UbuntuUpdates.org

Package "valkey"

Name: valkey

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Persistent key-value database with network interface (monitoring)
  • Persistent key-value database with network interface
  • Persistent key-value database with network interface (client)
Latest version: 9.0.3-0ubuntu2
Release: resolute (26.04)
Level: base
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "valkey" in Resolute

No other version of this package is available in the Resolute release.

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 9.0.3-0ubuntu1 2026-04-16 17:19:15 UTC

  valkey (9.0.3-0ubuntu1) resolute; urgency=medium

  * New upstream version 9.0.3 (LP: #2142590)
    - Security fixes:
        + CVE-2025-67733: RESP Protocol Injection via Lua error_reply.
        + CVE-2026-21863: Remote DoS with malformed Valkey Cluster bus message.
        + CVE-2026-27623: Reset request type after handling empty requests.
    - Bug fixes:
        + Avoid crash during MODULE UNLOAD when ACL rules reference a module
          command and subcommand.
        + Fix server assert on ACL LOAD when current user loses permission to
          channels.
        + Fix bug causing no response flush sometimes when IO threads are busy.

 -- Lena Voytek <email address hidden> Tue, 24 Feb 2026 08:20:13 -0500
Source diff to previous version
2142590 Update Valkey to 7.2.12 in noble, 8.1.6 in questing, and 9.0.3 in resolute
CVE-2025-67733 Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject
CVE-2026-21863 Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus
CVE-2026-27623 Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can

Version: 9.0.3-0ubuntu2 2026-04-16 15:59:23 UTC

  valkey (9.0.3-0ubuntu2) resolute; urgency=medium

  * Drop external liblzf inclusion (LP: #2148320).
    - d/rules: Remove external lzf linking.
    - d/control: Remove liblzf-dev build dependency.

 -- Lena Voytek <email address hidden> Tue, 14 Apr 2026 10:45:12 -0400
2148320 FFe: Remove liblzf1 universe dependency from valkey


About   -   Send Feedback to @ubuntu_updates