[ubuntu/noble-updates] valkey 7.2.11+dfsg1-0ubuntu0.1 (Accepted)
Nick Rosbrook
nick.rosbrook at canonical.com
Wed Nov 12 20:38:28 UTC 2025
valkey (7.2.11+dfsg1-0ubuntu0.1) noble; urgency=medium
* New upstream version 7.2.11 (LP: #2127122)
- Security fixes:
+ CVE-2025-49844: Lua script may lead to remote code execution.
+ CVE-2025-46817: Lua script may lead to int overflow and potential RCE.
+ CVE-2025-46818: Lua script can be executed in context of another user.
+ CVE-2025-46819: LUA out-of-bound read.
+ CVE-2025-49112: Integer underflow in setDeferredReply networking.c.
- Bug fixes:
+ Ensure empty error tables in scripts don't crash Valkey.
+ Fix client tracking memory overhead calculation.
+ Fix assumptions that pthread functions set errno.
* d/rules: Increase test timeout during build.
Date: 2025-10-15 19:19:10.491231+00:00
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Signed-By: Nick Rosbrook <nick.rosbrook at canonical.com>
https://launchpad.net/ubuntu/+source/valkey/7.2.11+dfsg1-0ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list