[ubuntu/noble-proposed] valkey 7.2.11+dfsg1-0ubuntu0.1 (Accepted)

Lena Voytek lena.voytek at canonical.com
Wed Oct 22 18:25:41 UTC 2025 

valkey (7.2.11+dfsg1-0ubuntu0.1) noble; urgency=medium

  * New upstream version 7.2.11 (LP: #2127122)
    - Security fixes:
      + CVE-2025-49844: Lua script may lead to remote code execution.
      + CVE-2025-46817: Lua script may lead to int overflow and potential RCE.
      + CVE-2025-46818: Lua script can be executed in context of another user.
      + CVE-2025-46819: LUA out-of-bound read.
      + CVE-2025-49112: Integer underflow in setDeferredReply networking.c.
    - Bug fixes:
      + Ensure empty error tables in scripts don't crash Valkey.
      + Fix client tracking memory overhead calculation.
      + Fix assumptions that pthread functions set errno.
  * d/rules: Increase test timeout during build.

Date: Sat, 11 Oct 2025 23:49:31 -0400
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/valkey/7.2.11+dfsg1-0ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Sat, 11 Oct 2025 23:49:31 -0400
Source: valkey
Built-For-Profiles: noudeb
Architecture: source
Version: 7.2.11+dfsg1-0ubuntu0.1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Launchpad-Bugs-Fixed: 2127122
Changes:
 valkey (7.2.11+dfsg1-0ubuntu0.1) noble; urgency=medium
 .
   * New upstream version 7.2.11 (LP: #2127122)
     - Security fixes:
       + CVE-2025-49844: Lua script may lead to remote code execution.
       + CVE-2025-46817: Lua script may lead to int overflow and potential RCE.
       + CVE-2025-46818: Lua script can be executed in context of another user.
       + CVE-2025-46819: LUA out-of-bound read.
       + CVE-2025-49112: Integer underflow in setDeferredReply networking.c.
     - Bug fixes:
       + Ensure empty error tables in scripts don't crash Valkey.
       + Fix client tracking memory overhead calculation.
       + Fix assumptions that pthread functions set errno.
   * d/rules: Increase test timeout during build.
Checksums-Sha1:
 3a2bed429a2bf8adb2633defbfc860cd506bffa2 2499 valkey_7.2.11+dfsg1-0ubuntu0.1.dsc
 70fa8558e2fdfbcdb391cdfacbb2f9f5b3d5d33b 2474868 valkey_7.2.11+dfsg1.orig.tar.xz
 0fdf70d8ddf7b1d1a3b6419821d293ab0be0c3a1 19164 valkey_7.2.11+dfsg1-0ubuntu0.1.debian.tar.xz
 3d2c4a22b7e7489b9eb117bac4c0abb53e773ec3 8079 valkey_7.2.11+dfsg1-0ubuntu0.1_source.buildinfo
Checksums-Sha256:
 6f0c2558d5051cf2b84537c89f5a554f92cb60f691be3fb3ca1be2dccc9a6e44 2499 valkey_7.2.11+dfsg1-0ubuntu0.1.dsc
 9d8651193424be023aa7fe163f314e93523c808ae87c77c5a821fff98d913347 2474868 valkey_7.2.11+dfsg1.orig.tar.xz
 1889ee9e394ffcbc8779de2338069f05175fe45e37d961d27e11d796a9f55742 19164 valkey_7.2.11+dfsg1-0ubuntu0.1.debian.tar.xz
 f6845ad7672e7b69cc1b93ff7f5d7cfd63f6214aa7b53f4b02fdbeae1292fdcb 8079 valkey_7.2.11+dfsg1-0ubuntu0.1_source.buildinfo
Files:
 9dfb114207eca27d5a4b7c5220c37bd3 2499 database optional valkey_7.2.11+dfsg1-0ubuntu0.1.dsc
 d4e881444687ff2466fa6c178ecd6314 2474868 database optional valkey_7.2.11+dfsg1.orig.tar.xz
 8aa4920de442edde2b036488291aba25 19164 database optional valkey_7.2.11+dfsg1-0ubuntu0.1.debian.tar.xz
 fb94039198f8dffbd17f2ee1fb9b4fcf 8079 database optional valkey_7.2.11+dfsg1-0ubuntu0.1_source.buildinfo
Original-Maintainer: Lucas Kanashiro <kanashiro at debian.org>
Vcs-Git: https://git.launchpad.net/~lvoytek/ubuntu/+source/valkey
Vcs-Git-Commit: 93924dfc3380f2341a83ca09d55339fd45f3da75
Vcs-Git-Ref: refs/heads/backport-2127122-noble

More information about the noble-changes mailing list