Update redis to 6.2.9 for CVE-2022-35977 and CVE-2023-22458 (#4804)

SPECS/redis/redis.signatures.json

@@ -1,5 +1,5 @@
 {
  "Signatures": {
-  "redis-6.2.7.tar.gz": "b7a79cc3b46d3c6eb52fa37dde34a4a60824079ebdfb3abfbbfa035947c55319"
+  "redis-6.2.9.tar.gz": "9661b2c6b1cc9bf2999471b37a4d759fa5e747d408142c18af8792ebd8384a2a"
  }
 }

SPECS/redis/redis.spec

@@ -1,7 +1,7 @@
 Summary:        advanced key-value store
 Name:           redis
-Version:        6.2.7
-Release:        2%{?dist}
+Version:        6.2.9
+Release:        1%{?dist}
 License:        BSD
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -10,7 +10,6 @@ URL:            https://redis.io/
 Source0:        https://download.redis.io/releases/%{name}-%{version}.tar.gz
 Patch0:         redis-conf.patch
 Patch1:         disable_active_defrag_big_keys.patch
-Patch2:         CVE-2022-3647.patch
 BuildRequires:  gcc
 BuildRequires:  make
 BuildRequires:  systemd
@@ -84,6 +83,9 @@ exit 0
 %config(noreplace) %attr(0640, %{name}, %{name}) %{_sysconfdir}/redis.conf
 
 %changelog
+* Wed Feb 08 2023 Rachel Menge <rachelmenge@microsoft.com> - 6.2.9-1
+- Bump version 6.2.9 for CVE-2022-35977 and CVE-2023-22458
+
 * Fri Oct 28 2022 Cameron Baird <cameronbaird@microsoft.com> - 6.2.7-2
 - Apply patch to address CVE-2022-3647
 

cgmanifest.json

@@ -24204,8 +24204,8 @@
         "type": "other",
         "other": {
           "name": "redis",
-          "version": "6.2.7",
-          "downloadUrl": "https://download.redis.io/releases/redis-6.2.7.tar.gz"
+          "version": "6.2.9",
+          "downloadUrl": "https://download.redis.io/releases/redis-6.2.9.tar.gz"
         }
       }
     },