1 files changed, 83 insertions, 0 deletions
diff --git a/meta-oe/recipes-extended/redis/redis_8.0.6.bb b/meta-oe/recipes-extended/redis/redis_8.0.6.bb
new file mode 100644
index 0000000000..f6866747eb
--- /dev/null
+++ b/meta-oe/recipes-extended/redis/redis_8.0.6.bb
@@ -0,0 +1,83 @@
+SUMMARY = "Redis key-value store"
+DESCRIPTION = "Redis is an open source, advanced key-value store."
+HOMEPAGE = "http://redis.io"
+SECTION = "libs"
+LICENSE = "RSAL-2 | AGPL-3.0-only | SSPL-1"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=9f1da87999fb281d8a9e3e3b2d0403b4"
+DEPENDS = "readline lua ncurses"
+SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
+           file://redis.conf \
+           file://init-redis-server \
+           file://redis.service \
+           file://0001-hiredis-use-default-CC-if-it-is-set.patch \
+           file://0002-lua-update-Makefile-to-use-environment-build-setting.patch \
+           file://0003-hack-to-force-use-of-libc-malloc.patch \
+           file://0004-src-Do-not-reset-FINAL_LIBS.patch \
+           file://0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch \
+          "
+SRC_URI[sha256sum] = "6d0a9913887a4972536f9da226f1575859c34d86354129163260a5f9c6bd4229"
+RPROVIDES:${PN} = "virtual-redis"
+CVE_STATUS[CVE-2025-46686] = "disputed: upstream rejected because mitigating it would affect other functionality"
+inherit pkgconfig update-rc.d systemd useradd
+FINAL_LIBS:x86:toolchain-clang = "-latomic"
+FINAL_LIBS:riscv32 = "-latomic"
+FINAL_LIBS:mips = "-latomic"
+FINAL_LIBS:arm = "-latomic"
+FINAL_LIBS:powerpc = "-latomic"
+export FINAL_LIBS
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM:${PN}  = "--system --home-dir /var/lib/redis -g redis --shell /bin/false redis"
+GROUPADD_PARAM:${PN} = "--system redis"
+PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
+PACKAGECONFIG[systemd] = "USE_SYSTEMD=yes,USE_SYSTEMD=no,systemd"
+EXTRA_OEMAKE += "${PACKAGECONFIG_CONFARGS}"
+TARGET_LDFLAGS:append = " ${DEBUG_PREFIX_MAP}"
+do_compile:prepend() {
+    oe_runmake -C deps hdr_histogram fpconv hiredis lua linenoise
+}
+do_install() {
+    export PREFIX=${D}/${prefix}
+    oe_runmake install
+    install -d ${D}/${sysconfdir}/redis
+    install -m 0644 ${UNPACKDIR}/redis.conf ${D}/${sysconfdir}/redis/redis.conf
+    install -d ${D}/${sysconfdir}/init.d
+    install -m 0755 ${UNPACKDIR}/init-redis-server ${D}/${sysconfdir}/init.d/redis-server
+    install -d ${D}/var/lib/redis/
+    chown redis.redis ${D}/var/lib/redis/
+    install -d ${D}${systemd_system_unitdir}
+    install -m 0644 ${UNPACKDIR}/redis.service ${D}${systemd_system_unitdir}
+    sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${systemd_system_unitdir}/redis.service
+    if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+        sed -i 's!daemonize yes!# daemonize yes!' ${D}/${sysconfdir}/redis/redis.conf
+        sed -i 's!supervised no!supervised systemd!' ${D}/${sysconfdir}/redis/redis.conf
+    fi
+}
+CONFFILES:${PN} = "${sysconfdir}/redis/redis.conf"
+INITSCRIPT_NAME = "redis-server"
+INITSCRIPT_PARAMS = "defaults 87"
+SYSTEMD_SERVICE:${PN} = "redis.service"
+CVE_STATUS[CVE-2022-3734] = "not-applicable-platform: CVE only applies for Windows."
+# The vulnerability originates from Debian's packaging methodology,
+# which loads system-wide Lua libraries (lua-cjson, lua-cmsgpack),
+# enabling Lua sandbox escape. Upstream Redis builds, including
+# those built by Yocto/OpenEmbedded, utilize embedded Lua from the
+# deps/ directory and are therefore not affected by this issue.
+CVE_STATUS[CVE-2022-0543] = "not-applicable-config: Debian-specific packaging issue caused by loading system-wide Lua libraries; upstream builds use embedded Lua and are not affected"

diff --git a/meta-oe/recipes-extended/redis/redis_8.0.6.bb b/meta-oe/recipes-extended/redis/redis_8.0.6.bb new file mode 100644 index 0000000000..f6866747eb --- /dev/null +++ b/meta-oe/recipes-extended/redis/redis_8.0.6.bb
@@ -0,0 +1,83 @@
	1	SUMMARY = "Redis key-value store"
	2	DESCRIPTION = "Redis is an open source, advanced key-value store."
	3	HOMEPAGE = "http://redis.io"
	4	SECTION = "libs"
	5	LICENSE = "RSAL-2 \| AGPL-3.0-only \| SSPL-1"
	6	LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=9f1da87999fb281d8a9e3e3b2d0403b4"
	7	DEPENDS = "readline lua ncurses"
	8
	9	SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
	10	file://redis.conf \
	11	file://init-redis-server \
	12	file://redis.service \
	13	file://0001-hiredis-use-default-CC-if-it-is-set.patch \
	14	file://0002-lua-update-Makefile-to-use-environment-build-setting.patch \
	15	file://0003-hack-to-force-use-of-libc-malloc.patch \
	16	file://0004-src-Do-not-reset-FINAL_LIBS.patch \
	17	file://0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch \
	18	"
	19	SRC_URI[sha256sum] = "6d0a9913887a4972536f9da226f1575859c34d86354129163260a5f9c6bd4229"
	20
	21	RPROVIDES:${PN} = "virtual-redis"
	22
	23	CVE_STATUS[CVE-2025-46686] = "disputed: upstream rejected because mitigating it would affect other functionality"
	24
	25	inherit pkgconfig update-rc.d systemd useradd
	26
	27	FINAL_LIBS:x86:toolchain-clang = "-latomic"
	28	FINAL_LIBS:riscv32 = "-latomic"
	29	FINAL_LIBS:mips = "-latomic"
	30	FINAL_LIBS:arm = "-latomic"
	31	FINAL_LIBS:powerpc = "-latomic"
	32
	33	export FINAL_LIBS
	34
	35	USERADD_PACKAGES = "${PN}"
	36	USERADD_PARAM:${PN} = "--system --home-dir /var/lib/redis -g redis --shell /bin/false redis"
	37	GROUPADD_PARAM:${PN} = "--system redis"
	38
	39	PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
	40	PACKAGECONFIG[systemd] = "USE_SYSTEMD=yes,USE_SYSTEMD=no,systemd"
	41
	42	EXTRA_OEMAKE += "${PACKAGECONFIG_CONFARGS}"
	43
	44	TARGET_LDFLAGS:append = " ${DEBUG_PREFIX_MAP}"
	45
	46	do_compile:prepend() {
	47	oe_runmake -C deps hdr_histogram fpconv hiredis lua linenoise
	48	}
	49
	50	do_install() {
	51	export PREFIX=${D}/${prefix}
	52	oe_runmake install
	53	install -d ${D}/${sysconfdir}/redis
	54	install -m 0644 ${UNPACKDIR}/redis.conf ${D}/${sysconfdir}/redis/redis.conf
	55	install -d ${D}/${sysconfdir}/init.d
	56	install -m 0755 ${UNPACKDIR}/init-redis-server ${D}/${sysconfdir}/init.d/redis-server
	57	install -d ${D}/var/lib/redis/
	58	chown redis.redis ${D}/var/lib/redis/
	59
	60	install -d ${D}${systemd_system_unitdir}
	61	install -m 0644 ${UNPACKDIR}/redis.service ${D}${systemd_system_unitdir}
	62	sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${systemd_system_unitdir}/redis.service
	63
	64	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
	65	sed -i 's!daemonize yes!# daemonize yes!' ${D}/${sysconfdir}/redis/redis.conf
	66	sed -i 's!supervised no!supervised systemd!' ${D}/${sysconfdir}/redis/redis.conf
	67	fi
	68	}
	69
	70	CONFFILES:${PN} = "${sysconfdir}/redis/redis.conf"
	71
	72	INITSCRIPT_NAME = "redis-server"
	73	INITSCRIPT_PARAMS = "defaults 87"
	74
	75	SYSTEMD_SERVICE:${PN} = "redis.service"
	76
	77	CVE_STATUS[CVE-2022-3734] = "not-applicable-platform: CVE only applies for Windows."
	78	# The vulnerability originates from Debian's packaging methodology,
	79	# which loads system-wide Lua libraries (lua-cjson, lua-cmsgpack),
	80	# enabling Lua sandbox escape. Upstream Redis builds, including
	81	# those built by Yocto/OpenEmbedded, utilize embedded Lua from the
	82	# deps/ directory and are therefore not affected by this issue.
	83	CVE_STATUS[CVE-2022-0543] = "not-applicable-config: Debian-specific packaging issue caused by loading system-wide Lua libraries; upstream builds use embedded Lua and are not affected"