Overview
Request 1080032 accepted
- Update to 4.5.4:
* Security
+ Cancelling an async future does not, properly trigger, leading to a
potential data leak in specific cases. (CVE-2023-28858, bsc#1209811)
+ Cancelling an async future does not, properly trigger, leading to a
potential data leak in specific cases. (CVE-2023-28859, bsc#1209812)
* New Features
+ Introduce AbstractConnection so that UnixDomainSocketConnection can
call super().init (#2588)
+ Added queue_class to REDIS_ALLOWED_KEYS (#2577)
+ Made search document subscriptable (#2615)
+ Sped up the protocol parsing (#2596)
+ Use hiredis::pack_command to serialized the commands. (#2570)
+ Add support for unlink in cluster pipeline (#2562)
* Bug Fixes
+ Fixing cancelled async futures (#2666)
+ Fix: do not use asyncio's timeout lib before 3.11.2 (#2659)
+ Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor
argument (#2630)
+ CWE-404 AsyncIO Race Condition Fix (#2624, #2579)
+ Fix behaviour of async PythonParser to match RedisParser as for
issue #2349 (#2582)
+ Replace async_timeout by asyncio.timeout (#2602)
+ Update json().arrindex() default values (#2611)
+ Fix #2581 UnixDomainSocketConnection object has no attribute
_command_packer (#2583)
+ Fix issue with pack_commands returning an empty byte sequence (#2416)
+ Async HiredisParser should finish parsing after a
Connection.disconnect() (#2557)
+ Check for none, prior to raising exception (#2569)
Request History
StevenK created request
- Update to 4.5.4:
* Security
+ Cancelling an async future does not, properly trigger, leading to a
potential data leak in specific cases. (CVE-2023-28858, bsc#1209811)
+ Cancelling an async future does not, properly trigger, leading to a
potential data leak in specific cases. (CVE-2023-28859, bsc#1209812)
* New Features
+ Introduce AbstractConnection so that UnixDomainSocketConnection can
call super().init (#2588)
+ Added queue_class to REDIS_ALLOWED_KEYS (#2577)
+ Made search document subscriptable (#2615)
+ Sped up the protocol parsing (#2596)
+ Use hiredis::pack_command to serialized the commands. (#2570)
+ Add support for unlink in cluster pipeline (#2562)
* Bug Fixes
+ Fixing cancelled async futures (#2666)
+ Fix: do not use asyncio's timeout lib before 3.11.2 (#2659)
+ Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor
argument (#2630)
+ CWE-404 AsyncIO Race Condition Fix (#2624, #2579)
+ Fix behaviour of async PythonParser to match RedisParser as for
issue #2349 (#2582)
+ Replace async_timeout by asyncio.timeout (#2602)
+ Update json().arrindex() default values (#2611)
+ Fix #2581 UnixDomainSocketConnection object has no attribute
_command_packer (#2583)
+ Fix issue with pack_commands returning an empty byte sequence (#2416)
+ Async HiredisParser should finish parsing after a
Connection.disconnect() (#2557)
+ Check for none, prior to raising exception (#2569)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:F"
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:F got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:F got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:F got accepted.
Needs an updated python-fakeredis
fakeredis reports: unresolvable: nothing provides python39-redis < 4.5, (got version 4.5.4-1.1), nothing provides python311-redis < 4.5, (got version 4.5.4-1.1), nothing provides python310-redis < 4.5, (got version 4.5.4-1.1)