MGASA-2025-0211

Updated redis packages to a more recent version to fix security vulnerabilities: Some vulnerabilities have been discovered and fixed. Please note this update is from 7.0 to 7.2 which brings some potentially breaking changes. In most cases this update could be installed without problems. Potentially Breaking / Behavior Changes: * Client side tracking for scripts now tracks the keys that are read by the script instead of the keys that are declared by the caller of EVAL / FCALL (#11770) * Freeze time sampling during command execution and in scripts (#10300) * When a blocked command is being unblocked, checks like ACL, OOM, etc are re-evaluated (#11012) * Unify ACL failure error message text and error codes (#11160) * Blocked stream command that's released when key no longer exists carries a different error code (#11012) * Command stats are updated for blocked commands only when / if the command actually executes (#11012) * The way ACL users are stored internally no longer removes redundant command and category rules, which may alter the way those rules are displayed as part of ACL SAVE, ACL GETUSER and ACL LIST (#11224) * Client connections created for TLS-based replication use SNI if possible (#11458) * Stream consumers: Re-purpose seen-time, add active-time (#11099) * XREADGROUP and X[AUTO]CLAIM create the consumer regardless of whether it was able to perform some reading/claiming (#11099) * ACL default newly created user set sanitize-payload flag in ACL LIST/GETUSER #11279 * Fix HELLO command not to affect the client state unless successful (#11659) * Normalize NAN in replies to a single nan type, like we do with inf (#11597) * Cluster SHARD IDs are no longer visible in the cluster nodes output, introduced in 7.2-RC1. (#10536, #12166) * When calling PUBLISH with a RESP3 client that's also subscribed to the same channel, the order is changed and the reply is sent before the published message (#12326)