Fedora Security Advisories

valkey-9.0.3-1.fc44

Fedora Security Advisories
3 weeks 6 days ago
FEDORA-2026-ca1077dd2e Packages in this update:
  • valkey-9.0.3-1.fc44
Update description:

Valkey 9.0.3 - February 23, 2026

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

Security fixes

  • (CVE-2025-67733) RESP Protocol Injection via Lua error_reply
  • (CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message
  • (CVE-2026-27623) Reset request type after handling empty requests

Bug fixes

  • Avoids crash during MODULE UNLOAD when ACL rules reference a module command and subcommand (#3160)
  • Fix server assert on ACL LOAD when current user loses permission to channels (#3182)
  • Fix bug causing no response flush sometimes when IO threads are busy (#3205)

valkey-8.1.6-1.fc43

Fedora Security Advisories
3 weeks 6 days ago
FEDORA-2026-8d275f4438 Packages in this update:
  • valkey-8.1.6-1.fc43
Update description:

Valkey 8.1.6 - Released Mon 23 February 2026

Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible.

Security fixes

  • (CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message
  • (CVE-2025-67733) RESP Protocol Injection via Lua error_reply

Bug fixes

  • Restrict ttl from being negative and avoid crash in import-mode (#2944)
  • Fix chained replica crash when doing dual channel replication (#2983)
  • Fix used_memory_dataset underflow due to miscalculated used_memory_overhead (#3005)
  • Fix crashing while MODULE UNLOAD when ACL rules reference a module command or subcommand (#3160)
  • Fix server assert on ACL LOAD and resetchannels (#3182)
  • Fix bug causing no response flush sometimes when IO threads are busy (#3205)
Checked
37 minutes 29 seconds ago
URL
https://bodhi.fedoraproject.org/rss/updates/?type=security