** Description changed: This bug tracks an update for the Valkey package, moving to versions: * resolute (26.04) - 9.0.3 * questing (25.10) - 8.1.6 * noble (24.04) - 7.2.12 These updates include bug fixes following the SRU special case documentation at https://documentation.ubuntu.com/sru/en/latest/reference/exception- Valkey-Updates [Upstream changes] - CVE Fixes: All versions: (CVE-2025-67733) RESP Protocol Injection via Lua error_reply (CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message 9.0.x: (CVE-2026-27623) Reset request type after handling empty requests - Additional bug fixes: 9.0.3: https://github.com/valkey-io/valkey/pull/3160 https://github.com/valkey-io/valkey/pull/3182 https://github.com/valkey-io/valkey/pull/3205 - 8.1.6: + 8.1.5-8.1.6: https://github.com/valkey-io/valkey/pull/2944 https://github.com/valkey-io/valkey/pull/2983 https://github.com/valkey-io/valkey/pull/3005 https://github.com/valkey-io/valkey/pull/3160 https://github.com/valkey-io/valkey/pull/3182 https://github.com/valkey-io/valkey/pull/3205 + https://github.com/valkey-io/valkey/pull/1826 + https://github.com/valkey-io/valkey/pull/2753 + https://github.com/valkey-io/valkey/pull/2817 + https://github.com/valkey-io/valkey/pull/2840 + https://github.com/valkey-io/valkey/pull/2899 7.2.12 https://github.com/valkey-io/valkey/pull/2787 https://github.com/valkey-io/valkey/pull/2830 https://github.com/valkey-io/valkey/pull/3160 changelog - https://github.com/valkey-io/valkey/releases - TODO: Specifically note any backwards-incompatible changes or features - added by upstream and their announcements/release notes and relevant - commits. + Based on release notes and commit logs, I do not see any backwards- + incompatible changes that will affect users in the new versions. [Test Plan] TODO: Check DEP-8 and reverse-depends DEP-8 tests pass TODO: if there are any non passing tests - explain why that is ok in this case TODO: add results of an autopkgtest run against all the new versions [Regression Potential] Upstream has an extensive build and integration test suite. So regressions would likely arise from a change in interaction with Ubuntu- specific integrations. - Previous Backports: (LP: #2127122) (LP: #2097546) (LP: #2091129) (LP: #2115258)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2142590 Title: Update Valkey to 7.2.12 in noble, 8.1.6 in questing, and 9.0.3 in resolute To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/valkey/+bug/2142590/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
