This bug was fixed in the package valkey - 8.1.3+dfsg1-0ubuntu1
---------------
valkey (8.1.3+dfsg1-0ubuntu1) questing; urgency=medium
* New upstream version 8.1.3 (LP: #2115258)
- Security fixes:
+ CVE-2025-32023: Out-of-bounds write during hyperloglog operations.
+ CVE-2025-48367: IP Protocol errors resulting in DoS.
+ CVE-2025-27151: AOF file name length not checked.
- Bug fixes:
+ Fix missing response when AUTH is errored inside a transaction.
+ Properly escape double quotes and backslash in sdscatrepr.
+ Fix random element in skewed sparse hash table.
+ Only mark the client reprocessing flag when unblocked on keys.
+ Fix memory corruption in sharded pubsub unsubscribe.
+ Free module context even if there was no content written in auxsave2.
+ Detect SSL_new() returning NULL in outgoing connections.
+ Correctly cast the extension lengths.
+ Fix cluster myself CLUSTER SLOTS/NODES wrong port after updating
port/tls-port.
+ Fix replica can't finish failover when config epoch is outdated.
+ Fix CLIENT UNBLOCK ability to unpause paused clients.
* d/p/fix-8.1.x-multi-unit-test.patch: Fix multi unit test issue in new
version.
* d/p/0005-Incorporate-Redis-CVE-for-CVE-2025-27151-2146.patch: Remove- fixed
upstream in 8.1.2.
-- Lena Voytek <[email protected]> Mon, 07 Jul 2025 16:21:10
-0400
** Changed in: valkey (Ubuntu Questing)
Status: In Progress => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-27151
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-32023
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-48367
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2115258
Title:
Update Valkey to 7.2.10 in noble, 8.0.4 in plucky, and 8.1.3 in
questing
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/valkey/+bug/2115258/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
