[ubuntu/noble-updates] valkey 7.2.10+dfsg1-0ubuntu0.1 (Accepted)

[Andreas Hasenack]

valkey (7.2.10+dfsg1-0ubuntu0.1) noble; urgency=medium

  * New upstream version 7.2.10 (LP: #2115258)
    - Security fixes:
      + CVE-2025-21605: Allocation of Resources Without Limits or Throttling.
      + CVE-2025-32023: Out-of-bounds write during hyperloglog operations.
      + CVE-2025-48367: IP Protocol errors resulting in DoS.
      + CVE-2025-27151: AOF file name length not checked.
    - Bug fixes:
      + Only mark the client reprocessing flag when unblocked on keys.
      + Free module context even if there was no content written in auxsave2.
      + Fix Detect SSL_new() returning NULL in outgoing connections.
      + Correctly cast the extension lengths.
      + Fix cluster myself CLUSTER SLOTS/NODES wrong port after updating
        port/tls-port.
      + Fix replica can't finish failover when config epoch is outdated.
      + Fix CLIENT UNBLOCK ability to unpause paused clients.
      + Fix defrag crash when using FLUSHDB ASYNC in cluster mode.
      + Fix memory leak in forgotten node ping ext code path.
      + Fix module LatencyAddSample still work when latency-monitor-threshold
        is 0.
      + Fix raxRemove crash at memcpy() due to key size exceeds max Rax size.
      + Fix error "SSL routines::bad length" when connTLSWrite is called second
        time with smaller buffer.
      + Fix RANDOMKEY infinite loop during CLIENT PAUSE.
      + Fix adding samples to stream object consumer trees.
      + Fix panic in primary when blocking shutdown after previous block with
        timeout.
      + Fix incorrect lag reported in XINFO GROUPS.

Date: 2025-07-16 14:14:10.634682+00:00
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Signed-By: Andreas Hasenack <andreas.hasenack at canonical.com>
https://launchpad.net/ubuntu/+source/valkey/7.2.10+dfsg1-0ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.