Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) #5501

Open
wants to merge 1 commit into
base: release-0.33
Choose a base branch
from
Open

fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) #5501

wants to merge 1 commit into from
+3 −3

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Apr 3, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change OpenSSF
github.com/redis/go-redis/v9 require patch v9.7.0 -> v9.7.3 OpenSSF Scorecard

Potential out of order responses when CLIENT SETINFO times out during connection establishment in github.com/redis/go-redis

CVE-2025-29923 / GHSA-92cp-5422-2mw7 / GO-2025-3540

More information

Details

Potential out of order responses when CLIENT SETINFO times out during connection establishment in github.com/redis/go-redis

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Release Notes

redis/go-redis (github.com/redis/go-redis/v9)

v9.7.3

Compare Source

What's Changed

  • fix: handle network error on SETINFO (#​3295) (CVE-2025-29923)
  • Deprecating misspelled DisableIndentity flag in the client options.
  • Introducing DisableIdentity flag in the client options.
  • Updating the documentation related to the new flag and the one that was deprecated.

Full Changelog: redis/go-redis@v9.7.1...v9.7.3

v9.7.2

Compare Source

v9.7.1

Compare Source

Changes
  • Recognize byte slice for key argument in cluster client hash slot computation (#​3049)
  • fix(search&aggregate):fix error overwrite and typo #​3220 (#​3224)
  • fix: linter configuration (#​3279)
  • fix(search): if ft.aggregate use limit when limitoffset is zero (#​3275)
  • Reinstate read-only lock on hooks access in dialHook to fix data race (#​3225)
  • fix: flaky ClientKillByFilter test (#​3268)
  • chore: fix some comments (#​3226)
  • fix(aggregate, search): ft.aggregate bugfixes (#​3263)
  • fix: add unstableresp3 to cluster client (#​3266)
  • Fix race condition in clusterNodes.Addrs() (#​3219)
  • SortByWithCount FTSearchOptions fix (#​3201)
  • Eliminate redundant dial mutex causing unbounded connection queue contention (#​3088)
  • Add guidance on unstable RESP3 support for RediSearch commands to README (#​3177)
🚀 New Features
  • Add guidance on unstable RESP3 support for RediSearch commands to README (#​3177)
🐛 Bug Fixes
  • fix(search): if ft.aggregate use limit when limitoffset is zero (#​3275)
  • fix: add unstableresp3 to cluster client (#​3266)
  • fix(aggregate, search): ft.aggregate bugfixes (#​3263)
  • SortByWithCount FTSearchOptions fix (#​3201)
  • Recognize byte slice for key argument in cluster client hash slot computation (#​3049)
Contributors

We'd like to thank all the contributors who worked on this release!

@​ofekshenawa, @​Cgol9, @​LINKIWI, @​shawnwgit, @​zhuhaicity, @​bitsark, @​vladvildanov, @​ndyakov

Full Changelog: redis/go-redis@v9.7.0...v9.7.1

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the security label Apr 3, 2025
@renovate renovate bot requested review from a team as code owners April 3, 2025 16:45
@renovate renovate bot requested review from jamengual and removed request for a team April 3, 2025 16:45
@renovate renovate bot enabled auto-merge (squash) April 3, 2025 16:45
@renovate renovate bot requested review from nitrocode and X-Guardian and removed request for a team April 3, 2025 16:45
@github-actions github-actions bot added the dependencies PRs that update a dependency file label Apr 3, 2025
@renovate renovate bot changed the title fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) - autoclosed Apr 3, 2025
@renovate renovate bot closed this Apr 3, 2025
auto-merge was automatically disabled April 3, 2025 17:12

Pull request was closed

@renovate renovate bot deleted the renovate/release-0.33-go-github.com-redis-go-redis-v9-vulnerability branch April 3, 2025 17:12
@renovate renovate bot changed the title fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) - autoclosed fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) Apr 3, 2025
@renovate renovate bot reopened this Apr 3, 2025
@renovate renovate bot force-pushed the renovate/release-0.33-go-github.com-redis-go-redis-v9-vulnerability branch from 1cf2148 to b2e8a52 Compare April 3, 2025 22:13
@renovate renovate bot enabled auto-merge (squash) April 3, 2025 23:12
@renovate renovate bot changed the title fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) - autoclosed Apr 4, 2025
@renovate renovate bot closed this Apr 4, 2025
auto-merge was automatically disabled April 4, 2025 07:15

Pull request was closed

@renovate renovate bot changed the title fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) - autoclosed fix(deps): update module github.com/redis/go-redis/v9 to v9.7.3 [security] (release-0.33) Apr 4, 2025
@renovate renovate bot reopened this Apr 4, 2025
@renovate renovate bot force-pushed the renovate/release-0.33-go-github.com-redis-go-redis-v9-vulnerability branch from 6dd8312 to b2e8a52 Compare April 4, 2025 10:35
@renovate renovate bot enabled auto-merge (squash) April 4, 2025 15:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@renovate-approve renovate-approve[bot] renovate-approve[bot] approved these changes

@jamengual jamengual Awaiting requested review from jamengual jamengual is a code owner automatically assigned from runatlantis/maintainers

@nitrocode nitrocode Awaiting requested review from nitrocode nitrocode is a code owner automatically assigned from runatlantis/core-contributors

@X-Guardian X-Guardian Awaiting requested review from X-Guardian X-Guardian is a code owner automatically assigned from runatlantis/core-contributors

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dependencies PRs that update a dependency file security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants