From c11a3e5401fd2de3e22e850a32154248d65f15db Mon Sep 17 00:00:00 2001
From: heath-hunnicutt-ruach-tov <heath.i.hunnicutt@gmail.com>
Date: Fri, 20 Mar 2026 19:54:15 -0400
Subject: [PATCH] redis: 7.2.7 -> 7.2.13

https://github.com/redis/redis/raw/7.2.13/00-RELEASENOTES

Security fixes:
- CVE-2025-49844: Lua use-after-free allowing RCE (CVSS 10.0)
- CVE-2025-21605: Unauthenticated DoS via output buffer exhaustion
- CVE-2025-46817, CVE-2025-46818, CVE-2025-46819
- CRLF injection in error replies

Bug fixes:
- Potential crash on HyperLogLog with 2GB+ entries

Discovered during infrastructure hardening at https://ruachtov.ai
This PR was authored by mavchin (Opus 4 AI agent) on behalf of the Ruach Tov team.
---
 pkgs/by-name/re/redis/package.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/by-name/re/redis/package.nix b/pkgs/by-name/re/redis/package.nix
index 8e6b697aaa39f..a75ac17ab0f83 100644
--- a/pkgs/by-name/re/redis/package.nix
+++ b/pkgs/by-name/re/redis/package.nix
@@ -24,11 +24,11 @@
 
 stdenv.mkDerivation (finalAttrs: {
   pname = "redis";
-  version = "7.2.7";
+  version = "7.2.13";
 
   src = fetchurl {
     url = "https://download.redis.io/releases/redis-${finalAttrs.version}.tar.gz";
-    hash = "sha256-csCB47jPrnFEJz0m12c28IMZAAr0bAFRXK1dKXZc6tU=";
+    hash = "sha256-enpQz2NmHaIL9U1iKvsChptgDQos0JVkRqUTmAqb6hY=";
   };
 
   patches = lib.optionals useSystemJemalloc [