UbuntuUpdates.org

Package "valkey"

Name: valkey

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Persistent key-value database with network interface (monitoring)
  • Persistent key-value database with network interface
  • Persistent key-value database with network interface (client)
Latest version: 9.0.3-0ubuntu2
Release: resolute (26.04)
Level: base
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "valkey" in Resolute

Repository Area Version
proposed main 9.0.3-0ubuntu2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 9.0.3-0ubuntu1 2026-04-16 17:19:15 UTC

  valkey (9.0.3-0ubuntu1) resolute; urgency=medium

  * New upstream version 9.0.3 (LP: #2142590)
    - Security fixes:
        + CVE-2025-67733: RESP Protocol Injection via Lua error_reply.
        + CVE-2026-21863: Remote DoS with malformed Valkey Cluster bus message.
        + CVE-2026-27623: Reset request type after handling empty requests.
    - Bug fixes:
        + Avoid crash during MODULE UNLOAD when ACL rules reference a module
          command and subcommand.
        + Fix server assert on ACL LOAD when current user loses permission to
          channels.
        + Fix bug causing no response flush sometimes when IO threads are busy.

 -- Lena Voytek <email address hidden> Tue, 24 Feb 2026 08:20:13 -0500
Source diff to previous version
2142590 Update Valkey to 7.2.12 in noble, 8.1.6 in questing, and 9.0.3 in resolute
CVE-2025-67733 Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject
CVE-2026-21863 Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus
CVE-2026-27623 Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can

Version: 9.0.3-0ubuntu2 2026-04-16 15:59:23 UTC

  valkey (9.0.3-0ubuntu2) resolute; urgency=medium

  * Drop external liblzf inclusion (LP: #2148320).
    - d/rules: Remove external lzf linking.
    - d/control: Remove liblzf-dev build dependency.

 -- Lena Voytek <email address hidden> Tue, 14 Apr 2026 10:45:12 -0400
2148320 FFe: Remove liblzf1 universe dependency from valkey


About   -   Send Feedback to @ubuntu_updates