File valkey.changes of Package valkey
-------------------------------------------------------------------
Thu Jun 12 01:21:10 UTC 2025 - Antonio Teixeira <antonio.teixeira@suse.com>
- Update to 8.1.2:
- Security fixes
* CVE-2025-27151 Check length of AOF file name in valkey-check-aof (#2146)
- Bug fixes
* Properly escape double quotes and backslash in MONITOR command (#2036)
* Fix high CPU usage when fetching a random element in skewed sparse hash
table (#2085)
* Fix a bug that allowed clients to process commands when the server has
paused command processing (#2109)
* Fix a crash where the wrong slot is used when processing sharded pubsub
unsubscribe events (#2137)
* Fix a crash when a module attempts to write auxiliary data with AOF
enabled (#2132)
* Fix a bug where the engine may crash when establishing new outbound TLS
connections (#2140)
* Fix a bug where a cluster bus packet may be incorrectly marked as
invalid (#2144)
* Fix a bug where CLUSTER SLOTS/NODES information can be stale after
updating node port/tls-port (#2186)
* Fix a bug where replica in cluster mode can't finish failover when
config epoch is outdated (#2178)
* Fix a bug to avoid CLIENT UNBLOCK command to unblock paused clients
(#2117)
- Drop valkey-ssl_new-null-return.patch, CVE-2025-27151.patch
* Included in upstream release
-------------------------------------------------------------------
Wed Jun 11 22:08:53 UTC 2025 - Antonio Teixeira <antonio.teixeira@suse.com>
- Provide redis 7.2.9 instead of valkey version due to lack of
features provided by redis 7.4 (boo#1243605)
-------------------------------------------------------------------
Tue Jun 3 17:55:25 UTC 2025 - Antonio Teixeira <antonio.teixeira@suse.com>
- Fix crash on SSL_new() returning NULL in outgoing connections (bsc#1243061)
* valkey-ssl_new-null-return.patch
-------------------------------------------------------------------
Mon Jun 2 12:12:59 UTC 2025 - Antonio Teixeira <antonio.teixeira@suse.com>
- Fix CVE-2025-27151, absence of filename size check may cause a stack
overflow (bsc#1243804)
* CVE-2025-27151.patch
- Fix CVE-2025-49112, setDeferredReply integer underflow (bsc#1243913)
* CVE-2025-49112.patch
-------------------------------------------------------------------
Mon May 5 14:41:28 UTC 2025 - Andreas Stieger <andreas.stieger@gmx.de>
- Update to 8.1.1:
* 8.1.x branch with enhanced performance, reliability,
observability and usability over Valkey 8.0
* compatible with all previous Valkey releases as well as Redis
OSS 7.2.4
* Updated configuration options and functionality as listed in
https://github.com/valkey-io/valkey/releases/tag/8.1.1
https://github.com/valkey-io/valkey/releases/tag/8.1.0
-------------------------------------------------------------------
Thu Apr 24 16:52:15 UTC 2025 - Andreas Stieger <andreas.stieger@gmx.de>
- Update to 8.0.3:
* CVE-2025-21605: Limit output buffer for unauthenticated clients
(boo#1241708)
* Optimize RDB load performance and fix cluster mode resizing on
replica side
* Fix memory leak in forgotten node ping ext code path
* Fix cluster info sent stats for message with light header
* Fix module LatencyAddSample still work when
latency-monitor-threshold is 0
* Fix potential crash in radix tree recompression of huge keys
* Fix error "SSL routines::bad length" when connTLSWrite is called
second time with smaller buffer
* Fix temp file leak druing replication error handling
* Fix ACL LOAD crash on replica since the primary client don't
has a user
* Fix RANDOMKEY infinite loop during CLIENT PAUSE
* fix: add samples to stream object consumer trees
* Fix cluster slot stats assertion during promotion of replica
* Fix panic in primary when blocking shutdown after previous
block with timeout
* Ignore stale gossip packets that arrive out of order
* Fix incorrect lag reported in XINFO GROUPS
* Avoid shard id update of replica if not matching with primary
shard id
-------------------------------------------------------------------
Wed Jan 8 17:22:51 UTC 2025 - Antonio Teixeira <antonio.teixeira@suse.com>
- Update to 8.0.2:
- Security fixes
* (CVE-2024-46981, bsc#1235387) Lua script commands may lead to remote code execution. (#1513)
* (CVE-2024-51741, bsc#1235386) Denial-of-service due to malformed ACL selectors. (#1514)
- Bug fixes
* Fix an uncommon crash when using TLS with dual channel replication. (#1173)
* Make sure repl_down_since is correctly reset when dual channel replication
fails. (#1149)
* Fix a performance regression where a replica does not properly initialize
the database size when loading a snapshot during replication. (#1199)
* Make sure the last accessed time is correctly updated when using the TOUCH
command with the CLIENT NO-TOUCH option.
* Fix a bug where total_net_repl_output_bytes may report the wrong. (#1486)
* Fix a bug where used_memory_scripts may report the wrong value. (#1255)
* Fix a bug where server might crash when using active defrag when scripts
are evicted from the script cache. (#1310)
* Fix a bug where extra memory would be used when storing strings in the
inline protocol. (#1213)
* Fix a bug where the SORT command may throw a cross slot error. (#1182)
* Fix a bug where the RANDOMKEY command may omit returning keys in cluster
mode. (#1155)
* Send the correct error message when FUNCTION KIlL is used to kill an
ongoing script. (#1171)
* Fix a potential memory corruption when databases are emptied, such as
through FLUSHDB, when during active defrag is running. (#1512)
- Behavior changes
* Revert an unintended breaking change when sending an unsubuscribe command
when a client is not subscribed to any channels. (#1265)
-------------------------------------------------------------------
Wed Dec 4 20:05:34 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
- Fix redis and sentinel units lookup in migration script (bsc#1226986)
* Look for units in /etc/systemd/system/redis.target.wants
- Fix sentinel config files permissions in migration script
-------------------------------------------------------------------
Tue Oct 22 09:03:52 UTC 2024 - Dirk Müller <dmueller@suse.com>
- fix requires for compat-redis package
-------------------------------------------------------------------
Fri Oct 4 12:43:51 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
- Update to 8.0.1:
- Bug fixes
* Fix a build issue with RDMA when using additional make parameters. (#1074)
* Fix an issue where `CLUSTER SLOTS` might return the wrong tcp or tls port
when called from inside a script or from a module. (#1072)
* Fix a crash when `CLUSTER SLOTS` or `CLUSTER SHARDS` is called from inside
a script or from a module. (#1063)
* Fix a build issue on systems where `<threads.h>` is unavailable. (#1053)
* Fix an issue with the default `sentinel.conf` being invalid. (#1040)
- Security fixes
* (CVE-2024-31449, bsc#1231264) Lua library commands may lead to stack
overflow and potential RCE.
* (CVE-2024-31227, bsc#1231266) Potential Denial-of-service due to malformed
ACL selectors.
* (CVE-2024-31228, bsc#1231265) Potential Denial-of-service due to unbounded
pattern matching.
- 8.0.0 changelog:
* See https://github.com/valkey-io/valkey/blob/8.0.0/00-RELEASENOTES
- Drop ppc-atomic.patch
- Refresh valkey-conf.patch
-------------------------------------------------------------------
Tue Aug 27 18:04:07 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
- Update to 7.2.6:
- Bug Fixes - Core
* Fix typo in REGISTER_API macro to prevent segfaults when loading Redis
modules (#608)
* Fix the command duration reset issue when clients are blocked and commands
are reprocessed (#526)
* Fix the data type conversion error in zrangeResultBeginStore (Redis#13148)
* Fix a crash caused by quicklist node merges (Redis#13040)
* Fix crashes in module blocking client timeout cases (Redis#13011)
* Fix conversion of numbers in Lua args to Redis args
(Redis#13115, Fixes Redis#13113)
* Fix crash in LSET command when replacing small list items with larger ones,
creating listpacks larger than 4GB (Redis#12955, Fixes Redis#12864)
* Fix blocking command timeout reset issue during reprocessing (Redis#13004)
- Bug Fixes - Cluster
* Fix the CLUSTER SHARDS command to display accurate slot information even
if a primary node fails (#790, Fixes #784)
* Fix an issue where module authentication failed when the cluster was down
(#693, Fixes #619)
* Ensure only primary nodes with slots can mark another node as failed (#634)
* Improve MEET command reliability under link failures to maintain cluster
membership symmetry (#461)
* Allow single primary node to mark potentially failed replica as FAIL in
single-shard cluster (Redis#12824)
- Bug Fixes - Sentinel
* Accept redis-sentinel to start Valkey in sentinel mode (#731, Fixes #719)
- Bug Fixes - CLI
* Ensure the --count option in redis-cli works correctly even without
--pattern (Redis#13092)
* Fix redis-check-aof misidentifying data in manifest format as MP-AOF
(Redis#12951)
* Update redis-check-rdb types to replace stream-v2 with stream-v3
(Redis#12969)
-------------------------------------------------------------------
Tue Jul 9 14:21:33 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>
- migrate_redis_to_valkey.bash fixes (boo#1227139)
* Also set group owner for /var/lib/valkey
* Change logdir option in copied conf files to /var/log/valkey
* Change owner of copied conf files to root:valkey
-------------------------------------------------------------------
Tue Jul 2 07:52:48 UTC 2024 - Andreas Schwab <schwab@suse.de>
- valkey.logrotate: fix owner of logfiles
-------------------------------------------------------------------
Sat Jun 29 17:32:13 UTC 2024 - Neal Gompa <ngompa@opensuse.org>
- Add legacy symlinks for "redis" executables in sbin to fix
running valkey in other package test suites using absolute paths
-------------------------------------------------------------------
Wed Jun 26 06:25:23 UTC 2024 - Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
- Repair Redis instance detection (boo#1226986)
-------------------------------------------------------------------
Sat Jun 22 08:42:19 UTC 2024 - Neal Gompa <ngompa@opensuse.org>
- Enable automatic replacement of redis with valkey
-------------------------------------------------------------------
Thu Jun 6 18:26:19 UTC 2024 - Neal Gompa <ngompa@opensuse.org>
- Initial package based on the redis package and Fedora valkey package
- Ported over patch from redis package
+ Added valkey-conf.patch
- Backport patch from upstream submission
+ Added ppc-atomic.patch
