commit: 4207f7226d49f596d2f934b58ea02e7a7726ccd2
Author: Petr Vaněk <arkamar <AT> atlas <DOT> cz>
AuthorDate: Mon Apr 17 19:42:16 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Apr 18 03:18:45 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4207f722
dev-db/redis: add 7.0.11
This version fixes crash with FORTIFY_SOURCE=3 in commit 863fcfbf525f
("Use dummy allocator to make accesses defined as per standard
(#11982)") and mitigates CVE-2023-28856.
Bug: https://bugs.gentoo.org/904486
Closes: https://bugs.gentoo.org/903253
Signed-off-by: Petr Vaněk <arkamar <AT> atlas.cz>
Signed-off-by: Sam James <sam <AT> gentoo.org>
dev-db/redis/Manifest | 1 +
dev-db/redis/redis-7.0.11.ebuild | 187 +++++++++++++++++++++++++++++++++++++++
2 files changed, 188 insertions(+)
diff --git a/dev-db/redis/Manifest b/dev-db/redis/Manifest
index 761e3103758a..fd4e37d6156f 100644
--- a/dev-db/redis/Manifest
+++ b/dev-db/redis/Manifest
@@ -1,5 +1,6 @@
DIST redis-6.2.11.tar.gz 2492990 BLAKE2B
edf046d86e295878abc5ba46ea6c8048c97f27b90d132ec1318350fa0634bb5e4cd1407757f07ef3c11abcb13b05ccc8a757bc17d7f1c9800644dfc0d2994d77
SHA512
9962446d7b1f14524a3007967768b33281dd33706567b8ac56e4cb7d3caa8533bcbc319ea899a163d56567be85cbc03cdcc440d9b1c9707372e10b53d1c1dcd7
DIST redis-6.2.7.tar.gz 2487287 BLAKE2B
06f1b1e16cdf06c38b67c1f1dcccc025da50cc3719688b8c2bf23077d77dd97ea546909043fb65e60478ac3661cc033fa6e8d7a38e361e69eb93ba3db07b7c66
SHA512
d113094b8e31754915db7f0317d9b7969e034af3a7bac2ae0cbfad6cc61ba3aae35e9709c435abc1024a96f914df7a760b3cd18d06c375b541cfa837d1c5b953
DIST redis-7.0.10.tar.gz 2986993 BLAKE2B
94008c7801a9a0909b2b0131a45d4e0815648c7761d9a78c59be2cb03f6955678d7185c907f663bccd8a156851b61f76eaeca82dbd3beb5e64cc6ebf060e2ec2
SHA512
cb6376b8eb9bd56808d15b7a2289b39ad62ade618ab4b57314e6bda43a91905a4f222b32fa27fd4040e29e55ba4f4624452c246fb42fe3539c154954592efaa7
+DIST redis-7.0.11.tar.gz 2988485 BLAKE2B
b82c2dd9c81a2d92051814b07e6e3a886e52a1f46b9aa28124ad8850a5fec6a0b7bb86ec803c0e23c2c92fea0e2f29e7eca9f5f875d4396fdff9d1b54dbaf0e1
SHA512
679c908b87b4e513401b49d7b87ac1cb03a29dd145dc2364afd579dd541a38feb5d65ee9b7077bb6ec96c3850812bdd475ca10d5cf92ebe52839ff1a2be89174
DIST redis-7.0.5.tar.gz 2968205 BLAKE2B
c319a2f656e4bd26637735ef73e58eecc306e202b57d6da3a38150a02d738a414c6696e261b8ab88033e117aee4f02308aab9ca4a5f382d66ec3a10f3e020580
SHA512
16ff920cb8df4d82e78ef34209285024aa98189be8acbca86b10fb3064dcc70eac60206aadece6af08406860ed01a004ce3aaa86be896ea36c7f486686646753
DIST redis-7.0.9.tar.gz 2984823 BLAKE2B
9c2e79f40ad14f6412ec4bc79507a32f8780bf4b3a311b87dd309e74b6367536f1c91b8026efc6acb3d750ca7c49687a74660c66d104caa439ef385db3eab230
SHA512
e984a19583e4aae0a5dce85a434d3255f4f13725eba0f11a1fe1a1189b17035152a26b65f1a3a8834f0dd8218f4a65986c918f96386120ea9419bd02366c8293
diff --git a/dev-db/redis/redis-7.0.11.ebuild b/dev-db/redis/redis-7.0.11.ebuild
new file mode 100644
index 000000000000..6351e489f12e
--- /dev/null
+++ b/dev-db/redis/redis-7.0.11.ebuild
@@ -0,0 +1,187 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# N.B.: It is no clue in porting to Lua eclasses, as upstream have deviated
+# too far from vanilla Lua, adding their own APIs like lua_enablereadonlytable
+
+inherit autotools edo flag-o-matic multiprocessing systemd tmpfiles
toolchain-funcs
+
+DESCRIPTION="A persistent caching system, key-value, and data structures
database"
+HOMEPAGE="https://redis.io";
+SRC_URI="https://download.redis.io/releases/${P}.tar.gz";
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~loong ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86
~amd64-linux ~x86-linux ~x86-solaris"
+IUSE="+jemalloc selinux ssl systemd tcmalloc test"
+RESTRICT="!test? ( test )"
+
+COMMON_DEPEND="
+ jemalloc? ( >=dev-libs/jemalloc-5.1:= )
+ ssl? ( dev-libs/openssl:0= )
+ systemd? ( sys-apps/systemd:= )
+ tcmalloc? ( dev-util/google-perftools )
+"
+
+RDEPEND="
+ ${COMMON_DEPEND}
+ acct-group/redis
+ acct-user/redis
+ selinux? ( sec-policy/selinux-redis )
+"
+
+BDEPEND="
+ ${COMMON_DEPEND}
+ virtual/pkgconfig
+"
+
+# Tcl is only needed in the CHOST test env
+DEPEND="
+ ${COMMON_DEPEND}
+ test? (
+ dev-lang/tcl:0=
+ ssl? ( dev-tcltk/tls )
+ )"
+
+REQUIRED_USE="?? ( jemalloc tcmalloc )"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-6.2.1-config.patch
+ "${FILESDIR}"/${PN}-5.0-shared.patch
+ "${FILESDIR}"/${PN}-6.2.3-ppc-atomic.patch
+ "${FILESDIR}"/${PN}-sentinel-5.0-config.patch
+ "${FILESDIR}"/${PN}-7.0.4-no-which.patch
+)
+
+src_prepare() {
+ default
+
+ # Append cflag for lua_cjson
+ #
https://github.com/antirez/redis/commit/4fdcd213#diff-3ba529ae517f6b57803af0502f52a40bL61
+ append-cflags "-DENABLE_CJSON_GLOBAL"
+
+ # now we will rewrite present Makefiles
+ local makefiles="" MKF
+ for MKF in $(find -name 'Makefile' | cut -b 3-); do
+ mv "${MKF}" "${MKF}.in"
+ sed -i -e 's:$(CC):@CC@:g' \
+ -e 's:$(CFLAGS):@AM_CFLAGS@:g' \
+ -e 's: $(DEBUG)::g' \
+ -e 's:$(OBJARCH)::g' \
+ -e 's:ARCH:TARCH:g' \
+ -e '/^CCOPT=/s:$: $(LDFLAGS):g' \
+ "${MKF}.in" \
+ || die "Sed failed for ${MKF}"
+ makefiles+=" ${MKF}"
+ done
+ # autodetection of compiler and settings; generates the modified
Makefiles
+ cp "${FILESDIR}"/configure.ac-7.0 configure.ac || die
+
+ sed -i \
+ -e "/^AC_INIT/s|, __PV__, |, $PV, |" \
+ -e
"s:AC_CONFIG_FILES(\[Makefile\]):AC_CONFIG_FILES([${makefiles}]):g" \
+ configure.ac || die "Sed failed for configure.ac"
+ eautoreconf
+}
+
+src_configure() {
+ econf
+
+ # Linenoise can't be built with -std=c99, see
https://bugs.gentoo.org/451164
+ # also, don't define ANSI/c99 for lua twice
+ sed -i -e "s:-std=c99::g" deps/linenoise/Makefile deps/Makefile || die
+}
+
+src_compile() {
+ local myconf=""
+
+ if use jemalloc; then
+ myconf+="MALLOC=jemalloc"
+ elif use tcmalloc; then
+ myconf+="MALLOC=tcmalloc"
+ else
+ myconf+="MALLOC=libc"
+ fi
+
+ if use ssl; then
+ myconf+=" BUILD_TLS=yes"
+ fi
+
+ export USE_SYSTEMD=$(usex systemd)
+
+ tc-export AR CC RANLIB
+ emake V=1 ${myconf} AR="${AR}" CC="${CC}" RANLIB="${RANLIB}"
+}
+
+src_test() {
+ local runtestargs=(
+ --clients "$(makeopts_jobs)" # see bug #649868
+
+ --skiptest "Active defrag eval scripts" # see bug #851654
+ )
+
+ if has usersandbox ${FEATURES} || ! has userpriv ${FEATURES}; then
+ ewarn "oom-score-adj related tests will be skipped." \
+ "They are known to fail with FEATURES usersandbox or
-userpriv. See bug #756382."
+
+ runtestargs+=(
+ # unit/oom-score-adj was introduced in version 6.2.0
+ --skipunit unit/oom-score-adj # see bug #756382
+
+ # Following test was added in version 7.0.0 to
unit/introspection.
+ # It also tries to adjust OOM score.
+ --skiptest "CONFIG SET rollback on apply error"
+ )
+ fi
+
+ if use ssl; then
+ edo ./utils/gen-test-certs.sh
+ runtestargs+=( --tls )
+ fi
+
+ edo ./runtest "${runtestargs[@]}"
+}
+
+src_install() {
+ insinto /etc/redis
+ doins redis.conf sentinel.conf
+ use prefix || fowners -R redis:redis /etc/redis
/etc/redis/{redis,sentinel}.conf
+ fperms 0750 /etc/redis
+ fperms 0644 /etc/redis/{redis,sentinel}.conf
+
+ newconfd "${FILESDIR}/redis.confd-r2" redis
+ newinitd "${FILESDIR}/redis.initd-6" redis
+
+ systemd_newunit "${FILESDIR}/redis.service-4" redis.service
+ newtmpfiles "${FILESDIR}/redis.tmpfiles-2" redis.conf
+
+ newconfd "${FILESDIR}/redis-sentinel.confd-r1" redis-sentinel
+ newinitd "${FILESDIR}/redis-sentinel.initd-r1" redis-sentinel
+
+ insinto /etc/logrotate.d/
+ newins "${FILESDIR}/${PN}.logrotate" ${PN}
+
+ dodoc 00-RELEASENOTES BUGS CONTRIBUTING.md MANIFESTO README.md
+
+ dobin src/redis-cli
+ dosbin src/redis-benchmark src/redis-server src/redis-check-aof
src/redis-check-rdb
+ fperms 0750 /usr/sbin/redis-benchmark
+ dosym redis-server /usr/sbin/redis-sentinel
+
+ if use prefix; then
+ diropts -m0750
+ else
+ diropts -m0750 -o redis -g redis
+ fi
+ keepdir /var/{log,lib}/redis
+}
+
+pkg_postinst() {
+ tmpfiles_process redis.conf
+
+ ewarn "The default redis configuration file location changed to:"
+ ewarn " /etc/redis/{redis,sentinel}.conf"
+ ewarn "Please apply your changes to the new configuration files."
+}
