Upgrade redis to 6.2.11 to fix CVE-2022-36021, CVE-2023-25155 (#5069)

2023-03-13 11:59:48 -07:00 · 2023-03-13 11:59:48 -07:00 · e4cd095f34
--- a/SPECS/redis/redis.signatures.json
+++ b/SPECS/redis/redis.signatures.json
@ -1,5 +1,5 @@
 {
- "Signatures": {
-  "redis-6.2.9.tar.gz": "9661b2c6b1cc9bf2999471b37a4d759fa5e747d408142c18af8792ebd8384a2a"
- }
+  "Signatures": {
+    "redis-6.2.11.tar.gz": "8c75fb9cdd01849e92c23f30cb7fe205ea0032a38d11d46af191014e9acc3098"
+  }
 }
--- a/SPECS/redis/redis.spec
+++ b/SPECS/redis/redis.spec
@ -1,6 +1,6 @@
 Summary:        advanced key-value store
 Name:           redis
-Version:        6.2.9
+Version:        6.2.11
 Release:        1%{?dist}
 License:        BSD
 Vendor:         Microsoft Corporation
@ -83,6 +83,9 @@ exit 0
 %config(noreplace) %attr(0640, %{name}, %{name}) %{_sysconfdir}/redis.conf

 %changelog
+* Mon Mar 13 2023 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 6.2.11-1
+- Auto-upgrade to 6.2.11 - to fix CVE-2022-36021, CVE-2023-25155
+
 * Wed Feb 08 2023 Rachel Menge <rachelmenge@microsoft.com> - 6.2.9-1
 - Bump version 6.2.9 for CVE-2022-35977 and CVE-2023-22458

--- a/cgmanifest.json
+++ b/cgmanifest.json
@ -25034,8 +25034,8 @@
        "type": "other",
        "other": {
          "name": "redis",
-          "version": "6.2.9",
-          "downloadUrl": "https://download.redis.io/releases/redis-6.2.9.tar.gz"
+          "version": "6.2.11",
+          "downloadUrl": "https://download.redis.io/releases/redis-6.2.11.tar.gz"
        }
      }
    },