsPCtmBNSAAA1q6Kng (envelope-from ) for ; Tue, 01 Jun 2021 23:29:07 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 433FF270DE for ; Wed, 2 Jun 2021 01:29:07 +0200 (CEST) Received: from localhost ([::1]:50664 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1loDoo-00088y-89 for larch@yhetil.org; Tue, 01 Jun 2021 19:29:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55460) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1loDok-00088a-Lx for guix-patches@gnu.org; Tue, 01 Jun 2021 19:29:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:54886) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1loDok-0003og-ET for guix-patches@gnu.org; Tue, 01 Jun 2021 19:29:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1loDok-0005MI-9x for guix-patches@gnu.org; Tue, 01 Jun 2021 19:29:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#48787] [PATCH] gnu: redis: Update to 6.2.4 [security fixes]. Resent-From: Simon Streit Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 01 Jun 2021 23:29:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 48787 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 48787@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.162259009620542 (code B ref -1); Tue, 01 Jun 2021 23:29:02 +0000 Received: (at submit) by debbugs.gnu.org; 1 Jun 2021 23:28:16 +0000 Received: from localhost ([127.0.0.1]:38199 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1loDnv-0005LB-O7 for submit@debbugs.gnu.org; Tue, 01 Jun 2021 19:28:16 -0400 Received: from lists.gnu.org ([209.51.188.17]:38134) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1loDnq-0005Kz-5W for submit@debbugs.gnu.org; Tue, 01 Jun 2021 19:28:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55320) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1loDnp-00083v-W1 for guix-patches@gnu.org; Tue, 01 Jun 2021 19:28:06 -0400 Received: from smtprelay02.ispgateway.de ([80.67.18.14]:15864) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1loDnm-0003AF-JD for guix-patches@gnu.org; Tue, 01 Jun 2021 19:28:05 -0400 Received: from [93.195.161.34] (helo=milk) by smtprelay02.ispgateway.de with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1loDmh-0007a3-1r for guix-patches@gnu.org; Wed, 02 Jun 2021 01:26:55 +0200 From: Simon Streit Gcc: nnfolder+archive:sent.2021-06 Date: Wed, 02 Jun 2021 01:28:01 +0200 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Df-Sender: bGlzdHNAbmV0cGFuaWMub3Jn Received-SPF: none client-ip=80.67.18.14; envelope-from=simon@netpanic.org; helo=smtprelay02.ispgateway.de X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1622590147; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:list-id:list-help:list-unsubscribe:list-subscribe: list-post; bh=d2kdiqjtmoJUH8kjqKLc3b4gUgaYSM74wsDqu6I4N+c=; b=hMnY5DFOqtQmTKGu6twNM+e0PabUIQTOxkIFafnWjoUvJ+zsXaH8ecNeflv9RO64EVLR+2 SfR3D9sWwsyGfR6Md3qRcuxiGkSHTyNx88YrqwV/6EFghYwnPamndSPpagT/UHGjy0gTi8 VMbms+oPknrZLW8LNiH1W5qaOnv74R74BMHNSV6dgCBcAf6IVJ1eBeb7S01aS167/mjvO8 LAxRVkTAeYesnEe98b9N4Z+JQlrsY0asThbJwwbHKkqksDimZzePTNIG3Et+ATgUmlqYGk 8ol1TbcOK9/4FgTLmJQuuVELxiB+h8kNKTZ47EPkFdF+0pBT5XCNh158fShRnA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1622590147; a=rsa-sha256; cv=none; b=TJRFqIVjdGQ1626kG1eYhOXgtuQu0Bsnbq1fkLKV4M362f345u18SMDlxKF9eBA9GhRO5G LBHarSzyqxXWHZ5IsxUwV93d7SUfgZbg9AuTelYcrsKBxp7VEHXUNCQ0mXDqhaMmBZNVAJ aPSkcUps1de+Vy3YewHg6XY6a/SPeoqJg0nmmsS5VNDta6pISFyc4ZRFcyF8XH1nfm5v0a OADk1DiTEHUTeTuDprT/nEoIS6+lhEszjidu4Rl2iVgSDsXPKSj33p+vdSfqQtdt+Dbf7U DG3PfzJxEL34pPaYCzYu4IgMPyGcju1EMU/82EC2CbTtk3lYj9o+JwUnmSov6g== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Spam-Score: -2.43 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 433FF270DE X-Spam-Score: -2.43 X-Migadu-Scanner: scn0.migadu.com X-TUID: Q9dJ90fQOk71 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi! Please find attached a patch that updates redis to the current version 6.2.4. Please note, that I disabled a test =E2=80=98(("integration/failover") "")= =E2=80=99, since it fails. But since other tests have been disabled like wise, I hope it is Okay to leave this one off too? This may well not be a good excuse though. Here's the error that happens while leaving it switched on: --8<---------------cut here---------------start------------->8--- *** [err]: failover to a replica with force works in tests/integration/fail= over.tcl Expected 'e561a2488904ba006e3dac0f23f34450552e9dd7' to be equal to 'baafeb6= 5ba165b88bab00215bc2524c22b0ddf6d' (context: type proc line 3 cmd {assert_e= qual [$n2 debug digest] [$n3 debug digest]} proc ::assert_digests_match lev= el 2) *** [err]: failover with timeout aborts if replica never catches up in test= s/integration/failover.tcl Expected '357f82255aec8021475fd5b806c2793665584f2e' to be equal to '282f156= 09b9a05d607e3d0c3d7ef5fc8319836eb' (context: type proc line 3 cmd {assert_e= qual [$n2 debug digest] [$n3 debug digest]} proc ::assert_digests_match lev= el 2) Cleanup: may take some time... OK make[1]: *** [Makefile:383: test] Error 1 make[1]: Leaving directory '/tmp/guix-build-redis-6.2.4.drv-0/redis-6.2.4/s= rc' make: *** [Makefile:6: check] Error 2 --8<---------------cut here---------------end--------------->8--- --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: attachment; filename=0001-gnu-redis-Update-to-6.2.4-security-fixes.patch Content-Transfer-Encoding: quoted-printable >From b5584018ad8464d11b623e15ac652b11a13282d1 Mon Sep 17 00:00:00 2001 From: Simon Streit Date: Wed, 2 Jun 2021 01:11:31 +0200 Subject: [PATCH] gnu: redis: Update to 6.2.4 [security fixes]. Fixes CVE-2021-29477. * gnu/packages/databases.scm: Update to 6.2.4. --- gnu/packages/databases.scm | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index cead8c0e5a..cd760ee5ef 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -51,6 +51,7 @@ ;;; Copyright =C2=A9 2021 David Larsson ;;; Copyright =C2=A9 2021 Pjotr Prins ;;; Copyright =C2=A9 2021 Bonface Munyoki Kilyungi +;;; Copyright =C2=A9 2021 Simon Streit ;;; ;;; This file is part of GNU Guix. ;;; @@ -2135,14 +2136,14 @@ similar to BerkeleyDB, LevelDB, etc.") (define-public redis (package (name "redis") - (version "6.0.11") + (version "6.2.4") (source (origin (method url-fetch) (uri (string-append "http://download.redis.io/releases/redis= -" version".tar.gz")) (sha256 (base32 - "0prwqap452m581nyc3cz642d1z3x9nd81896hlqdm3z8238z49y9")) + "0vp1d9mlfsppry3nsj9f7bmh9wjgsy3jggp24sac1hhgl43c8cms")) (modules '((guix build utils))) (snippet ;; Delete bundled jemalloc, as the package will use the lib= c one @@ -2150,8 +2151,8 @@ similar to BerkeleyDB, LevelDB, etc.") #t)))) (build-system gnu-build-system) (native-inputs - `(("procps" ,procps) ; for tests - ("tcl" ,tcl))) ; for tests + `(("procps" ,procps) ; for tests + ("tcl" ,tcl))) ; for tests (arguments '(#:phases (modify-phases %standard-phases @@ -2168,9 +2169,10 @@ similar to BerkeleyDB, LevelDB, etc.") (lambda _ ;; Disable failing tests (substitute* "tests/test_helper.tcl" - ((" integration/replication[^-]") "") - ((" integration/replication-4") "") - ((" integration/replication-psync") "")) + (("integration/failover") "") + (("integration/replication-4") "") + (("integration/replication-psync") "") + (("integration/replication[^-]") "")) #t))) #:make-flags `("CC=3Dgcc" "MALLOC=3Dlibc" --=20 2.31.1 --=-=-= Content-Type: text/plain Greetings Simon --=-=-=--