redis

Update docker.io/redis Docker tag to v8.2.3

Michi Kofler-Häusler

Michi Kofler-Häusler

2 min read
Update docker.io/redis Docker tag to v8.2.3
Photo by Silas Köhler / Unsplash

Successfully upgraded the Docker container on the Database Host by means of Watchtower container with dependency update facilitated by Mend's Renovate Bot and on the Mastodon instance manually with Docker compose.

This MR contains the following updates:

Package Update Change
docker.io/redis patch 8.2.1-alpine -> 8.2.3-alpine

Release Notes

redis/redis (docker.io/redis)

v8.2.3

Compare Source

Update urgency: SECURITY: There is a security fix in the release.

Security fixes
  • (CVE-2025-62507) XACKDEL - potential stack overflow and RCE
Bug fixes
  • HGETEX - potential crash when FIELDS is used and numfields is missing
  • Potential crash on HyperLogLog with 2GB+ entries
  • Cuckoo filter - Division by zero in Cuckoo filter insertion
  • Cuckoo filter - Counter overflow
  • Bloom filter - Arbitrary memory read/write with invalid filter
  • Bloom filter - Out-of-bounds access with empty chain
  • Bloom filter - Restore invalid filter [We thank AWS security for responsibly disclosing this security bug]
  • Top-k - Out-of-bounds access

v8.2.2

Compare Source

Update urgency: SECURITY: There are security fixes in the release

Security fixes
  • (CVE-2025-49844) A Lua script may lead to remote code execution
  • (CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE
  • (CVE-2025-46818) A Lua script can be executed in the context of another user
  • (CVE-2025-46819) LUA out-of-bound read
New Features
  • #​14223 VSIM: new EPSILON argument to specify maximum distance
  • #Q6867, #​6845 SVS-VAMANA: allow use of BUILD_INTEL_SVS_OPT flag for Intel optimisations (MOD-10920)
Bug fixes
  • #​14319 Potential crash on Lua script defrag
  • #​14323 Potential crash on streams and HFE defrag
  • #​14330 Potential use-after-free after pubsub and Lua defrag
  • #​14288 MEMORY USAGE: fix reported value
  • #​14259 XGROUP CREATE, XGROUP SETID: limit ENTRIESREAD value to the number of entries added to the stream
  • #J1374 JSON.DEL doesn’t delete all matching object members / array elements (MOD-11032, MOD-11067)
  • #P886 TDIGEST.CREATE crashes (OOM) on huge initialization values (MOD-10840)
  • #Q6787 Potential shard restart while reindexing vectors on RDB loading (MOD-11011)
  • #Q6676 Potential crash when using small CONSTRUCTION_WINDOW_SIZE on SVS-VAMANA (MOD-10771)
  • #Q6701 Potential crash (OOM) in heavy updates due to a file descriptor leak (MOD-10975)
  • #Q6723 Potential crash when using ACL rules (MOD-10748)
  • #Q6641 INFO SEARCH: search_used_memory_indexes vector index memory value incorrect
  • #Q6665 FT.PROFILE: more accurate execution duration measurements (MOD-10622)
Performance and resource utilization
  • #Q6648 Improve RESP3 serialization performance (MOD-9687)
Metrics
  • #Q6671 INFO SEARCH: new SVS-VAMANA metrics

Read more

Me on Mastodon - This link is here for verification purposes.