Redis 7.0.8 Released with Security and Bug Fixes
Redis version 7.0.8 has been released, addressing critical security vulnerabilities (CVE-2022-35977 and CVE-2023-22458) and fixing several bugs related to command handling, incremental rehashing, timeout blocking, and sentinel IP changes, with a full changelog available on GitHub.
Redis 7.0.8 has been released, bringing a set of security patches and bug fixes.
Security fixes:
(CVE-2022-35977) Integer overflow in the SETRANGE and SORT/SORT_RO commands can trigger an out‑of‑memory panic.
(CVE-2023-22458) Integer overflow in the HRANDFIELD and ZRANDMEMBER commands may cause a denial‑of‑service.
Bug fixes:
Prevent possible hangs when a client disconnects after issuing long KEYS , SRANDMEMBER , HRANDFIELD , or ZRANDMEMBER commands due to output‑buffer limits (issue #11676).
Ensure forked child processes do not perform incremental rehashing (issue #11692).
Fix a bug where sub‑second timeout blocking commands would block indefinitely (issue #11688).
Resolve a Sentinel issue that occurred when a replica changed its IP address (issue #11590).
For the complete list of changes, see the release notes at GitHub .
Enjoy the update, and feel free to like or share this announcement as a sign of support.
Laravel Tech Community
Specializing in Laravel development, we continuously publish fresh content and grow alongside the elegant, stable Laravel framework.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.