UbuntuUpdates.org

Package "valkey"

Name: valkey

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Persistent key-value database with network interface (monitoring)
  • Persistent key-value database with network interface
  • Persistent key-value database with network interface (client)

Latest version: 9.0.4-0ubuntu0.1
Release: resolute (26.04)
Level: updates
Repository: main

Links



Other versions of "valkey" in Resolute

Repository Area Version
base main 9.0.3-0ubuntu2
proposed main 9.0.4-0ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 9.0.4-0ubuntu0.1 2026-07-08 19:08:28 UTC

  valkey (9.0.4-0ubuntu0.1) resolute; urgency=medium

  * New upstream version 9.0.4 (LP: #2151296)
    - Security fixes:
      + CVE-2026-23479: Use-After-Free in unblock client flow.
      + CVE-2026-25243: Invalid Memory Access in RESTORE command.
      + CVE-2026-23631: Use-after-free when full sync occurs during a yielding
        Lua/function execution.

 -- Lena Voytek <email address hidden> Thu, 04 Jun 2026 09:35:02 -0400

2151296 Update Valkey to 7.2.13 in noble, 8.1.7 in questing, and 9.0.4 in resolute and stonking
CVE-2026-23479 Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from `pro
CVE-2026-25243 Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values
CVE-2026-23631 Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-repl



About   -   Send Feedback to @ubuntu_updates