Redis - 7.0.0

Security

Upgrade urgency: SECURITY, contains fixes to security issues.

Security Fixes:
* (CVE-2022-24736) An attacker attempting to load a specially crafted Lua script
can cause NULL pointer dereference which will result with a crash of the
redis-server process. This issue affects all versions of Redis.
[reported by Aviv Yahav].
* (CVE-2022-24735) By exploiting weaknesses in the Lua script execution
environment, an attacker with access to Redis can inject Lua code that will
execute with the (potentially higher) privileges of another Redis user.
[reported by Aviv Yahav].

New Features

  • Keyspace event for new keys (#10512)

Command replies that have been extended

  • COMMAND DOCS shows deprecated_since field in command args (#10545)
  • COMMAND DOCS shows module name where applicable (#10544)

Potentially Breaking Changes

  • Replicas panic when they fail writing persistence (#10504)
  • Prevent cross slot operations in functions and scripts with shebang (#10615)
  • Rephrased some error responses about invalid commands or args (#10612)
  • Lua scripts do not have access to the print() function (#10651)

Performance and resource utilization improvements

  • Speed optimization in streams (#10574)
  • Speed optimization in command execution pipeline (#10502)
  • Speed optimization in listpack encoded sorted (#10486)
  • Speed optimization in latency tracking at INFO (relevant for 7.0 RCs) (#10606)
  • Speed optimization when there are many replicas (relevant for 7.0 RCs) (#10588)

New configuration options

  • Allow ignoring disk persistence errors on replicas (#10504)
  • Allow abort with panic when replica fails to execute a command sent by the master (#10504)
  • Allow configuring shutdown flags of SIGTERM and SIGINT (#10594)
  • Allow attaching an operating system-specific identifier to Redis sockets (#10349)

Module API changes

  • Add argument specifying ACL reason for module log entry (#10559)
    Breaking API compatibility with 7.0 RCs
  • Add the deprecated_since field in command args of COMMAND DOCS (#10545)
    Breaking API/ABI compatibility with 7.0 RCs
  • Add module API flag for using enum configs as bit flags (#10643)
  • Add RM_PublishMessageShard (#10543)
  • Add RM_MallocSizeString, RM_MallocSizeDict (#10542)
  • Add RM_TryAlloc (#10541)

Bug Fixes

  • Replica report disk persistence errors in PING (#10603)
  • Fixes around rejecting commands on replicas and AOF when they must be respected (#10603)
  • Durability fixes for appendfsync=always policy (#9678)

Fixes for issues in previous release candidates of Redis 7.0

  • Fix possible crash on CONFIG REWRITE (#10598)
  • Fix regression not aborting transaction on errors (#10612)
  • Fix auto-aof-rewrite-percentage based AOFRW trigger after restart (#10550)
  • Fix bugs when AOF enabled after startup, in case of failure before the first rewrite completes (#10616)
  • Fix RM_Yield module API bug processing future commands of the current client (#10573)

Details

date
April 27, 2022, 1:34 p.m.
name
7.0.0
type
Major
official page
https://github.com/redis/redis/releases/tag/7.0.0
👇
Register or login to:
  • 🔍View and search all Redis releases.
  • 🛠️Create and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • 🚀Much more coming soon!
Continue with GitHub
Continue with Google
or