UbuntuUpdates.org

Package "valkey-redis-compat"

Name: valkey-redis-compat

Description:

Conversion script and compatibility symlinks for Redis
Latest version: 7.2.11+dfsg1-0ubuntu0.1
Release: noble (24.04)
Level: proposed
Repository: universe
Head package: valkey
Homepage: https://valkey.io

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "valkey-redis-compat"

All arch deb package
APT INSTALL

Other versions of "valkey-redis-compat" in Noble

Repository Area Version
security universe 7.2.8+dfsg1-0ubuntu0.24.04.2
updates universe 7.2.10+dfsg1-0ubuntu0.1

Changelog

Version: 7.2.11+dfsg1-0ubuntu0.1 2025-10-26 05:06:55 UTC

  valkey (7.2.11+dfsg1-0ubuntu0.1) noble; urgency=medium

  * New upstream version 7.2.11 (LP: #2127122)
    - Security fixes:
      + CVE-2025-49844: Lua script may lead to remote code execution.
      + CVE-2025-46817: Lua script may lead to int overflow and potential RCE.
      + CVE-2025-46818: Lua script can be executed in context of another user.
      + CVE-2025-46819: LUA out-of-bound read.
      + CVE-2025-49112: Integer underflow in setDeferredReply networking.c.
    - Bug fixes:
      + Ensure empty error tables in scripts don't crash Valkey.
      + Fix client tracking memory overhead calculation.
      + Fix assumptions that pthread functions set errno.
  * d/rules: Increase test timeout during build.

 -- Lena Voytek <email address hidden> Sat, 11 Oct 2025 23:49:31 -0400
2127122 Update Valkey to 7.2.11 in noble, 8.0.6 in plucky, and 8.1.4 in questing + resolute
CVE-2025-49844 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lu
CVE-2025-46817 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lu
CVE-2025-46818 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lu
CVE-2025-46819 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LU
CVE-2025-49112 setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size - prev->used.

Version: *DELETED* 2025-09-02 02:23:19 UTC
No changelog for deleted or moved packages.

Version: 7.2.10+dfsg1-0ubuntu0.1 2025-08-25 02:07:35 UTC

  valkey (7.2.10+dfsg1-0ubuntu0.1) noble; urgency=medium

  * New upstream version 7.2.10 (LP: #2115258)
    - Security fixes:
      + CVE-2025-21605: Allocation of Resources Without Limits or Throttling.
      + CVE-2025-32023: Out-of-bounds write during hyperloglog operations.
      + CVE-2025-48367: IP Protocol errors resulting in DoS.
      + CVE-2025-27151: AOF file name length not checked.
    - Bug fixes:
      + Only mark the client reprocessing flag when unblocked on keys.
      + Free module context even if there was no content written in auxsave2.
      + Fix Detect SSL_new() returning NULL in outgoing connections.
      + Correctly cast the extension lengths.
      + Fix cluster myself CLUSTER SLOTS/NODES wrong port after updating
        port/tls-port.
      + Fix replica can't finish failover when config epoch is outdated.
      + Fix CLIENT UNBLOCK ability to unpause paused clients.
      + Fix defrag crash when using FLUSHDB ASYNC in cluster mode.
      + Fix memory leak in forgotten node ping ext code path.
      + Fix module LatencyAddSample still work when latency-monitor-threshold
        is 0.
      + Fix raxRemove crash at memcpy() due to key size exceeds max Rax size.
      + Fix error "SSL routines::bad length" when connTLSWrite is called second
        time with smaller buffer.
      + Fix RANDOMKEY infinite loop during CLIENT PAUSE.
      + Fix adding samples to stream object consumer trees.
      + Fix panic in primary when blocking shutdown after previous block with
        timeout.
      + Fix incorrect lag reported in XINFO GROUPS.

 -- Lena Voytek <email address hidden> Tue, 24 Jun 2025 15:08:25 -0400
2115258 Update Valkey to 7.2.10 in noble, 8.0.4 in plucky, and 8.1.3 in questing
CVE-2025-21605 Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can caus
CVE-2025-32023 Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use
CVE-2025-48367 Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to cl
CVE-2025-27151 Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exi

Version: *DELETED* 2025-07-08 03:07:14 UTC
No changelog for deleted or moved packages.

Version: 7.2.8+dfsg1-0ubuntu0.24.04.3 2025-06-26 00:07:05 UTC

  valkey (7.2.8+dfsg1-0ubuntu0.24.04.3) noble; urgency=medium

  * d/valkey-redis-compat.postinst: Do not migrate on upgrade if redis files
    have already been migrated (LP: #2104217).

 -- Lena Voytek <email address hidden> Wed, 18 Jun 2025 16:58:33 -0400
2104217 Package upgrade reinstalls /etc/valkey/REDIS_MIGRATION


About   -   Send Feedback to @ubuntu_updates