Remove added to the upstream patch.
<ChangeLog>
================================================================================
Redis 6.0.12 Released Mon Mar 1 17:29:52 IST 2021
================================================================================
Upgrade urgency: LOW, fixes a compilation issue.
Bug fixes:
* Fix compilation error on non-glibc systems if jemalloc is not used (#8533)
</ChangeLog>
Integer overflow on 32-bit systems (CVE-2021-21309):
Redis 4.0 or newer uses a configurable limit for the maximum supported bulk
input size. By default, it is 512MB which is a safe value for all platforms.
If the limit is significantly increased, receiving a large request from a client
may trigger several integer overflow scenarios, which would result with buffer
overflow and heap corruption.
Various bugfixes.
<ChangeLog>
Upgrade urgency:CRITICAL if you use Streams with AOF ore replicas.
Otherwise the upgrade urgency is LOW.
This release has a speed improvement and a critical fix:
* FIX: XREADGROUP when fetching data in a blocking way, would not
emit the XCLAIM in the AOF file and to replicas. This means
that the last ID is not updated, and that restarting the server
will have the effect of reprocessing some entries.
* NEW: Clients blocked on the same key are now unblocked on
O(1) time. Backported from Redis 6.
</ChangeLog>
<ChangeLog>
Upgrade urgency HIGH: many issues fixed, some may have an impact.
Hi all, Redis 5.0.7 fixes a number of bugs, none is very critical, however
there are a few that may have an impact. It's a good idea to upgrade.
There are fixes in the area of replication from modules commands and
callbacks, AOF fsync (non critical issue), memory leaks (very rare and small),
streams beahvior (non critical), and a potential crash in commands
processing multiple keys at the same time that is there for years, and happens
very rarely, but is not impossible to trigger.
</ChangeLog>
as defined in Mk/bsd.default-versions.mk which has moved from GCC 8.3
to GCC 9.1 under most circumstances now after revision 507371.
This includes ports
- with USE_GCC=yes or USE_GCC=any,
- with USES=fortran,
- using Mk/bsd.octave.mk which in turn features USES=fortran, and
- with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, everything INDEX-11 shows with a dependency on lang/gcc9 now.
PR: 238330
<ChangeLog>
================================================================================
Redis 4.0.14 Released Mon Mar 18 17:22:10 CEST 2019
================================================================================
This release just backports a few fixes from Redis 5:
3c62ad19 HyperLogLog: handle wrong offset in the base case.
cc2b3a68 Fix hyperloglog corruption
e10c79d3 redis-check-aof: fix potential overflow.
6fa16f58 Fix mismatching keyspace notification classes
64311052 Fix zlexrangespec mem-leak in genericZrangebylexCommand
b0e86319 Make comment in #5911 stay inside 80 cols.
39ccce03 Replicas aren't allowed to run the replicaof command
================================================================================
Redis 4.0.13 Released Wed Feb 20 17:25:31 CEST 2019
================================================================================
This release just backports a few fixes from Redis 5:
60b2537f rewrite BRPOPLPUSH as RPOPLPUSH to propagate
afc4b36c Don't treat unsupported protocols as fatal errors
</ChangeLog>
<ChangeLog>
================================================================================
Redis 4.0.12 Released Tue Dec 11 18:06:12 CEST 2018
================================================================================
This backports the following Redis 5 fixes back into Redis 4.
Please check the Redis 5 changelog or see the full commit messages
for more information. Note that there are important fixes to the AOF
implementation so Redis 4.0.12 should be considered as a worthwhile
upgrade in production environments where AOF is used and there is the
idea of sticking with Redis 4 for some time.
b6cd3b3c asyncCloseClientOnOutputBufferLimitReached(): don't free fake clients.
e16402b0 Don't call sdscmp() with shared.maxstring or shared.minstring
49d9f411 Fix stringmatchlen() read past buffer bug.
97192e2d Merge pull request #5569 from maximebedard/backport-4497
1908aba7 add linkClient(): adds the client and caches the list node.
239b0857 networking: optimize unlinkClient() in freeClient()
54b17f98 When replica kills a pending RDB save during SYNC, log it.
b31c08db Move child termination to readSyncBulkPayload
21971ac8 Prevent RDB autosave from overwriting full resync results
3a91fcbc aof.c: improve indentation and change warning message.
e6f287d5 AOF: discard if we lost EXEC when loading aof
e0d4c66a Fix AOF comment to report the current behavior.
</ChangeLog>
defined via Mk/bsd.default-versions.mk which has moved from GCC 7.4 t
GCC 8.2 under most circumstances.
This includes ports
- with USE_GCC=yes or USE_GCC=any,
- with USES=fortran,
- using Mk/bsd.octave.mk which in turn features USES=fortran, and
- with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, as a double check, everything INDEX-11 showed depending on lang/gcc7.
PR: 231590
<ChangeLog>
Upgrade urgency HIGH: not critical but very important bugs fixed.
Dear users, this is just a bugfix release of Redis 4. All new work
is now focused on Redis 5, however we backported a number of bug fixes here:
* The disconnection time between the master and slave was reset in an
incorrect place, sometimes a good slave will not be able to failover
because it claims it was disconnected for too much time from the master.
* A replication bug, rare to trigger but non impossible, is in Redis for
years. It was lately discovered at Redis Labs and fixed by Oran Agra.
It may cause disconnections, desynchronizations and other issues.
* RANDOMKEY may go in infinite loop on rare situations. Now fixed.
* EXISTS now works in a more consistent way on slaves.
* Sentinel: backport of an option to deny a potential security problem
when the SENTINEL command is used to configure an arbitrary script
to execute.
Many of these issues are there for a very long time, however upgrading
is a good idea.
</ChangeLog>
in the ports tree (via Mk/bsd.default-versions.mk and lang/gcc) which
has now moved from GCC 6 to GCC 7 by default.
This includes ports
- featuring USE_GCC=yes or USE_GCC=any,
- featuring USES=fortran,
- using Mk/bsd.octave.mk which in turn features USES=fortran, and those
- with USES=compiler specifying one of openmp, nestedfct, c11, c++0x,
c++11-lib, c++11-lang, c++14-lang, c++17-lang, or gcc-c++11-lib.
PR: 222542
Update CONFLICTS.
<ChangeLog>
Redis 4.0.10 fixes a number of important issues:
* Important security issues related to the Lua scripting engine.
Please check https://github.com/antirez/redis/issues/5017
for more information.
* A bug with SCAN, SSCAN, HSCAN and ZSCAN, that may not return all the elements.
We also add a regression test that can trigger the issue often when present, and
may in theory be able to find unrelated regressions.
* A PSYNC2 bug is fixed: Redis should not expire keys when saving RDB files
because otherwise it is no longer possible to use such RDB file as a base
for partial resynchronization. It no longer represents the right state.
* Compatibility of AOF with RDB preamble when the RDB checksum is disabled.
* Sentinel bug that in some cases prevented Sentinel to detect that the master
was down immediately. A delay was added to the detection.
* Other minor issues.
</ChangeLog>
<ChangeLog>
Upgrade urgency HIGH: Potentially critical bugs fixed.
AOF flush on SHUTDOWN did not cared to really write the AOF buffers
(not in the kernel but in the Redis process memory) to disk before exiting.
Calling SHUTDOWN during traffic resulted into not every operation to be
persisted on disk.
</ChangeLog>
<ChangeLog>
Upgrade urgency LOW: A few rarely harmful bugs were fixed.
This release just fixes bugs that are unlikely to cause serious problems
so there is no need to update ASAP. Please, see the list of commits
for the details on the bugs fixed and credits:
o) redis-cli --bigkeys: show error when TYPE fails
o) Fix preprocessor if/else chain broken in order to fix#3927
o) Fix zmalloc_get_memory_size() ifdefs to actually use the else branch
o) Set lua-time-limit default value at safe place
o) Fix#3848 by closing the descriptor on error
o) Update block->free after some diff data are written to the child process
o) Test: fix, hopefully, false PSYNC failure like in issue #2715
o) Fix#2883, #2857 pipe fds leak when fork() failed on bg aof rw
o) Don't leak file descriptor on syncWithMaster()
</ChangeLog>
M Makefile
M distinfo
<ChangeLog>
Upgrade urgency CRITICAL: This release reverts back the Jemalloc upgrade
that is believed to potentially cause a server
deadlock. A MIGRATE crash is also fixed.
Two important bug fixes, the first of one is critical:
1. Apparently Jemalloc 4.4.0 may contain a deadlock under particular
conditions. See https://github.com/antirez/redis/issues/3799.
We reverted back to the previously used Jemalloc versions and plan
to upgrade Jemalloc again after having more info about the
cause of the bug.
2. MIGRATE could crash the server after a socket error. See for reference:
https://github.com/antirez/redis/issues/3796.
</ChangeLog>
<ChangeLog>
Upgrade urgency MODERATE: GEORADIUS, BITFIELD and Redis Cluster minor fixes.
This release mainly fixes three bugs:
1. A bug with BITFIELD that may cause the bitmap corruption when setting offsets
larger than the current string size.
2. A GEORADIUS bug that may happen when using very large radius lengths, in
the range of 10000km or alike, due to wrong bounding box calculation.
3. A bug with Redis Cluster which crashes when reading a nodes configuration
file with zero bytes at the end, which sometimes happens with certain ext4
configurations after a system crash.
</ChangeLog>
<ChangeLog>
Upgrade urgency LOW: This release only fixes a compilation issue due to the
missing -ldl at linking time.
zach shipko in commit 4736407:
BSDs don't have -ldl
1 file changed, 15 insertions(+), 5 deletions(-)
antirez in commit 9ada818:
Fix modules compilation when libc malloc is used.
1 file changed, 2 insertions(+), 2 deletions(-)
</ChangeLog>
<ChangeLog>
--[ Redis 3.0.7 ] Release date: 28 jan 2016
Upgrade urgency MODERATE: this release fixes important Redis Cluster bugs.
* [FIX] avg_ttl reporting in INFO improved. (Salvatore Sanfilippo)
* [FIX] Redis Cluster address update (via gossip section) processing improved
to avoid initiating inwanted handshakes.
* [FIX] Many fixes to MIGRATE multiple keys implementation. The command
could handle errors in a faulty way leading to crashes or other
unexpected behaviors. MIGRATE command refactoring.
(The analysis of the faulty conditions was conducted by
Kevin McGehee. The fix was developed by Salvatore Sanfilippo)
* [FIX] A Redis Cluster node crash was fixed because of wrong handling of
node->slaveof pointers.
(Reported by JackyWoo, fixed by Salvatore Sanfilippo)
* [FIX] Fix redis-trib rebalance when nodes need to be left empty because
the specified weight is zero.
(Reported by Shahar Mor, fixed by Salvatore Sanfilippo)
* [FIX] MIGRATE: Never send -ASK redirections for MIGRATE when there are
open slots. Redis-trib and other cluster management utility must
always be free to move keys between nodes about open slots, in order
to reshard, fix the cluster configuration, and so forth.
(Salvatore Sanfilippo)
* [FIX] Redis-trib is now able to fix more errors. A new CLUSTER subcommand
called BUMPEPOCH was introduced in order to support new modes
for the "fix" subcommand. (Salvatore Sanfilippo)
* [NEW] Cluster/Sentinel tests now use OSX leak to perform leak detection
at the end of every unit. (Salvatore Sanfilippo)
* [NEW] Detect and show server crashes during Cluster/Sentinel tests.
(Salvatore Sanfilippo)
* [NEW] More reliable Cluster/Sentinel test becuase of timing errors and
-LOADING errors. (Salvatore Sanfilippo)
--[ Redis 3.0.6 ] Release date: 18 Dec 2015
Upgrade urgency: MODERATE. We fixed a crash that happens very rarely, so
updating does not hurt, but most users are unlikely to
experience this condition because it requires some odd
timing. However if you are a Redis Cluster user, upgrading
is strongly adviced since this release includes very
important improvements to Redis Cluster.
* [FIX] lua_struct.c/getnum security issue fixed. (Luca Bruno discovered it,
patched by Sun He and Chris Lamb)
* [FIX] Redis Cluster replica migration fixed. See issue #2924 for details.
(Salvatore Sanfilippo)
* [FIX] Fix a race condition in processCommand() because of interactions
with freeMemoryIfNeeded(). Details in issue #2948 and especially
in the commit message d999f5a. (Race found analytically by
Oran Agra, patch by Salvatore Sanfilippo)
* [NEW] Backported from the upcoming Redis 3.2:
MIGRATE now supports an extended multiple-keys pipelined mode, which
is an order of magnitude faster. Redis Cluster now uses this mode
in order to perform reshardings and rebalancings. (Salvatore Sanfilippo)
* [NEW] Backported from the upcoming Redis 3.2:
Redis Cluster has now support for rebalancing via the redis-trib
rebalance command. Demo here:
https://asciinema.org/a/0tw2e5740kouda0yhkqrm5790
Official documentation will be available ASAP. (Salvatore Sanfilippo)
* [NEW] Redis Cluster redis-trib.rb new "info" subcommand.
* [NEW] Redis Cluster tests improved. (Salvatore Sanfilippo)
* [NEW] Log offending memory access address on SIGSEGV/SIGBUS (Salvatore
Sanfilippo)
</ChangeLog>
<ChangeLog>
--[ Redis 3.0.5 ] Release date: 15 Oct 2015
Upgrade urgency: MODERATE, the most important thing is a fix in the replication
code that may make the slave hanging forever if the master
remains with an open socket even if it is no longer able to
reply.
* [FIX] MOVE now moves the TTL as well. A bug lasting forever... finally
fixed thanks to Andy Grunwald that reported it.
(reported by Andy Grunwald, fixed by Salvatore Sanfilippo)
* [FIX] Fix a false positive in HSTRLEN test.
* [FIX] Fix a bug in redis-cli --pipe mode that was not able to read back
replies from the server incrementally. Now a mass import will use
a lot less memory, and you can use --pipe to do incremental streaming.
(reported by Twitter user @fsaintjacques, fixed by Salvatore
Sanfilippo)
* [FIX] Slave detection of master timeout. (fixed by Kevin McGehee, refactoring
and regression test by Salvatore Sanfilippo)
* [NEW] Cluster: redis-trib fix can fix an additional case for opens lots.
(Salvatore Sanfilippo)
* [NEW] Cluster: redis-trib import support for --copy and --replace options
(David Thomson)
</ChangeLog>
<ChangeLog>
Upgrade urgency: HIGH for Redis and Sentinel. However note that in order to
fix certain replication bugs, the replication internals were
modified in a very heavy way. So while this release is
conceptually saner, it may contain regressions. For this
reason, before the release, QA activities were performed by
me (antirez) and Redis Labs and no evident bug was found.
* [FIX] A number of bugs related to replication PSYNC and the (yet experimental)
diskless replication feature were fixed. The bugs could lead to
inconsistency between masters and slaves. (Salvatore Sanfilippo, Oran
Agra fixed the issue found by Yuval Inbar)
* [FIX] A replication bug in the context of PSYNC partial resynchonization was
found and fixed. This bug happens even when diskless replication is off
in the case different slaves connect at different times while the master
is creating an RDB file, and later a partial resynchronization is
attempted by a slave that connected not as the first one. (Salvatore
Sanfilippo, Oran Agra)
* [FIX] Chained replication and PSYNC interactions leading to potential stale
chained slaves data set, see issue #2694. (Salvatore Sanfilippo fixed
an issue reported by "GeorgeBJ" user at Github)
* [FIX] redis-cli --scan iteration fixed when returned cursor overflows
32 bit signed integer. (Ofir Luzon, Yuval Inbar)
* [FIX] Senitnel: fixed a bug during the master switch process, where for a
failed conditional check, the new configuration is rewritten, during
a small window of time, in a corrupted way where the master is
also reported to be one of the slaves. This bug is rare to trigger
but apparently it happens in the wild, and the effect is to see
a replication loop where the master will try to replicate with itself.
A detailed explanation of the bug and its effects can be found in
the commit message here:
c20218eb57.
The bug was found by Jan-Erik Rediger using a static analyzer and
fixed by Salvatore Sanfilippo.
* [FIX] Sentinel lack of arity checks for certain commands.
(Rogerio Goncalves, Salvatore Sanfilippo)
* [NEW] Replication internals rewritten in order to be more resistant to bugs.
The replication handshake in the slave side was rewritten as a non
blocking state machine. (Salvatore Sanfilippo, Oran Agra)
* [NEW] New "replication capabilities" feature introduced in order to signal
from the master to the slave what are the features supported, so that
the master can choose the kind of replication to start (diskless or
not) when master and slave are of different versions. (Oran Agra,
Salvatore Sanfilippo)
* [NEW] Log clients details when SLAVEOF command is received. (Salvatore
Sanfilippo with inputs from Nick Craver and Marc Gravell).
</ChangeLog>
<ChangeLog>
--[ Redis 3.0.3 ] Release date: 17 Jul 2015
Upgrade urgency: LOW for Redis and Sentinel.
* [FIX] Fix blocking operations timeout precision when HZ is at its default
value (not increased) and there are thousands of clients connected
at the same time. This bug affected Sidekiq users that experienced
a very long delay for BLPOP and similar commands to return for
timeout. Check commit b029ff1 for more info. (Salvatore Sanfilippo)
* [FIX] MIGRATE "creating socket: Invalid argument" error fix. Check
issues #2609 and #2612 for more info. (Salvatore Sanfilippo)
* [FIX] Be able to connect to the master even when the slave is bound to
just the loopback interface and has no valid public address in the
network the master is reacahble. (Salvatore Sanfilippo)
* [FIX] ZADD with options encoding promotion fixed. (linfangrong)
* [FIX] Reset aof_delayed_fsync on CONFIG RESETSTATS. (Tom Kiemes)
* [FIX] PFCOUNT key parsing in cluster fixed. (MOON_CLJ)
* [FIX] Fix Solaris compilation of Redis 3.0. (Jan-Erik Rediger)
* [NEW] Variadic EXISTS command. Now the command accepts multiple arguments
and returns the total count of existing keys.
</ChangeLog>
