FEDORA-EPEL-2026-6587a55db1 — security update for valkey

stable

valkey-8.0.7-1.el8

FEDORA-EPEL-2026-6587a55db1 created by remi 3 months ago for Fedora EPEL 8

Valkey 8.0.7 - Released Mon 23 February 2026

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

Security fixes

(CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message
(CVE-2025-67733) RESP Protocol Injection via Lua error_reply

Bug fixes

Fix ltrim should not call signalModifiedKey when no elements are removed (#2787)
Fix chained replica crash when doing dual channel replication (#2983)
Fix used_memory_dataset underflow due to miscalculated used_memory_overhead (#3005)
Avoids crash during MODULE UNLOAD when ACL rules reference a module command and subcommand (#3160)
Fix server assert on ACL LOAD and resetchannels (#3182)
Fix bug causing no response flush sometimes when IO threads are busy (#3205)

This update has been submitted for testing by remi.

3 months ago

This update's test gating status has been changed to 'ignored'.

3 months ago

This update has been pushed to testing.

3 months ago

This update has been submitted for stable by bodhi.

2 months ago

This update has been pushed to stable.

2 months ago

Please log in to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

3 months ago

in testing

3 months ago

in stable

2 months ago

approved

2 months ago

Builds

valkey-8.0.7-1.el8

BZ#2442219 CVE-2025-67733 valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts [epel-all]

BZ#2442230 CVE-2026-21863 valkey: Valkey: Denial of Service via invalid clusterbus packet [epel-all]

valkey-8.0.7-1.el8

Automated Test Results

ignored