Redis 6.2.4

00-RELEASENOTES

@@ -11,6 +11,31 @@ CRITICAL: There is a critical bug affecting MOST USERS. Upgrade ASAP.
 SECURITY: There are security fixes in the release.
 --------------------------------------------------------------------------------
 
+================================================================================
+Redis 6.2.4 Released Tue July 1 12:00:00 IST 2021
+================================================================================
+
+Upgrade urgency: SECURITY, Contains fixes to security issues that affect
+authenticated client connections. MODERATE otherwise.
+
+Fix integer overflow in STRALGO LCS (CVE-2021-32625)
+An integer overflow bug in Redis version 6.0 or newer can be exploited using the
+STRALGO LCS command to corrupt the heap and potentially result with remote code
+execution. This is a result of an incomplete fix by CVE-2021-29477.
+
+Bug fixes that are only applicable to previous releases of Redis 6.2:
+* Fix crash after a diskless replication fork child is terminated (#8991)
+* Fix redis-benchmark crash on unsupported configs (#8916)
+
+Other bug fixes:
+* Fix crash in UNLINK on a stream key with deleted consumer groups (#8932)
+* SINTERSTORE: Add missing keyspace del event when none of the sources exist (#8949)
+* Sentinel: Fix CONFIG SET of empty string sentinel-user/sentinel-pass configs (#8958)
+* Enforce client output buffer soft limit when no traffic (#8833)
+
+Improvements:
+* Hide AUTH passwords in MIGRATE command from slowlog (#8859)
+
 ================================================================================
 Redis 6.2.3 Released Mon May 3 19:00:00 IST 2021
 ================================================================================

src/version.h

@@ -1,2 +1,2 @@
-#define REDIS_VERSION "6.2.3"
-#define REDIS_VERSION_NUM 0x00060203
+#define REDIS_VERSION "6.2.4"
+#define REDIS_VERSION_NUM 0x00060204