Release Notes
Announcements
Minor Version | Category | New/Optimizations/Fixes |
7.1.3 | Performance optimization | Optimize the timeout handling mechanism of the cluster Slot scan task to improve the operational stability of the cluster in high load scenarios. |
| | Optimize the cluster state calculation logic when adding arbitration nodes to ensure the accuracy of cluster size information. |
7.1.2 | Security Fixes | Fixed CVE-2026-21863: Remote Denial of Service vulnerability caused by malicious cluster bus messages. |
| | Fixed CVE-2025-67733: RESP protocol injection vulnerability via Lua error_reply. |
7.1.1 | New Features | Support dual-channel replication, using independent data transmission channels between primary/secondary nodes. During full synchronization, it does not affect incremental data synchronization, significantly shortening the full synchronization time. |
| | Dual-channel replication supports disk logging mode. During full synchronization, replica nodes store incremental data on disk rather than in memory, effectively reducing the memory pressure on replica nodes. |
7.1.0 | New Features | Supports the client redirection feature. In scenarios such as instance version upgrade or data migration, the system can automatically redirect client connections from the old instance to the new instance, without the need for businesses to modify connection configurations or restart applications, achieving seamless and smooth migration and version upgrade. |
7.0.26 | New Features | Supports the safe shutdown feature, ensuring the completion of data persistence when an instance is disabled to mitigate the risk of data loss. |
| | Supports automatically preventing key expiration and memory eviction during data synchronization to ensure the integrity of data migration. |
| | Supports asynchronous handshake authentication for cluster nodes, enhancing cluster security. |
7.0.25 | Security Fixes | Fixed CVE-2025-49844: Lua Use-After-Free remote code execution vulnerability. |
| | Fixed CVE-2025-46817: Integer overflow in Lua library commands that could lead to remote code execution vulnerability. |
| | Fixed CVE-2025-46818: User authentication vulnerability in Lua functions. |
| | Fixed CVE-2025-46819: Lua out-of-bounds read vulnerability. |
7.0.24 | Security Fixes | Fixed CVE-2025-27151: AOF filename length verification vulnerability. |
| | Fixed CVE-2025-32023: Out-of-bounds write in HyperLogLog commands that could lead to remote code execution vulnerability. |
| | Fixed CVE-2025-48367: Improper handling of connection errors that could lead to denial of service vulnerability. |
| Security Fixes | Fixed CVE-2025-21605: Unauthenticated client abuse that could lead to unbounded growth of the output buffer, resulting in a denial of service vulnerability. |
| New Features | Added OOM statistics for client input/output buffers to facilitate monitoring of client memory usage. |
| Performance optimization | Optimized CLUSTER RESET to execute asynchronously, minimizing service blocking during reset. |
7.0.22 | Security Fixes | Fixed CVE-2024-46981: Lua use-after-free vulnerability that could lead to remote code execution. |
7.0.20 | Security Fixes | Fixed CVE-2024-31449: Stack-based buffer overflow in Lua bit.tohex that could lead to remote code execution. |
| | Fixed CVE-2024-31228: Abuse of string pattern matching that could lead to a denial of service vulnerability. |
| | Fixed CVE-2024-31227: Malicious selectors in ACL SETUSER that could lead to a denial of service vulnerability. |
7.0.19 | New Features | Supports FIFO LRU eviction policy for Lua scripts. When the number of script caches reaches the upper limit, it automatically evicts the earliest unused scripts to avoid excessive memory usage. |
| | Added OOM (out-of-memory) checks when Lua scripts are executed to prevent script execution from causing instance memory exhaustion. |
| | Supports reserving additional memory for internal buffers to prevent actual memory usage from exceeding the maximum limit. |
| | Prevent Lua error_reply abuse to avoid unbounded growth of errorstats, ensuring monitoring data accuracy. |
| Performance optimization | Optimize the time consumption for failover after master node downtime, reducing high availability switchover time. |
7.0.18 | New Features | Supports controlling log output during the rehash process. |
7.0.16 | Performance optimization | Reserves additional file descriptors for connection management to enhance stability in high-concurrency scenarios. |
7.0.15 | New Features | Tencent Cloud's first distributed caching cloud database based on Redis community edition and compatible with Redis 7.0. |
Minor Version | Category | New/Optimizations/Fixes |
6.2.16 | New Features | Support dual-channel replication, using independent data transmission channels between primary/secondary nodes. During full synchronization, it does not affect incremental data synchronization, significantly shortening the full synchronization time. |
| | Supports staging replication data to disk during replica synchronization to significantly reduce memory pressure. |
| | The replication backlog buffer and replicas utilize a globally shared replication buffer, enabling multiple replicas to share the same backlog data, effectively reducing the memory usage of the master node. |
6.2.15 | Performance optimization | Optimizing the key eviction policy during data synchronization to reduce unnecessary data loss risks. |
6.2.14 | New Features | Supports the client eviction feature, which automatically evicts client connections that consume excessive memory when client memory usage exceeds the configured threshold, ensuring the availability of instance memory. |
| | Supports the safe shutdown feature, ensuring the completion of data persistence when an instance is disabled to mitigate the risk of data loss. |
| | Supports automatically avoiding key expiration and memory eviction during data synchronization to ensure the integrity of data migration. |
| | Supports asynchronous handshake authentication for cluster nodes, enhancing cluster security. |
| Performance optimization | Optimizes the index positioning algorithm for the List data structure, supporting automatic selection to initiate the search from the nearest end based on the target index position, effectively reducing traversal steps and improving access performance for List-type data. |
6.2.13 | Security Fixes | Fixed CVE-2025-49844: Lua Use-After-Free remote code execution vulnerability. |
| | Fixed CVE-2025-46817: Integer overflow in Lua library commands that could lead to remote code execution vulnerability. |
| | Fixed CVE-2025-46818: User authentication vulnerability in Lua functions. |
| | Fixed CVE-2025-46819: Lua out-of-bounds read vulnerability. |
6.2.12 | Security Fixes | Fixed CVE-2025-32023: Out-of-bounds write in HyperLogLog commands that could lead to remote code execution vulnerability. |
| | Fixed CVE-2025-48367: Improper handling of connection errors that could lead to denial of service vulnerability. |
6.2.11 | Security Fixes | Fixed CVE-2025-21605: Unauthenticated client abuse that could lead to unbounded growth of the output buffer, resulting in a denial of service vulnerability. |
| | Fixed CVE-2023-25155: Integer overflow vulnerability in RAND commands. |
| New Features | Improved the performance of progressive rehash in high-load scenarios. |
| | Added the lazyfree-lazy-user-del configuration item. After you enable it, the DEL command will asynchronously free memory to avoid blocking the service when big keys are deleted. |
| | Restrict the storage directory for RDB/AOF files to enhance data security. |
| | Support viewing the number of asynchronously freed objects via the INFO command. |
| | Enable security control for protected configurations and sensitive commands. |
| Improved performance | Optimized the execution performance of the CLUSTER SLOTS command. |
6.2.10 | New Features | COPY command supports Multi-DB and removes the database limitation in cluster mode. |
| Security Fixes | Fixed CVE-2024-46981: Lua use-after-free remote code execution vulnerability. |
6.2.9 | Security Fixes | Fixed CVE-2024-31449: Stack-based buffer overflow in Lua bit.tohex that could lead to remote code execution. |
| Security Fixes | Fixed CVE-2022-36021: Denial-of-service vulnerability caused by crafted patterns in string matching commands exhausting CPU. |
| Security Fixes | Fixed CVE-2024-31228: Abuse of string pattern matching that could lead to a denial of service vulnerability. |
6.2.8 | New Features | Supports FIFO LRU eviction policy for Lua scripts. When the number of script caches reaches the upper limit, it automatically evicts the earliest unused scripts to avoid excessive memory usage. |
| New Features | Added OOM (out-of-memory) checks when Lua scripts are executed to prevent script execution from causing instance memory exhaustion. |
| New Features | Supports reserving additional memory for internal buffers to prevent actual memory usage from exceeding the maximum limit. |
| New Features | Prevent Lua error_reply abuse to avoid unbounded growth of errorstats, ensuring monitoring data accuracy. |
| Performance optimization | Optimized memory defragmentation capability to improve defragmentation efficiency. |
| Performance optimization | The SCRIPT FLUSH command has been changed to execute asynchronously, preventing blocking of business requests. |
| Performance optimization | Optimize the time consumption for failover after master node downtime, reducing high availability switchover time. |
6.2.7 | New Features | Supports controlling log output during the rehash process. |
6.2.5 | New Features | Tencent Cloud's first-ever distributed caching cloud database based on Redis community edition and compatible with Redis 6.2. |
| | Supported the multi-DB feature. Up to 256 DBs were supported. |
| | Supported performing rehash operations during maintenance. |
Minor Version | Category | New/Optimizations/Fixes |
5.2.17 | Performance optimization | Optimizing the key eviction policy during data synchronization to reduce unnecessary data loss risks. |
5.2.16 | New Features | Supports the client eviction feature, which automatically evicts client connections that consume excessive memory when client memory usage exceeds the configured threshold, ensuring the availability of instance memory. |
| New Features | Supports the safe shutdown feature, ensuring the completion of data persistence when an instance is disabled to mitigate the risk of data loss. |
| New Features | During data synchronization, automatic avoidance of key expiration and memory eviction is supported to ensure data migration integrity. |
| New Features | Supports asynchronous handshake authentication for cluster nodes, enhancing cluster security. |
| Performance optimization | Optimizes the index positioning algorithm for the List data structure, supporting automatic selection to initiate the search from the nearest end based on the target index position, effectively reducing traversal steps and improving access performance for List-type data. |
| Security Fixes | Fixed CVE-2023-45145: Race condition vulnerability in Unix socket listening permissions. |
| Security Fixes | Fixed CVE-2021-32626: Memory write vulnerability caused by Lua script stack overflow. |
| Security Fixes | Fixed CVE-2021-21309: Integer overflow vulnerability. |
5.2.15 | Security Fixes | Fixed CVE-2025-46819: Lua out-of-bounds read vulnerability. |
| Security Fixes | Fixed CVE-2025-46818: User authentication vulnerability in Lua functions. |
| Security Fixes | Fixed CVE-2025-46817: Integer overflow in Lua library commands that could lead to remote code execution vulnerability. |
| Security Fixes | Fixed CVE-2025-49844: Lua Use-After-Free remote code execution vulnerability. |
5.2.14 | New Features | Supports controlling whether replica nodes respond to read requests when data synchronization is not complete. |
| | Supports performing BITFIELD operations on read-only replicas. |
| Security Fixes | Fixed CVE-2025-48367: Improper handling of connection errors that could lead to denial-of-service vulnerability. |
| | Fixed CVE-2025-32023: Out-of-bounds write in HyperLogLog commands that could lead to remote code execution vulnerability. |
5.2.13 | New Features | Added the lazyfree-lazy-user-del configuration item. After you enable it, the DEL command will asynchronously free memory to avoid blocking the service when big keys are deleted. |
| New Features | Restrict the storage directory for RDB/AOF files to enhance data security. |
| New Features | Support viewing the number of asynchronously freed objects via the INFO command. |
| New Features | Enable security control for protected configurations and sensitive commands. |
| Performance optimization | Optimized the execution performance of the CLUSTER SLOTS command. |
| Security Fixes | Fixed CVE-2021-3470: Vulnerability caused by incorrect assumption in memory allocation function. |
| Security Fixes | Fixed CVE-2021-32761: Overflow vulnerability in the BITFIELD command family on 32-bit systems. |
| Security Fixes | Fixed CVE-2023-25155: Integer overflow vulnerability in RAND commands. |
| Security Fixes | Fixed CVE-2025-21605: Denial-of-service vulnerability caused by unauthenticated clients abusing the system, leading to unbounded growth of output buffers. |
5.2.12 | Security Fixes | Fixed CVE-2024-46981: Lua use-after-free remote code execution vulnerability. |
5.2.11 | Security Fixes | Fixed CVE-2024-31449: Stack-based buffer overflow in Lua bit.tohex that could lead to remote code execution. |
| Security Fixes | Fixed CVE-2024-31228: Abuse of string pattern matching that could lead to a denial of service vulnerability. |
5.2.10 | New Features | Supports FIFO LRU eviction policy for Lua scripts. When the number of script caches reaches the upper limit, it automatically evicts the earliest unused scripts to avoid excessive memory usage. |
| New Features | Added OOM (out-of-memory) checks when Lua scripts are executed to prevent script execution from causing instance memory exhaustion. |
| Performance optimization | Optimized memory defragmentation capability to improve defragmentation efficiency. |
| Performance optimization | The SCRIPT FLUSH command has been changed to execute asynchronously, preventing blocking of business requests. |
| Performance optimization | Optimize the time consumption for failover after master node downtime, reducing high availability switchover time. |
5.2.9 | New Features | Supports controlling log output during the rehash process. |
5.2.8 | Security Fixes | Fixed CVE-2022-36021: Denial-of-service vulnerability caused by crafted patterns in string matching commands exhausting CPU. |
| Security Fixes | Fixed CVE-2022-35977: Out-of-memory (OOM) vulnerability caused by integer overflow in SETRANGE/SORT commands. |
5.2.7 | New Features | Supported performing rehash operations during maintenance. |
5.2.0 | New Features | Supports the multi-DB feature. A single instance can support up to 256 DBs (databases), facilitating data isolation and management. |
| Performance optimization | Handling time-consuming memory statistics operations asynchronously to avoid blocking the main thread, effectively ensuring low-latency responses under high concurrency. |
Minor Version | Category | New/Optimizations/Fixes |
4.3.18 | Performance optimization | Optimizing the key eviction policy during data synchronization to reduce unnecessary data loss risks. |
4.3.17 | New Features | Supports the client eviction feature, which automatically evicts client connections that consume excessive memory when client memory usage exceeds the configured threshold, ensuring the availability of instance memory. |
| | Supports the safe shutdown feature, ensuring the completion of data persistence when an instance is disabled to mitigate the risk of data loss. |
| | During data synchronization, automatic avoidance of key expiration and memory eviction is supported to ensure data migration integrity. |
| | Supports asynchronous handshake authentication for cluster nodes, enhancing cluster security. |
| Performance optimization | Optimizes the index positioning algorithm for the List data structure, supporting automatic selection to initiate the search from the nearest end based on the target index position, effectively reducing traversal steps and improving access performance for List-type data. |
| Security Fixes | Fixed CVE-2023-45145: Race condition vulnerability in Unix socket listening permissions. |
| | Fixed CVE-2021-32626: Memory write vulnerability caused by Lua script stack overflow. |
| | Fixed CVE-2021-21309: Integer overflow vulnerability. |
4.3.16 | Security Fixes | Fixed CVE-2025-46819: Lua out-of-bounds read vulnerability. |
| | Fixed CVE-2025-46818: User authentication vulnerability in Lua functions. |
| | Fixed CVE-2025-46817: Integer overflow in Lua library commands that could lead to remote code execution vulnerability. |
| | Fixed CVE-2025-49844: Lua Use-After-Free remote code execution vulnerability. |
4.3.15 | New Features | Added the BITFIELD_RO read-only operation command, which supports executing BITFIELD operations on read-only replicas. |
| New Features | Supports controlling whether replica nodes respond to read requests when data synchronization is not complete. |
| Security Fixes | Fixed CVE-2025-48367: Improper handling of connection errors that could lead to denial-of-service vulnerability. |
| Security Fixes | Fixed CVE-2025-32023: Out-of-bounds write in HyperLogLog commands that could lead to remote code execution vulnerability. |
4.3.14 | New Features | Added the lazyfree-lazy-user-del configuration item. After you enable it, the DEL command will asynchronously free memory to avoid blocking the service when big keys are deleted. |
| New Features | Restrict the storage directory for RDB/AOF files to enhance data security. |
| New Features | Support viewing the number of asynchronously freed objects via the INFO command. |
| New Features | Enable security control for protected configurations and sensitive commands. |
| Performance optimization | Optimized the execution performance of the CLUSTER SLOTS command. |
| Security Fixes | Fixed CVE-2021-3470: Vulnerability caused by incorrect assumption in memory allocation function. |
| Security Fixes | Fixed CVE-2021-32761: Overflow vulnerability in the BITFIELD command family on 32-bit systems. |
| Security Fixes | Fixed CVE-2023-25155: Integer overflow vulnerability in RAND commands. |
| Security Fixes | Fixed CVE-2025-21605: Denial-of-service vulnerability caused by unauthenticated clients abusing the system, leading to unbounded growth of output buffers. |
4.3.13 | Security Fixes | Fixed CVE-2024-46981: Lua use-after-free remote code execution vulnerability. |
4.3.12 | Security Fixes | Fixed CVE-2024-31449: Stack-based buffer overflow in Lua bit.tohex that could lead to remote code execution. |
| Security Fixes | Fixed CVE-2024-31228: Abuse of string pattern matching that could lead to a denial of service vulnerability. |
4.3.11 | New Features | Supports FIFO LRU eviction policy for Lua scripts. When the number of script caches reaches the upper limit, it automatically evicts the earliest unused scripts to avoid excessive memory usage. |
| New Features | Added OOM (out-of-memory) checks when Lua scripts are executed to prevent script execution from causing instance memory exhaustion. |
| Performance optimization | Optimized memory defragmentation capability to improve defragmentation efficiency. |
| Performance optimization | The SCRIPT FLUSH command has been changed to execute asynchronously, preventing blocking of business requests. |
| Performance optimization | Optimize the time consumption for failover after master node downtime, reducing high availability switchover time. |
4.3.10 | New Features | Supports controlling log output during the rehash process. |
4.3.9 | Security Fixes | Fixed CVE-2022-36021: A denial-of-service vulnerability where crafted patterns in string matching commands (SCAN/KEYS) could exhaust CPU resources. |
| Security Fixes | Fixed CVE-2022-35977: Out-of-memory (OOM) vulnerability caused by integer overflow in SETRANGE/SORT commands. |
4.3.8 | New Features | Supported performing rehash operations during maintenance. |
4.3.0 | New Features | Supports the multi-DB feature, with a single instance supporting up to 256 DBs for data isolation and management. |
| | Changed the default broadcast mode to non-broadcast mode, effectively reducing network communication overhead and resource consumption within the cluster. |
| Performance optimization | Optimized the fault discovery mechanism. When a replica node detects an abnormal condition, it can proactively send a notification to the cluster, significantly shortening the discovery and switchover time of faulty nodes. |
| Performance optimization | Handling time-consuming memory statistics operations asynchronously to avoid blocking the main thread, effectively ensuring low-latency responses under high concurrency. |
피드백