diff options
author | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2023-03-05 14:55:38 -0500 |
---|---|---|
committer | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2023-03-20 08:32:31 -0400 |
commit | 458b791f353a5787837289467356f474fc290a4c (patch) | |
tree | 4b38883d47c2479ce3912fe3de1350e03fa8ca61 /gnu/packages | |
parent | 3a2200e1ad2049ad7e25295e6b4e013f74dd84e2 (diff) | |
download | guix-458b791f353a5787837289467356f474fc290a4c.tar.gz |
gnu: redis: Update to 7.0.9 [security fixes].
Fixes CVE-2023-25155, CVE-2022-36021 and more; see https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES. * gnu/packages/databases.scm (redis): Update to 7.0.9. [native-inputs]: Add pkg-config and which. [arguments]: Add a patch-paths phase. Skip the AOF-related tests. [properties]: Add a lint-hidden-cve property.
Diffstat (limited to 'gnu/packages')
-rw-r--r-- | gnu/packages/databases.scm | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 9e9ae1ded2..400d34ac8d 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -2442,22 +2442,21 @@ similar to BerkeleyDB, LevelDB, etc.") (define-public redis (package (name "redis") - (version "6.2.6") + (version "7.0.9") (source (origin (method url-fetch) (uri (string-append "http://download.redis.io/releases/redis-" version".tar.gz")) (sha256 (base32 - "1ariw5x33hmmm3d5al0j3307l5kf3vhmn78wpyaz67hia1x8nasv")) + "0rczzcy2mwy6hjdgg10l9lr4vavh8jrs7zlb0ba534bwlk13awgp")) (modules '((guix build utils))) (snippet ;; Delete bundled jemalloc, as the package will use the libc one '(begin (delete-file-recursively "deps/jemalloc"))))) (build-system gnu-build-system) (native-inputs - (list procps ; for tests - tcl)) ; for tests + (list pkg-config procps tcl which)) (arguments '(#:phases (modify-phases %standard-phases @@ -2469,10 +2468,20 @@ similar to BerkeleyDB, LevelDB, etc.") (string-append "TCLSH=" (assoc-ref inputs "tcl") "/bin/tclsh"))))) + (add-after 'unpack 'patch-paths + (lambda _ + (substitute* "tests/support/server.tcl" + (("/usr/bin/env") + (which "env"))))) (add-after 'unpack 'adjust-tests (lambda _ ;; Disable failing tests (substitute* "tests/test_helper.tcl" + ;; The AOF tests cause the test suite to hang waiting for a + ;; "background AOF rewrite to finish", perhaps because dead + ;; processes persist as zombies in the build environment. + (("unit/aofrw") "") + (("integration/aof(-multi-part)?") "") (("integration/failover") "") (("integration/replication-4") "") (("integration/replication-psync") "") @@ -2487,6 +2496,8 @@ similar to BerkeleyDB, LevelDB, etc.") supports many data structures including strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs.") (home-page "https://redis.io/") + ;; These two CVEs have long been fixed. + (properties `((lint-hidden-cve . ("CVE-2022-3647" "CVE-2022-33105")))) (license license:bsd-3))) (define-public hiredis |