rpms/redis
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Upstream update available: redis 8.2.5 → 8.2.6 #4

New issue
Closed
opened 2026-05-20 04:51:01 +03:00 by sbelikov · 1 comment
sbelikov commented 2026-05-20 04:51:01 +03:00
Owner
Copy link

Upstream update available: redis 8.2.58.2.6

Package

  • Package: redis
  • RPM name: redis
  • Branch: niceos-5.2
  • Current EVR: 8.2.5-1
  • Update class: patch
  • Compare method: python_rpm
  • Update policy: leaf
  • Risk tags: github-upstream

Upstream

Signals

  • Security-relevant keywords detected: True
  • Policy blocked: False
  • Policy reason: -
  • Labels: ai-summary, bot, needs-build, needs-triage, priority/high, security-release, update/patch, upstream-update, upstream/github

NiceSOFT AI preliminary stability analysis

1. Краткий вывод

Автоматический deep-analysis через LLM/web_search не был завершён корректно, поэтому ниже приведён безопасный fallback-анализ без неподтверждённых утверждений. Обновление redis с 8.2.5 до 8.2.6 найдено upstream-monitor и требует обычной мейнтейнерской проверки перед PR/merge.

2. Риск для НАЙС.ОС

Риск: unknown до ручной проверки. Для стабильной политики НАЙС.ОС обновление нельзя считать автоматически безопасным только по факту наличия новой upstream-версии.

3. Что изменилось upstream

Update urgency: SECURITY: There are security fixes in the release.

Security fixes

  • (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution.
  • (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution
  • (CVE-2026-23631) Lua Use-After-Free may lead to remote code execution
  • (CVE-2026-25588) Invalid memory access in RESTORE may lead to Remote Code Execution (Time Series)
  • (CVE-2026-25589) Invalid memory access in RESTORE may lead to Remote Code Execution (Probabilistic)

Bug fixes

  • SUBSCRIBE, PSUBSCRIBE, SSUBSCRIBE: crash on OOM (RED-167788)
  • CONFIG SET: some settings allow invalid characters (RED-167787)
  • SCRIPT DEBUG: potential crash on scripts (RED-175507)
  • VADD: crash or buffer overflow on large REDUCE value (RED-170921)
  • VSET: crash on huge allocations (MOD-12678)
  • Potential crash on disconnections and TLS failures (Time Series) (MOD-14850)
  • RediSearch/RediSearch#8743 Crash when many keys receive expirations under heavy TTL activity (MOD-14500)
  • RediSearch/RediSearch#8850 HNSW vector index memory growth under high-churn workloads until shard restart (MOD-13761)
  • RediSearch/RediSearch#9178 Coordinator deadlock under mixed FT.SEARCH and FT.AGGREGATE load (MOD-14268)
  • RediSearch/RediSearch#9049 FT.PROFILE output is inconsistent when a profiled value is missing (MOD-10560)
  • RediSearch/RediSearch#8793 FT.EXPLAIN does not lock, causing a race with concurrent index changes (MOD-14461)
  • RediSearch/RediSearch#8600 FILTER returns inconsistent results with multiple indexes sharing field aliases (MOD-14063)
  • RediSearch/RediSearch#8662 FILTER behavior depends on property order in the expression (MOD-14342)
  • RediSearch/RediSearch#8602 Filter expressions are evaluated for indexes that do not match the document type (MOD-14064)
  • RediSearch/RediSearch#8601 Documents are inconsistently included or excluded depending on the indexing path taken (MOD-13948)
  • RediSearch/RediSearch#8599 RENAME notification handler loads the wrong key, causing stale index entries after a rename (MOD-14062)
  • RediSearch/RediSearch#9019 PERSIST and HPERSIST notifications are not reflected in index expiration tracking (MOD-14800)
  • RediSearch/RediSearch#9081 FT.SPELLCHECK treats PARAMS placeholders as literal terms instead of resolving them (MOD-10596)
  • RediSearch/RediSearch#8464 GC out-of-memory on replica shards leaves the replica in an inconsistent state (MOD-14066)
  • RediSearch/RediSearch#8888 FT.CURSOR enters an infinite loop when the ACL user lacks specific permissions (MOD-14479)
  • RediSearch/RediSearch#9166 Crash on FT.SEARCH when topology validation fails (for example, some nodes unreachable) (MOD-14475)
  • RediSearch/RediSearch#8453 FT.INFO-style output no longer reports zero-index summary data when no indices exist (MOD-14081)
  • RediSearch/RediSearch#9076 FT.CREATE now rejects schema definitions with in

...[truncated 155 chars]

4. Security/CVE

Подтверждённых CVE в fallback-режиме не выявлено. Если обновление позиционируется upstream как security release, нужно проверить официальный changelog, release notes и CVE/advisory-источники вручную.

5. ABI/API/CLI/config риск

Для пакета redis нужно проверить изменение CLI/options, поведения по умолчанию, форматов конфигурации и совместимость со скриптами, которые могут использовать пакет в НАЙС.ОС. Без завершённого web-search анализа риск остаётся unknown.

6. Риск для RPM-сборки и dist-git

Проверить SPECS, SOURCES, source lock, патчи, BuildRequires/Requires, %check, SBOM и воспроизводимость сборки. Если upstream изменил систему сборки или layout исходников, spec может потребовать ручной правки.

7. Риск для системы и зависимых компонентов

Проверить reverse dependencies, пользовательские сценарии и любые автоматические скрипты, которые вызывают redis. Для НАЙС.ОС приоритет — стабильность, поэтому при отсутствии доказательств совместимости обновление должно идти через PR и ручной review.

8. Проверки мейнтейнера

  • Сравнить upstream tag/release 8.2.6 с текущей версией 8.2.5.
  • Проверить официальный changelog/release notes и compare page.
  • Собрать RPM в чистом окружении.
  • Запустить %check, если доступен.
  • Проверить smoke-test основного CLI/daemon/library сценария.
  • Обновить source lock/SBOM/package-index после merge.
  • Проверить, не требует ли обновление исключения или pinning policy.

9. Рекомендация

issue-only до ручной проверки. Если сборка и smoke tests проходят, можно перевести в update candidate.

10. Источники

Примечание: fallback создан потому, что LLM/web_search не вернул завершённый анализ. Причина: HTTP 429 POST <a href="https://api.openai.com/v1/responses" target="_blank" rel="noopener noreferrer">api.openai.com — responses</a>: { "error": { "message": "You exceeded your current quota, please check your plan and billing details. For more information on this error, read the docs: <a href="https://platform.openai.com/docs/guides/error-codes/api-errors" target="_blank" rel="noopener noreferrer">platform.openai.com — api errors</a>.", "type": "insufficient_quota", "param": null, "code": "insufficient_quota" } }.

Upstream release notes / description

Update urgency: SECURITY: There are security fixes in the release.

Security fixes

  • (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution.
  • (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution
  • (CVE-2026-23631) Lua Use-After-Free may lead to remote code execution
  • (CVE-2026-25588) Invalid memory access in RESTORE may lead to Remote Code Execution (Time Series)
  • (CVE-2026-25589) Invalid memory access in RESTORE may lead to Remote Code Execution (Probabilistic)

Bug fixes

  • SUBSCRIBE, PSUBSCRIBE, SSUBSCRIBE: crash on OOM (RED-167788)
  • CONFIG SET: some settings allow invalid characters (RED-167787)
  • SCRIPT DEBUG: potential crash on scripts (RED-175507)
  • VADD: crash or buffer overflow on large REDUCE value (RED-170921)
  • VSET: crash on huge allocations (MOD-12678)
  • Potential crash on disconnections and TLS failures (Time Series) (MOD-14850)
  • RediSearch/RediSearch#8743 Crash when many keys receive expirations under heavy TTL activity (MOD-14500)
  • RediSearch/RediSearch#8850 HNSW vector index memory growth under high-churn workloads until shard restart (MOD-13761)
  • RediSearch/RediSearch#9178 Coordinator deadlock under mixed FT.SEARCH and FT.AGGREGATE load (MOD-14268)
  • RediSearch/RediSearch#9049 FT.PROFILE output is inconsistent when a profiled value is missing (MOD-10560)
  • RediSearch/RediSearch#8793 FT.EXPLAIN does not lock, causing a race with concurrent index changes (MOD-14461)
  • RediSearch/RediSearch#8600 FILTER returns inconsistent results with multiple indexes sharing field aliases (MOD-14063)
  • RediSearch/RediSearch#8662 FILTER behavior depends on property order in the expression (MOD-14342)
  • RediSearch/RediSearch#8602 Filter expressions are evaluated for indexes that do not match the document type (MOD-14064)
  • RediSearch/RediSearch#8601 Documents are inconsistently included or excluded depending on the indexing path taken (MOD-13948)
  • RediSearch/RediSearch#8599 RENAME notification handler loads the wrong key, causing stale index entries after a rename (MOD-14062)
  • RediSearch/RediSearch#9019 PERSIST and HPERSIST notifications are not reflected in index expiration tracking (MOD-14800)
  • RediSearch/RediSearch#9081 FT.SPELLCHECK treats PARAMS placeholders as literal terms instead of resolving them (MOD-10596)
  • RediSearch/RediSearch#8464 GC out-of-memory on replica shards leaves the replica in an inconsistent state (MOD-14066)
  • RediSearch/RediSearch#8888 FT.CURSOR enters an infinite loop when the ACL user lacks specific permissions (MOD-14479)
  • RediSearch/RediSearch#9166 Crash on FT.SEARCH when topology validation fails (for example, some nodes unreachable) (MOD-14475)
  • RediSearch/RediSearch#8453 FT.INFO-style output no longer reports zero-index summary data when no indices exist (MOD-14081)
  • RediSearch/RediSearch#9076 FT.CREATE now rejects schema definitions with invalid option combinations at creation time (MOD-14655)

Metrics

NiceOS maintainer checklist

  • Confirm that the detected version is a stable upstream release.
  • Check upstream changelog for security fixes, ABI/API changes and build-system changes.
  • Check ABI/API compatibility and reverse dependencies.
  • Download source into NiceOS lookaside storage.
  • Update Version and related fields in SPECS/*.spec only if policy allows it.
  • Regenerate SOURCES/sources.lock.json, manifests, metadata and SBOM.
  • Build SRPM/RPM in a clean NiceOS buildroot.
  • Run package smoke tests.
  • Link PR/build logs and close this issue after update or triage.

Bot metadata

  • Tool: niceos_upstream_monitor.py 2.1.2-openai-deep
  • Generated at: 2026-05-22T01:32:35Z
<!-- niceos-upstream-monitor:fingerprint=upstream-update:redis:8.2.6 --> <!-- niceos-upstream-monitor:package=redis --> <!-- niceos-upstream-monitor:current=8.2.5 --> <!-- niceos-upstream-monitor:latest=8.2.6 --> # Upstream update available: `redis` `8.2.5` → `8.2.6` ## Package - Package: `redis` - RPM name: `redis` - Branch: `niceos-5.2` - Current EVR: `8.2.5-1` - Update class: `patch` - Compare method: `python_rpm` - Update policy: `leaf` - Risk tags: `github-upstream` ## Upstream - Upstream type: `github` - Upstream project: `redis/redis` - Upstream URL: <a href="https://github.com/redis/redis" target="_blank" rel="noopener noreferrer">github.com — redis</a> - Detected version: `8.2.6` - Tag/release: `8.2.6` - Source: `github_release` - Published: `2026-05-05T13:30:33Z` - Release URL: <a href="https://github.com/redis/redis/releases/tag/8.2.6" target="_blank" rel="noopener noreferrer">github.com — 8.2.6</a> - Source URL: <a href="https://api.github.com/repos/redis/redis/tarball/8.2.6" target="_blank" rel="noopener noreferrer">api.github.com — 8.2.6</a> - Pre-release: `False` ## Signals - Security-relevant keywords detected: `True` - Policy blocked: `False` - Policy reason: `-` - Labels: `ai-summary, bot, needs-build, needs-triage, priority/high, security-release, update/patch, upstream-update, upstream/github` ## NiceSOFT AI preliminary stability analysis ### 1. Краткий вывод Автоматический deep-analysis через LLM/web_search не был завершён корректно, поэтому ниже приведён безопасный fallback-анализ без неподтверждённых утверждений. Обновление `redis` с `8.2.5` до `8.2.6` найдено upstream-monitor и требует обычной мейнтейнерской проверки перед PR/merge. ### 2. Риск для НАЙС.ОС Риск: `unknown` до ручной проверки. Для стабильной политики НАЙС.ОС обновление нельзя считать автоматически безопасным только по факту наличия новой upstream-версии. ### 3. Что изменилось upstream Update urgency: `SECURITY`: There are security fixes in the release. ### Security fixes - (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution. - (CVE-2026-25243) Invalid memory access in `RESTORE` may lead to Remote Code Execution - (CVE-2026-23631) Lua Use-After-Free may lead to remote code execution - (CVE-2026-25588) Invalid memory access in `RESTORE` may lead to Remote Code Execution (Time Series) - (CVE-2026-25589) Invalid memory access in `RESTORE` may lead to Remote Code Execution (Probabilistic) ### Bug fixes - `SUBSCRIBE`, `PSUBSCRIBE`, `SSUBSCRIBE`: crash on OOM (RED-167788) - `CONFIG SET`: some settings allow invalid characters (RED-167787) - `SCRIPT DEBUG`: potential crash on scripts (RED-175507) - `VADD`: crash or buffer overflow on large `REDUCE` value (RED-170921) - `VSET`: crash on huge allocations (MOD-12678) - Potential crash on disconnections and TLS failures (Time Series) (MOD-14850) - RediSearch/RediSearch#8743 Crash when many keys receive expirations under heavy TTL activity (MOD-14500) - RediSearch/RediSearch#8850 HNSW vector index memory growth under high-churn workloads until shard restart (MOD-13761) - RediSearch/RediSearch#9178 Coordinator deadlock under mixed `FT.SEARCH` and `FT.AGGREGATE` load (MOD-14268) - RediSearch/RediSearch#9049 `FT.PROFILE` output is inconsistent when a profiled value is missing (MOD-10560) - RediSearch/RediSearch#8793 `FT.EXPLAIN` does not lock, causing a race with concurrent index changes (MOD-14461) - RediSearch/RediSearch#8600 `FILTER` returns inconsistent results with multiple indexes sharing field aliases (MOD-14063) - RediSearch/RediSearch#8662 `FILTER` behavior depends on property order in the expression (MOD-14342) - RediSearch/RediSearch#8602 Filter expressions are evaluated for indexes that do not match the document type (MOD-14064) - RediSearch/RediSearch#8601 Documents are inconsistently included or excluded depending on the indexing path taken (MOD-13948) - RediSearch/RediSearch#8599 `RENAME` notification handler loads the wrong key, causing stale index entries after a rename (MOD-14062) - RediSearch/RediSearch#9019 `PERSIST` and `HPERSIST` notifications are not reflected in index expiration tracking (MOD-14800) - RediSearch/RediSearch#9081 `FT.SPELLCHECK` treats `PARAMS` placeholders as literal terms instead of resolving them (MOD-10596) - RediSearch/RediSearch#8464 GC out-of-memory on replica shards leaves the replica in an inconsistent state (MOD-14066) - RediSearch/RediSearch#8888 `FT.CURSOR` enters an infinite loop when the ACL user lacks specific permissions (MOD-14479) - RediSearch/RediSearch#9166 Crash on `FT.SEARCH` when topology validation fails (for example, some nodes unreachable) (MOD-14475) - RediSearch/RediSearch#8453 `FT.INFO`-style output no longer reports zero-index summary data when no indices exist (MOD-14081) - RediSearch/RediSearch#9076 `FT.CREATE` now rejects schema definitions with in ...[truncated 155 chars] ### 4. Security/CVE Подтверждённых CVE в fallback-режиме не выявлено. Если обновление позиционируется upstream как security release, нужно проверить официальный changelog, release notes и CVE/advisory-источники вручную. ### 5. ABI/API/CLI/config риск Для пакета `redis` нужно проверить изменение CLI/options, поведения по умолчанию, форматов конфигурации и совместимость со скриптами, которые могут использовать пакет в НАЙС.ОС. Без завершённого web-search анализа риск остаётся `unknown`. ### 6. Риск для RPM-сборки и dist-git Проверить `SPECS`, `SOURCES`, source lock, патчи, `BuildRequires/Requires`, `%check`, SBOM и воспроизводимость сборки. Если upstream изменил систему сборки или layout исходников, spec может потребовать ручной правки. ### 7. Риск для системы и зависимых компонентов Проверить reverse dependencies, пользовательские сценарии и любые автоматические скрипты, которые вызывают `redis`. Для НАЙС.ОС приоритет — стабильность, поэтому при отсутствии доказательств совместимости обновление должно идти через PR и ручной review. ### 8. Проверки мейнтейнера - Сравнить upstream tag/release `8.2.6` с текущей версией `8.2.5`. - Проверить официальный changelog/release notes и compare page. - Собрать RPM в чистом окружении. - Запустить `%check`, если доступен. - Проверить smoke-test основного CLI/daemon/library сценария. - Обновить source lock/SBOM/package-index после merge. - Проверить, не требует ли обновление исключения или pinning policy. ### 9. Рекомендация `issue-only` до ручной проверки. Если сборка и smoke tests проходят, можно перевести в `update candidate`. ### 10. Источники - <a href="https://github.com/redis/redis" target="_blank" rel="noopener noreferrer">Upstream project</a> - <a href="https://github.com/redis/redis/releases/tag/8.2.6" target="_blank" rel="noopener noreferrer">Release/tag page</a> - <a href="https://api.github.com/repos/redis/redis/tarball/8.2.6" target="_blank" rel="noopener noreferrer">Source archive</a> - <a href="https://specs.niceos.ru/rpms/redis" target="_blank" rel="noopener noreferrer">NiceOS dist-git</a> _Примечание: fallback создан потому, что LLM/web_search не вернул завершённый анализ. Причина: `HTTP 429 POST <a href="https://api.openai.com/v1/responses" target="_blank" rel="noopener noreferrer">api.openai.com — responses</a>: { "error": { "message": "You exceeded your current quota, please check your plan and billing details. For more information on this error, read the docs: <a href="https://platform.openai.com/docs/guides/error-codes/api-errors" target="_blank" rel="noopener noreferrer">platform.openai.com — api errors</a>.", "type": "insufficient_quota", "param": null, "code": "insufficient_quota" } }`._ ## Upstream release notes / description Update urgency: `SECURITY`: There are security fixes in the release. ### Security fixes - (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution. - (CVE-2026-25243) Invalid memory access in `RESTORE` may lead to Remote Code Execution - (CVE-2026-23631) Lua Use-After-Free may lead to remote code execution - (CVE-2026-25588) Invalid memory access in `RESTORE` may lead to Remote Code Execution (Time Series) - (CVE-2026-25589) Invalid memory access in `RESTORE` may lead to Remote Code Execution (Probabilistic) ### Bug fixes - `SUBSCRIBE`, `PSUBSCRIBE`, `SSUBSCRIBE`: crash on OOM (RED-167788) - `CONFIG SET`: some settings allow invalid characters (RED-167787) - `SCRIPT DEBUG`: potential crash on scripts (RED-175507) - `VADD`: crash or buffer overflow on large `REDUCE` value (RED-170921) - `VSET`: crash on huge allocations (MOD-12678) - Potential crash on disconnections and TLS failures (Time Series) (MOD-14850) - RediSearch/RediSearch#8743 Crash when many keys receive expirations under heavy TTL activity (MOD-14500) - RediSearch/RediSearch#8850 HNSW vector index memory growth under high-churn workloads until shard restart (MOD-13761) - RediSearch/RediSearch#9178 Coordinator deadlock under mixed `FT.SEARCH` and `FT.AGGREGATE` load (MOD-14268) - RediSearch/RediSearch#9049 `FT.PROFILE` output is inconsistent when a profiled value is missing (MOD-10560) - RediSearch/RediSearch#8793 `FT.EXPLAIN` does not lock, causing a race with concurrent index changes (MOD-14461) - RediSearch/RediSearch#8600 `FILTER` returns inconsistent results with multiple indexes sharing field aliases (MOD-14063) - RediSearch/RediSearch#8662 `FILTER` behavior depends on property order in the expression (MOD-14342) - RediSearch/RediSearch#8602 Filter expressions are evaluated for indexes that do not match the document type (MOD-14064) - RediSearch/RediSearch#8601 Documents are inconsistently included or excluded depending on the indexing path taken (MOD-13948) - RediSearch/RediSearch#8599 `RENAME` notification handler loads the wrong key, causing stale index entries after a rename (MOD-14062) - RediSearch/RediSearch#9019 `PERSIST` and `HPERSIST` notifications are not reflected in index expiration tracking (MOD-14800) - RediSearch/RediSearch#9081 `FT.SPELLCHECK` treats `PARAMS` placeholders as literal terms instead of resolving them (MOD-10596) - RediSearch/RediSearch#8464 GC out-of-memory on replica shards leaves the replica in an inconsistent state (MOD-14066) - RediSearch/RediSearch#8888 `FT.CURSOR` enters an infinite loop when the ACL user lacks specific permissions (MOD-14479) - RediSearch/RediSearch#9166 Crash on `FT.SEARCH` when topology validation fails (for example, some nodes unreachable) (MOD-14475) - RediSearch/RediSearch#8453 `FT.INFO`-style output no longer reports zero-index summary data when no indices exist (MOD-14081) - RediSearch/RediSearch#9076 `FT.CREATE` now rejects schema definitions with invalid option combinations at creation time (MOD-14655) ### Metrics - RediSearch/RediSearch#8235 `FT.PROFILE`: added queue time tracking (MOD-13602) ## NiceOS maintainer checklist - [ ] Confirm that the detected version is a stable upstream release. - [ ] Check upstream changelog for security fixes, ABI/API changes and build-system changes. - [ ] Check ABI/API compatibility and reverse dependencies. - [ ] Download source into NiceOS lookaside storage. - [ ] Update `Version` and related fields in `SPECS/*.spec` only if policy allows it. - [ ] Regenerate `SOURCES/sources.lock.json`, manifests, metadata and SBOM. - [ ] Build SRPM/RPM in a clean NiceOS buildroot. - [ ] Run package smoke tests. - [ ] Link PR/build logs and close this issue after update or triage. ## Bot metadata - Tool: `niceos_upstream_monitor.py 2.1.2-openai-deep` - Generated at: `2026-05-22T01:32:35Z`
sbelikov commented 2026-05-24 17:57:05 +03:00
Author
Owner
Copy link

Package version is now 8.2.6 and target version was 8.2.6. Closing as resolved.\n\n_Closed by niceos_upstream_monitor.py 1.5 at 2026-05-24T14:57:05Z._

Package version is now `8.2.6` and target version was `8.2.6`. Closing as resolved.\n\n_Closed by `niceos_upstream_monitor.py 1.5` at `2026-05-24T14:57:05Z`._
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
niceos-5.2
update-redis-8.2.6
update-redis-8.2.5
No results found.
Labels
Clear labels   
ai-summary
Issue contains local NiceSOFT AI generated preliminary analysis

  
bot
Created by automation

  
cve
Created by niceos_cve_create_issues.py

  
llm-analysis
Created by niceos_cve_create_issues.py

  
needs-build
Needs build verification

  
needs-triage
Created by niceos_cve_create_issues.py

  
priority/high
High priority

  
priority/medium
Medium priority

  
security
Created by niceos_cve_create_issues.py

  
security-release
Release notes mention security fixes or CVE

  
severity-critical
Created by niceos_cve_create_issues.py

  
source-nvd
Created by niceos_cve_create_issues.py

  
update/patch
Patch-level update

  
upstream-update
New upstream version is available

  
upstream/github
GitHub upstream

No labels
ai-summary
bot
cve
llm-analysis
needs-build
needs-triage
priority/high
priority/medium
security
security-release
severity-critical
source-nvd
update/patch
upstream-update
upstream/github
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
rpms/redis#4
No description provided.