From 59a0212315cd650fb71c348686d08ff3eaba698e Mon Sep 17 00:00:00 2001
From: Rohan Birtia <rohanbirtia@gmail.com>
Date: Wed, 8 Oct 2025 18:32:35 +0530
Subject: [PATCH] critical security fix redis

(CVE-2025-49844) A Lua script may lead to remote code execution
(CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE
(CVE-2025-46818) A Lua script can be executed in the context of another user
(CVE-2025-46819) LUA out-of-bound read
---
 image/base/install-redis | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/image/base/install-redis b/image/base/install-redis
index fddaf854b..bb6471bc7 100755
--- a/image/base/install-redis
+++ b/image/base/install-redis
@@ -2,8 +2,8 @@
 set -e
 
 # version check: https://redis.io/
-REDIS_VERSION=7.0.15
-REDIS_HASH="98066f5363504b26c34dd20fbcc3c957990d764cdf42576c836fc021073f4341"
+REDIS_VERSION=7.2.11
+REDIS_HASH="2f9886eca68d30114ad6a01da65631f8007d802fd3e6c9fac711251e6390323d"
 
 cd /tmp
 # Prepare Redis source.