Security fixes:
* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
Changelog: https://github.com/redis/redis/releases/tag/7.0.15
PR: 276255
Approved by: yasu (maintainer, timeout > 14 days), arrowd (mentor)
MFH: 2024Q1
Security fixes:
* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
Bug fixes:
* Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
* Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
* Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)
Changelog: https://github.com/redis/redis/releases/tag/7.2.4
PR: 276255
Approved by: yasu (maintainer, timeout > 14 days), arrowd (mentor)
MFH: 2024Q1
- Bump Emacs version in Mk/Uses/emacs.mk to update version-specific
paths
- Bump PORTREVISION of ports with USES=emacs. This is required for two
reasons. Emacs lisp files need to be byte compiled for the new Emacs
version, and files installed under, e.g., EMACS_VERSION_SITE_LISPDIR
need to be relocated.
Reviewed by: ashish
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43615
- databases/pg-gvm: update to 22.6.4
- security/gsa: update to 23.0.0
- security/gsad: update to 22.9.0
- security/gvm-libs: update to 22.8.0
- security/gvmd: update to 23.2.0
- security/openvas: update to 22.7.9
- security/py-gvm-tools: update to 24.1.0
- security/py-notus-scanner: update to 22.6.2
- security/py-ospd-openvas: update to 22.6.2
- security/py-python-gvm: update to 24.1.0
- security/py-greenbone-feed-sync: update to 23.10.0
https://pkg-status.freebsd.org/beefy13/data/132i386-quarterly/ace2a29974a4/logs/libpg_query-15.4.2.3.log
test/normalize
..............INVALID result for "ALTER SUBSCRIPTION mysub SET PUBLICATION insert_only"
expected: ALTER SUBSCRIPTION mysub SET PUBLICATION insert_only
actual: ALTER SUBSCRIPTION$1 SET PUBLICATION insert_only
INVALID result for "ALTER SUBSCRIPTION mysub CONNECTION 'host=192.168.1.50 port=5432 user=foo dbname=foodb'"
expected: ALTER SUBSCRIPTION mysub CONNECTION $1
actual: ALTER SUBSCRIPTION$1 CONNECTION 'host=192.168.1.50 port=5432 user=foo dbname=foodb'
......
gmake[1]: *** [Makefile:252: test] Error 1
gmake[1]: Leaving directory '/wrkdirs/usr/ports/databases/libpg_query/work/libpg_query-15-4.2.3'
===> Compilation failed unexpectedly.
Try to set MAKE_JOBS_UNSAFE=yes and rebuild before reporting the failure to
the maintainer.
*** Error code 1
ChangeLog: https://sqlite.org/releaselog/3_45_0.html
* The SQLITE_DIRECT_OVERFLOW_READ optimization is now enabled by default.
* The use of -DSQLITE_STRICT_SUBTYPE=1 is a recommended compile-time option for
every application that makes use of subtypes.
PR: 276472
Reported by: pavelivolkov@gmail.com (maintainer)
- Patch added in CegoQueryHelper::evalBetween
The comparison ( f2 <= f1 && f1 <= f3 ) has changed to
( f1 >= f2 && f1 <= f3 )
This forces a type cast to f1 datatype in case mismatched datatypes.
This might be useful for queries like
select a from v1 where a between '30.11.2023' and '31.12.2023';
where a cast should be done to date time value ( instead of string )
Author: Björn Lemke <lemke@lemke-it.com>
