gnu: redis: Update to 7.0.9 [security fixes].

Fixes CVE-2023-25155, CVE-2022-36021 and more; see https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES. * gnu/packages/databases.scm (redis): Update to 7.0.9. [native-inputs]: Add pkg-config and which. [arguments]: Add a patch-paths phase. Skip the AOF-related tests. [properties]: Add a lint-hidden-cve property.
2025-01-26 12:39:36 -05:00 · 2023-03-05 14:55:38 -05:00 · 2023-03-05 14:55:38 -05:00 · 458b791f35
commit 458b791f35
parent 3a2200e1ad
1 changed files with 15 additions and 4 deletions
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@ -2442,22 +2442,21 @@ (define-public unqlite
 (define-public redis
  (package
    (name "redis")
-    (version "6.2.6")
+    (version "7.0.9")
    (source (origin
              (method url-fetch)
              (uri (string-append "http://download.redis.io/releases/redis-"
                                  version".tar.gz"))
              (sha256
               (base32
-                "1ariw5x33hmmm3d5al0j3307l5kf3vhmn78wpyaz67hia1x8nasv"))
+                "0rczzcy2mwy6hjdgg10l9lr4vavh8jrs7zlb0ba534bwlk13awgp"))
              (modules '((guix build utils)))
              (snippet
               ;; Delete bundled jemalloc, as the package will use the libc one
               '(begin (delete-file-recursively "deps/jemalloc")))))
    (build-system gnu-build-system)
    (native-inputs
-     (list procps ; for tests
-           tcl))                   ; for tests
+     (list pkg-config procps tcl which))
    (arguments
     '(#:phases
       (modify-phases %standard-phases
@ -2469,10 +2468,20 @@ (define-public redis
                (string-append "TCLSH="
                               (assoc-ref inputs "tcl")
                               "/bin/tclsh")))))
+         (add-after 'unpack 'patch-paths
+           (lambda _
+             (substitute* "tests/support/server.tcl"
+               (("/usr/bin/env")
+                (which "env")))))
         (add-after 'unpack 'adjust-tests
           (lambda _
             ;; Disable failing tests
             (substitute* "tests/test_helper.tcl"
+               ;; The AOF tests cause the test suite to hang waiting for a
+               ;; "background AOF rewrite to finish", perhaps because dead
+               ;; processes persist as zombies in the build environment.
+               (("unit/aofrw") "")
+               (("integration/aof(-multi-part)?") "")
               (("integration/failover") "")
               (("integration/replication-4") "")
               (("integration/replication-psync") "")
@ -2487,6 +2496,8 @@ (define-public redis
 supports many data structures including strings, hashes, lists, sets, sorted
 sets, bitmaps and hyperloglogs.")
    (home-page "https://redis.io/")
+    ;; These two CVEs have long been fixed.
+    (properties `((lint-hidden-cve . ("CVE-2022-3647" "CVE-2022-33105"))))
    (license license:bsd-3)))

 (define-public hiredis