summaryrefslogtreecommitdiffstats
path: root/00-RELEASENOTES
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-14 13:40:54 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-14 13:40:54 +0000
commit317c0644ccf108aa23ef3fd8358bd66c2840bfc0 (patch)
treec417b3d25c86b775989cb5ac042f37611b626c8a /00-RELEASENOTES
parentInitial commit. (diff)
downloadredis-317c0644ccf108aa23ef3fd8358bd66c2840bfc0.tar.xz
redis-317c0644ccf108aa23ef3fd8358bd66c2840bfc0.zip
Adding upstream version 5:7.2.4.upstream/5%7.2.4
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '00-RELEASENOTES')
-rw-r--r--00-RELEASENOTES510
1 files changed, 510 insertions, 0 deletions
diff --git a/00-RELEASENOTES b/00-RELEASENOTES
new file mode 100644
index 0000000..40efaba
--- /dev/null
+++ b/00-RELEASENOTES
@@ -0,0 +1,510 @@
+Redis 7.2 release notes
+=======================
+
+--------------------------------------------------------------------------------
+Upgrade urgency levels:
+
+LOW: No need to upgrade unless there are new features you want to use.
+MODERATE: Program an upgrade of the server, but it's not urgent.
+HIGH: There is a critical bug that may affect a subset of users. Upgrade!
+CRITICAL: There is a critical bug affecting MOST USERS. Upgrade ASAP.
+SECURITY: There are security fixes in the release.
+--------------------------------------------------------------------------------
+
+
+================================================================================
+Redis 7.2.4 Released Tue 09 Jan 2024 10:45:52 IST
+================================================================================
+
+Upgrade urgency SECURITY: See security fixes below.
+
+Security fixes
+==============
+* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
+ buffers which can result in incorrect accounting of buffer sizes and lead to
+ heap overflow and potential remote code execution.
+
+Bug fixes
+=========
+
+* Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
+* Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
+* Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)
+
+
+================================================================================
+Redis 7.2.3 Released Wed 01 Nov 2023 12:00:00 IST
+================================================================================
+
+Upgrade urgency: HIGH, Fixes critical bugs affecting most users.
+
+Bug fixes
+=========
+
+* Fix file descriptor leak preventing deleted files from freeing disk space on
+ replicas (#12693)
+* Fix a possible crash after cluster node removal (#12702)
+
+
+================================================================================
+Redis 7.2.2 Released Wed 18 Oct 2023 10:33:40 IDT
+================================================================================
+
+Upgrade urgency SECURITY: See security fixes below.
+
+Security fixes
+==============
+
+* (CVE-2023-45145) The wrong order of listen(2) and chmod(2) calls creates a
+ race condition that can be used by another process to bypass desired Unix
+ socket permissions on startup.
+
+
+Platform / toolchain support related changes
+=================================================
+
+* Fix compilation error on MacOS 13 (#12611)
+
+Bug fixes
+=========
+
+* WAITAOF could timeout in the absence of write traffic in case a new AOF is
+ created and an AOF rewrite can't immediately start (#12620)
+
+Redis cluster
+=============
+
+* Fix crash when running rebalance command in a mixed cluster of 7.0 and 7.2
+ nodes (#12604)
+* Fix the return type of the slot number in cluster shards to integer, which
+ makes it consistent with past behavior (#12561)
+* Fix CLUSTER commands are called from modules or scripts to return TLS info
+ appropriately (#12569)
+
+Changes in CLI tools
+====================
+
+* redis-cli, fix crash on reconnect when in SUBSCRIBE mode (#12571)
+
+Module API changes
+==================
+
+* Fix overflow calculation for next timer event (#12474)
+
+
+================================================================================
+Redis 7.2.1 Released Wed 06 Sep 2023 15:00:00 IDT
+================================================================================
+
+Upgrade urgency SECURITY: See security fixes below.
+
+Security Fixes
+==============
+
+* (CVE-2023-41053) Redis does not correctly identify keys accessed by SORT_RO and,
+ as a result, may grant users executing this command access to keys that are not
+ explicitly authorized by the ACL configuration.
+
+
+Bug Fixes
+=========
+
+* Fix crashes when joining a node to an existing 7.0 Redis Cluster (#12538)
+* Correct request_policy and response_policy command tips on for some admin /
+ configuration commands (#12545, #12530)
+
+
+================================================================================
+Redis 7.2.0 GA Released Tue Aug 15 12:00:00 IDT 2023
+================================================================================
+
+Upgrade urgency LOW: This is the first stable Release for Redis 7.2.
+
+Bug Fixes
+=========
+
+* redis-cli in cluster mode handles `unknown-endpoint` (#12273)
+* Update request / response policy hints for a few commands (#12417)
+* Ensure that the function load timeout is disabled during loading from RDB/AOF and on replicas. (#12451)
+* Fix false success and a memory leak for ACL selector with bad parenthesis combination (#12452)
+* Fix the assertion when script timeout occurs after it signaled a blocked client (#12459)
+
+Fixes for issues in previous releases of Redis 7.2
+--------------------------------------------------
+
+* Update MONITOR client's memory correctly for INFO and client-eviction (#12420)
+* The response of cluster nodes was unnecessarily adding an extra comma when no
+ hostname was present. (#12411)
+
+================================================================================
+Redis 7.2 RC3 Released Mon July 10 12:00:00 IDT 2023
+================================================================================
+
+Upgrade urgency LOW: This is the third Release Candidate for Redis 7.2.
+Upgrade urgency SECURITY: If you're using a previous release candidate of 7.2.
+
+Security Fixes:
+* (CVE-2022-24834) A specially crafted Lua script executing in Redis can trigger
+ a heap overflow in the cjson and cmsgpack libraries, and result in heap
+ corruption and potentially remote code execution. The problem exists in all
+ versions of Redis with Lua scripting support, starting from 2.6, and affects
+ only authenticated and authorized users.
+* (CVE-2023-36824) Extracting key names from a command and a list of arguments
+ may, in some cases, trigger a heap overflow and result in reading random heap
+ memory, heap corruption and potentially remote code execution. Specifically:
+ using COMMAND GETKEYS* and validation of key names in ACL rules.
+
+New Features
+============
+
+New administrative and introspection commands and command arguments
+-------------------------------------------------------------------
+
+* Make SENTINEL CONFIG [SET|GET] variadic. (#10362)
+
+Potentially Breaking / Behavior Changes
+=======================================
+
+* Cluster SHARD IDs are no longer visible in the cluster nodes output,
+ introduced in 7.2-RC1. (#10536, #12166)
+* When calling PUBLISH with a RESP3 client that's also subscribed to the same channel,
+ the order is changed and the reply is sent before the published message (#12326)
+
+New configuration options
+=========================
+
+* Add a new loglevel "nothing" to disable logging (#12133)
+* Add cluster-announce-human-nodename - a unique identifier for a node that is
+ be used in logs for debugging (#9564)
+
+Other General Improvements
+==========================
+
+* Allow CLUSTER SLOTS / SHARDS commands during loading (#12269)
+* Support TLS service when "tls-cluster" is not enabled and persist both plain
+ and TLS port in nodes.conf (#12233)
+* Update SPOP and RESTORE commands to replicate unlink commands to replicas
+ when the server is configured to use async server deletes (#12320)
+* Try lazyfree the temporary zset in ZUNION / ZINTER / ZDIFF (#12229)
+
+Performance and resource utilization improvements
+=================================================
+
+* Optimize PSUBSCRIBE and PUNSUBSCRIBE from O(N*M) to O(N) (#12298)
+* Optimize SCAN, SSCAN, HSCAN, ZSCAN commands (#12209)
+* Set Jemalloc --disable-cache-oblivious to reduce memory overhead (#12315)
+* Optimize ZINTERCARD to avoid create a temporary zset (#12229)
+* Optimize HRANDFIELD and ZRANDMEMBER listpack encoded (#12205)
+* Numerous other optimizations (#12155, #12082, #11626, #11944, #12316, #12250,
+ #12177, #12185)
+
+
+Changes in CLI tools
+====================
+
+* redis-cli: Handle RESP3 double responses that contain a NaN (#12254)
+* redis-cli: Support URIs with IPv6 (#11834)
+
+Module API changes
+==================
+
+* Align semantics of the new (v7.2 RC2) RM_ReplyWithErrorFormat with RM_ReplyWithError.
+ This is a breaking change that affects the generated error code. (#12321)
+* Forbid RM_AddPostNotificationJob on loading and on read-only replicas (#12304)
+* Add ability for module command filter to know which client is being handled (#12219)
+
+Bug Fixes
+=========
+
+* Fix broken protocol when PUBLISH is used inside MULTI when the RESP3
+ publishing client is also subscribed for the channel (#12326)
+* Fix WAIT to be effective after a blocked module command being unblocked (#12220)
+* Re-enable downscale rehashing while there is a fork child (#12276)
+* Fix possible hang in HRANDFIELD, SRANDMEMBER, ZRANDMEMBER when used with `<count>` (#12276)
+* Improve fairness issue in RANDOMKEY, HRANDFIELD, SRANDMEMBER, ZRANDMEMBER, SPOP, and eviction (#12276)
+* Cluster: fix a race condition where a slot migration may revert on a subsequent failover or node joining (#12344)
+
+Fixes for issues in previous releases of Redis 7.2
+--------------------------------------------------
+
+* Fix XREADGROUP BLOCK with ">" from hanging (#12301)
+* Fix assertion when a blocked command is rejected when re-processed. (#12247)
+* Fix use after free on a blocking RM_Call. (#12342)
+
+================================================================================
+Redis 7.2 RC2 Released Mon May 15 12:00:00 IST 2023
+================================================================================
+
+Upgrade urgency LOW: This is the second Release Candidate for Redis 7.2.
+
+INFO fields and introspection changes
+=====================================
+
+* Add a few low level event loop metrics to help diagnose latency (#11963)
+
+Performance and resource utilization improvements
+=================================================
+
+* Minor performance improvement to SADD and HSET (#12019)
+
+Platform / toolchain support related changes
+=================================================
+
+* Upgrade to Jemalloc 5.3.0, resolves a rare fork child hang (#12115)
+* Fix a compiler fortification induced crash when used with link time optimizations (#11982)
+* Fix local clients detection, 127.*.*.* instead of 127.0.0.1 (#11664)
+* Report AOF failure status to systemd in shutdown (#12065)
+
+Changes in CLI tools
+====================
+
+* redis-cli: Reimplement and improve help hints based on actual command arg docs (#10515)
+* redis-cli: Add option --count for tuning SCAN based features (#12042)
+* redis-benchmark: Add --seed option to seed the random number generator (#11945)
+
+Module API changes
+==================
+
+* Add RM_RdbLoad and RM_RdbSave APIs (#11852)
+* Add RM_ReplyWithErrorFormat that can support format string (#11923)
+* Fix: Delete empty key when RM_ZsetAdd, RM_ZsetIncrby, RM_StreamAdd fail (#12129)
+
+Bug Fixes
+=========
+
+* LPOS with RANK set to LONG_MIN returning wrong result (#12167)
+* Avoid unnecessary full sync after master restart in a rare case (#12088)
+* Iterate clients fairly when processing background chores (#12025)
+* Avoid incorrect shrinking of query buffer when reading large data from clients (#12000)
+* Sentinel: Fix config rewrite error when old known-slave is used (#11775)
+* ACL: Disconnect pub-sub subscribers when revoking allchannels permission (#11992)
+* Add a missing fsync of AOF file in rare cases (#11973)
+
+Fixes for issues in previous releases of Redis 7.2
+--------------------------------------------------
+
+* Fix tracking of command duration metrics for MULTI, EVAL, WAIT and modules (#11970)
+
+================================================================================
+Redis 7.2 RC1 Released Wed Mar 22 12:00:00 IST 2023
+================================================================================
+
+Upgrade urgency LOW: This is the first Release Candidate for Redis 7.2.
+
+Redis Release Candidate (RC) versions are early versions that are made available
+for early adopters in the community to test them. We do not consider
+them suitable for production environments.
+
+Introduction to the Redis 7.2 release
+=====================================
+
+Redis 7.2 includes optimizations, several new commands, some improvements,
+bug fixes, and several new module APIs.
+
+In particular, users should be aware of the following changes:
+
+1. Redis 7.2 uses a new format (version 11) for RDB files, which is incompatible
+ with older versions.
+2. See section about breaking changes mentioned below.
+3. If you use modules, see the module API breaking changes section below.
+
+Here is a comprehensive list of changes in this release compared to 7.0.10.
+Each one includes the PR number that added it so that you can get more details
+at https://github.com/redis/redis/pull/<number>
+
+New Features
+============
+
+* Introduce WAITAOF command, to block the client until a specified number
+ of Redises have synced all previous write commands to the AOF on disk,
+ see https://redis.io/commands/waitaof/
+
+New user commands or command arguments
+--------------------------------------
+
+* WAITAOF blocks until writes have been synced to disk (#11713)
+* Add WITHSCORE option to ZRANK and ZREVRANK (#11235)
+
+New administrative and introspection commands and command arguments
+-------------------------------------------------------------------
+
+* CLIENT SETINFO lets client library report name and version Redis (#11758)
+* CLIENT NO-TOUCH for clients to run commands without affecting LRU/LFU of keys (#11483)
+* Introduce Shard IDs to logically group nodes in cluster mode based on
+ replication. Shard IDs are automatically assigned and visible via
+ `CLUSTER MYSHARDID`. (#10536)
+
+Command replies that have been extended
+---------------------------------------
+
+* ACL LOG - Add entry id, timestamp created, and timestamp last updated time (#11477)
+* COMMAND DOCS - Repurpose arg names as the unique ID (#11051)
+* CLIENT LIST has `T` flag to indicate CLIENT NO-TOUCH (#11483)
+* CLIENT LIST show lib-name, lib-ver (#11758)
+
+Potentially Breaking / Behavior Changes
+=======================================
+
+* Client side tracking for scripts now tracks the keys that are read by the
+ script instead of the keys that are declared by the caller of EVAL / FCALL (#11770)
+* Freeze time sampling during command execution and in scripts (#10300)
+* When a blocked command is being unblocked, checks like ACL, OOM, etc are
+ re-evaluated (#11012)
+* Unify ACL failure error message text and error codes (#11160)
+* Blocked stream command that's released when key no longer exists carries a
+ different error code (#11012)
+* Command stats are updated for blocked commands only when / if the command
+ actually executes (#11012)
+* The way ACL users are stored internally no longer removes redundant command
+ and category rules, which may alter the way those rules are displayed as part
+ of `ACL SAVE`, `ACL GETUSER` and `ACL LIST` (#11224)
+* Client connections created for TLS-based replication use SNI if possible (#11458)
+* Stream consumers: Re-purpose seen-time, add active-time (#11099)
+* XREADGROUP and X[AUTO]CLAIM create the consumer regardless of whether it was
+ able to perform some reading/claiming (#11099)
+* ACL default newly created user set sanitize-payload flag in ACL LIST/GETUSER #11279
+* Fix HELLO command not to affect the client state unless successful (#11659)
+* Normalize `NAN` in replies to a single nan type, like we do with `inf` (#11597)
+
+Deprecations
+============
+
+* Mark the QUIT command as deprecated (#11439)
+* Delete RDB loading code for pre-release RDB formats (#11058)
+
+Performance and resource utilization improvements
+=================================================
+
+* Significant memory optimization of small list type keys (#11303)
+* Significant memory optimization for small set type keys (#11290)
+* Significant memory optimization for large sets (#11595)
+* Significant speed optimization in ZRANGE replies WITHSCORES in case of integer scores (#11779)
+* Significant speed optimization in double replies, mainly sorted sets commands (#10587)
+* Optimize the performance of commands with multiple keys in cluster mode (#11044)
+* Incrementally reclaim OS page cache of RDB file (#11248)
+* Improve memory management of cluster bus links when there is a large number of pending messages (#11343)
+* Minor performance improvement for workloads that use commands without pipelining (#11220)
+
+Changes in CLI tools
+====================
+
+* redis-cli accepts commands in subscribed mode (#11873)
+
+Other General Improvements
+==========================
+
+* WAIT now no longer waits for the replication offset after your last command,
+ but rather the replication offset after your last write (#11713)
+* Automatically propagate node deletion to other nodes in a cluster when
+ `CLUSTER FORGET` is called, allowing nodes to be deleted with a single call
+ in most cases (#10869)
+* Blocking commands that were disallowed in scripts now behave in scripts the
+ same they did in MULTI (#11568)
+
+Platform / toolchain support related changes
+=================================================
+
+* 32-bit builds compiled without HAVE_MALLOC_SIZE (not jemalloc or glibc)
+ will consume more memory (#11595)
+* Use jemalloc by default also on ARM (#11407)
+* Adds stack trace and register dump support in crash report for illumos/solaris (#11335)
+
+
+New configuration options
+=========================
+
+* locale-collate runtime config to control setlocale affecting Lua and SORT (#11059)
+* Add CONFIG SET and GET loglevel feature in Sentinel (#11214)
+
+INFO fields and introspection changes
+=====================================
+
+* Added 4 new info fields for authentication errors and commands denied access
+ for keys, channels and commands (#11288)
+* INFO SERVER includes a list of listeners (#9320)
+
+
+Module API changes
+==================
+
+* Make it possible for module commands to be part of ACL categories (#11708)
+* Add K flag to RM_Call to allow running blocking commands and set a callback to get the response (#11568)
+* Add RM_AddPostNotificationJob to allow writes after keyspace notification hooks (#11199)
+* RedisModule_Event_Key to notify about keys being unlinked together with reason and value (#9406)
+* Add RM_BlockClient[Set|Get]PrivateData to associate a module data with the blocked client (#11568)
+* APIs to allow modules to participate / handle AUTH validation (#11659)
+* RM_GetContextFlags supports a new flag: REDISMODULE_CTX_FLAGS_SERVER_STARTUP (#9320)
+* Add REDISMODULE_OPTIONS_ALLOW_NESTED_KEYSPACE_NOTIFICATIONS and RedisModule_GetModuleOptionsAll (#11199)
+* RM_BlockClientOnKeysWithFlags allows module to request being unblocked when the key is deleted (#11310)
+* Introduce aux_save2 makes it possible to skip saving that field in the RDB and
+ enable loading the file in the absence of the module (#11374)
+* Add a dry run flag to RM_Call to do validations before actual execution (#11158)
+* Add RM_Microseconds and RM_CachedMicroseconds (#11016)
+* Add RM_ACLAddLogEntryByUserName API to be used without a user object (#11659)
+* Make it possible to keep the RM_Call reply for longer than the context lifetime in case
+ auto memory was not used (#11568)
+
+Potentially Breaking Changes in Module API
+------------------------------------------
+
+* RM_Call only enforces OOM on scripts if 'M' flag is set (#11425)
+* Block some specific characters in module command names (#11434)
+* Fix replication inconsistency on modules that uses keyspace notifications (#10969)
+* Prevent command, configs, data types registration after the onload handler (#11708)
+
+Bug Fixes
+=========
+
+* Introduce socket shutdown to properly disconnect a client while a fork is active (#11376)
+* CLIENT RESET clears the CLIENT NO-EVICT flag (#11483)
+* Reduce memory usage on strings loaded by a module from an RDB file (#11050)
+* Fix a bug where nodes in a cluster may not replicate or handle internal events for
+ keys deleted when another node in the cluster claimed a slot (#11084)
+* Fix HINCRBYFLOAT not to create a key if the new value is invalid (#11149)
+* Make cluster config file saving atomic and fsync acl file saving (#10924)
+* WAIT command would not block if used in RM_Call (#11713)
+* Minor fixes to command metadata in COMMAND command (#11201, #10273)
+
+
+Thanks to all the users and developers who made this release possible.
+We'll follow up with more RC releases, until the code looks production ready
+and we don't get reports of serious issues for a while.
+
+A special thank you for the amount of work put into this release by:
+
+- Meir Shpilraien
+- Guy Benoish
+- Viktor Söderqvist
+- Zhu Binbin
+- Oran Agra
+- sundb
+- Ran Shidlansik
+- Zhenwei Pi
+- Jason Elbaum
+- Karthik Subbarao
+- Madelyn Olson
+- Huang Zhw
+- Ping Xie
+- Ozan Tezcan
+- Chen Tianjie
+- Deng Ju
+- Wen Hui
+- Brennan Cathcart
+- Itamar Haber
+- Shaya Potter
+- Roshan Khatri
+- Slava Koyfman
+- Zhu Tian
+- Moti Cohen
+- Arad Zilberstein
+- Basel Naamna
+- Mingyi Kang
+- Uri Yagelnik
+- Filipe Oliveira
+- Zhao Zhao
+- Valentino Geron
+- Yaacov Hazan
+- Adi Pinsky
+- David Carlier
+- Li Changjun
+