The following builds have been pushed to Fedora EPEL 8 updates-testing
valkey-8.0.4-1.el8
Details about builds:
================================================================================
valkey-8.0.4-1.el8 (FEDORA-EPEL-2025-8cce4f2f71)
A persistent key-value database
--------------------------------------------------------------------------------
Update Information:
Valkey 8.0.4 - Released Mon 07 July 2025
Upgrade urgency SECURITY: This release includes security fixes we recommend you
apply as soon as possible.
Security fixes
CVE-2025-32023 prevent out-of-bounds write during hyperloglog operations (#2146)
CVE-2025-48367 retry accept on transient errors (#2315)
Security fixes backported from 8.1.2
CVE-2025-27151 Check length of AOF file name in valkey-check-aof (#2146)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 16 2025 Remi Collet <remi@xxxxxxxxxxxxxxxxx> - 8.0.4-1
- update to 8.0.4
fixes CVE-2025-27151 CVE-2025-48367 and CVE-2025-32023
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2380115 - CVE-2025-48367 valkey: Redis Unauthenticated Denial of Service [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2380115
[ 2 ] Bug #2380117 - CVE-2025-32023 valkey: Redis Hyperloglog Out-of-Bounds Write Vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2380117
--------------------------------------------------------------------------------
--
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
