UbuntuUpdates.org

Package "valkey-server"

Name: valkey-server

Description:

Persistent key-value database with network interface

Latest version: 9.0.4-0ubuntu0.1
Release: resolute (26.04)
Level: proposed
Repository: main
Head package: valkey
Homepage: https://valkey.io

Links


Download "valkey-server"


Other versions of "valkey-server" in Resolute

Repository Area Version
base main 9.0.3-0ubuntu2
updates main 9.0.4-0ubuntu0.1

Changelog

Version: 9.0.4-0ubuntu0.1 2026-06-30 21:07:25 UTC

  valkey (9.0.4-0ubuntu0.1) resolute; urgency=medium

  * New upstream version 9.0.4 (LP: #2151296)
    - Security fixes:
      + CVE-2026-23479: Use-After-Free in unblock client flow.
      + CVE-2026-25243: Invalid Memory Access in RESTORE command.
      + CVE-2026-23631: Use-after-free when full sync occurs during a yielding
        Lua/function execution.

 -- Lena Voytek <email address hidden> Thu, 04 Jun 2026 09:35:02 -0400

2151296 Update Valkey to 7.2.13 in noble, 8.1.7 in questing, and 9.0.4 in resolute and stonking
CVE-2026-23479 Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from `pro
CVE-2026-25243 Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values
CVE-2026-23631 Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-repl

Version: *DELETED* 2026-04-16 18:38:34 UTC
No changelog for deleted or moved packages.

Version: 9.0.3-0ubuntu2 2026-04-16 01:09:27 UTC

  valkey (9.0.3-0ubuntu2) resolute; urgency=medium

  * Drop external liblzf inclusion (LP: #2148320).
    - d/rules: Remove external lzf linking.
    - d/control: Remove liblzf-dev build dependency.

 -- Lena Voytek <email address hidden> Tue, 14 Apr 2026 10:45:12 -0400

2148320 FFe: Remove liblzf1 universe dependency from valkey



About   -   Send Feedback to @ubuntu_updates