| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| debian-packaging/0001-Set-Debian-configuration-defaults.patch | Set Debian configuration defaults | Chris Lamb <lamby@debian.org> | not-needed | 2017-10-10 | ||
| 0001-Fix-FTBFS-on-kFreeBSD.patch | Fix FTBFS on kFreeBSD | Chris Lamb <lamby@debian.org> | no | 2015-10-30 | ||
| 0002-Add-CPPFLAGS-to-upstream-makefiles.patch | Add CPPFLAGS to upstream makefiles | Chris Lamb <lamby@debian.org> | no | 2015-10-30 | ||
| 0003-Use-get_current_dir_name-over-PATHMAX.patch | Use get_current_dir_name over PATHMAX, etc. | Chris Lamb <lamby@debian.org> | no | 2018-01-24 | ||
| 0004-Add-support-for-USE_SYSTEM_JEMALLOC-flag.patch | Add support for USE_SYSTEM_JEMALLOC flag. | Chris Lamb <lamby@debian.org> | yes | 2018-08-25 | ||
| 0001-Apply-security-fixes-for-CVEs-1113.patch | Apply security fixes for CVEs (#1113) Apply the security fixes for the release. (CVE-2024-31449) Lua library commands may lead to stack overflow and potential RCE. (CVE-2024-31227) Potential Denial-of-service due to malformed ACL selectors. (CVE-2024-31228) Potential Denial-of-service due to unbounded pattern matching. |
Madelyn Olson <madelyneolson@gmail.com> | no | 2024-10-02 | ||
| 0001-Fix-LUA-garbage-collector-CVE-2024-46981-1513.patch | Fix LUA garbage collector (CVE-2024-46981) (#1513) Reset GC state before closing the lua VM to prevent user data to be wrongly freed while still might be used on destructor callbacks. Created and publish by Redis in their OSS branch. |
Madelyn Olson <madelyneolson@gmail.com> | no | 2025-01-06 | ||
| 0002-Fix-Read-Write-key-pattern-selector-CVE-2024-51741-1.patch | Fix Read/Write key pattern selector (CVE-2024-51741) (#1514) The explanation on the original commit was wrong. Key based access must have a `~` in order to correctly configure whey key prefixes to apply the selector to. If this is missing, a server assert will be triggered later. |
Madelyn Olson <madelyneolson@gmail.com> | no | 2025-01-06 |