| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security fixes
-----------------
(CVE-2025-67733) RESP Protocol Injection via Lua error_reply
(CVE-2026-21863) Remote DoS with malformed Valkey Cluster bus message
(CVE-2026-27623) Reset request type after handling empty requests
Bug fixes
------------
Avoids crash during MODULE UNLOAD when ACL rules reference a module command and subcommand
Fix server assert on ACL LOAD when current user loses permission to channels
Fix bug causing no response flush sometimes when IO threads are busy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These seds were added to remove reproducibility QA errors about
TMPDIR being present in the binaries. The root of the problem was
changed LDFLAGS in oe-core, and after adding back these LDFLAGS
to this recipe[1], the QA error is also gone - the binaries require
no changes due to this.
Also remove the INSANE_SKIP, which was most likely fixed by the
same LDFLAGS issue - it doesn't happen anymore.
[1]: https://git.openembedded.org/meta-openembedded/commit/?id=e8981bf43163d2fe90ea28b2952a2443ceaea934
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 9.0.2:
- Avoid memory leak of new argv when HEXPIRE commands target only
non-exiting fields
- Fix HINCRBY and HINCRBYFLOAT to update volatile key tracking
- Avoid empty hash object when HSETEX added no fields
- Fix case-sensitive check for the FNX and FXX arguments in HSETEX
- Prevent assertion in active expiration job after a hash with
volatile fields is overwritten
- Fix HRANDFIELD to return null response when no field could be
found
- Fix HEXPIRE to not delete items when validation rules fail and
expiration is in the past
- Fix how hash is handling overriding of expired fields overwrite
- HSETEX - Always issue keyspace notifications after validation
- Make zero a valid TTL for hash fields during import mode and data
loading
- Trigger prepareCommand on argc change in module command filters
- Restrict TTL from being negative and avoid crash in import-mode
- Fix chained replica crash when doing dual channel replication
- Skip slot cache optimization for AOF client to prevent key
duplication and data corruption
- Fix used_memory_dataset underflow due to miscalculated
used_memory_overhead
- Avoid duplicate calculations of network-bytes-out in slot stats
with copy-avoidance
- Fix XREAD returning error on empty stream with + ID
- Track reply bytes in I/O threads if commandlog-reply-larger-than
is -1
- This makes it possible to mitigate a performance regression in
9.0.1 caused by the related bug fix
Fixes references to TMPDIR [buildpaths] and avoids [already-stripped].
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
oe-core has removed DEBUG_PREFIX_MAP from TARGET_LDFLAGS [1], restore
it to fix the below error.
ERROR: valkey-9.0.1-r0.wr2600 do_package_qa: QA Issue: File /usr/bin/.debug/valkey-cli in package valkey-dbg contains reference to TMPDIR [buildpaths]
ERROR: valkey-9.0.1-r0.wr2600 do_package_qa: QA Issue: File /usr/bin/.debug/valkey-server in package valkey-dbg contains reference to TMPDIR [buildpaths]
ERROR: valkey-9.0.1-r0.wr2600 do_package_qa: QA Issue: File /usr/bin/.debug/valkey-benchmark in package valkey-dbg contains reference to TMPDIR [buildpaths]
ERROR: valkey-9.0.1-r0.wr2600 do_package_qa: Fatal QA errors were found, failing task.
[1] https://git.openembedded.org/openembedded-core/commit/?id=1797741aad02b8bf429fac4b81e30cdda64b5448
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-src-config.h-Enable-HAVE_ARM_NEON-on-AArch64.patch
removed since it's included in 9.0.1
Changelog:
===========
- Authenticate slot migration client on source node to internal user
- Bug fix: reset io_last_written on c->buf resize to prevent stale pointers
- Sentinel: fix regression requiring "+failover" ACL in failover path
- Cluster: Avoid usage of light weight messages to nodes with not ready bidirectional links
- Send duplicate multi meet packet only for node which supports it in mixed clusters
- Fix: LTRIM should not call signalModifiedKey when no elements are removed
- Fix build on some 32-bit ARM by only using NEON on AArch64
- Fix deadlock in IO-thread shutdown during panic
- Fix COMMANDLOG large-reply when using reply copy avoidance
- Fix CLUSTER SLOTS crash when called from module timer callback
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 9.0.0:
- HSETEX with FXX should not create an object if it does not exist
- Fix crash when aborting a slot migration while child snapshot is
active
- Fix double MOVED reply on unblock at failover
- Fix memory leak with CLIENT LIST/KILL duplicate filters
- Fix incorrect accounting after completed atomic slot migration
- Fix Lua VM crash after FUNCTION FLUSH ASYNC + FUNCTION LOAD
- Fix invalid memory address caused by hashtable shrinking during
safe iteration
Replace dependency hiredis with libvalkey.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 8.1.4:
Security fixes:
- (CVE-2025-49844) A Lua script may lead to remote code execution
- (CVE-2025-46817) A Lua script may lead to integer overflow and
potential RCE
- (CVE-2025-46818) A Lua script can be executed in the context of
another user
- (CVE-2025-46819) LUA out-of-bound read
Bug fixes:
- Fix accounting for dual channel RDB bytes in replication stats
- Fix EVAL to report unknown error when empty error table is
provided
- Fix use-after-free when active expiration triggers hashtable
to shrink
- Fix MEMORY USAGE to account for embedded keys
- Fix memory leak when shrinking a hashtable without entries
- Prevent potential assertion in active defrag handling large
allocations
- Prevent bad memory access when NOTOUCH client gets unblocked
- Converge divergent shard-id persisted in nodes.conf to primary's
shard id
- Fix client tracking memory overhead calculation
- Fix RDB load per slot memory pre-allocation when loading from RDB
snapshot
- Don't use AVX2 instructions if the CPU doesn't support it
- Fix bug where active defrag may be unable to defrag sparsely
filled pages
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
https://github.com/valkey-io/valkey/releases/tag/8.1.2
https://github.com/valkey-io/valkey/releases/tag/8.1.3
Security fixes:
CVE-2025-27151
CVE-2025-32023
CVE-2025-48367
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Please see
https://git.yoctoproject.org/poky/commit/?id=4dd321f8b83afecd962393101b2a6861275b5265
for what changes are needed, and sed commands that can be used to make them en masse.
I've verified that bitbake -c patch world works with these, but did not run a world
build; the majority of recipes shouldn't need further fixups, but if there are
some that still fall out, they can be fixed in followups.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Release notes:
https://github.com/valkey-io/valkey/releases/tag/8.1.0
The license file checksum changed because upstream added the line:
SPDX-License-Identifier: BSD-3-Clause
Adjust the patches using devtool and manually munge the Upstream-Status-es.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
| |
This upstream does not in fact use autotools, so remove the inherit and
clean up do_compile().
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Now hiredis can be used not only with Redis, but also with Valkey, an
open source key/value datastore that is fully compatible with Redis. As
Redis changed its license, many users have switched to Valkey. Add
RPROVIDES virtual-redis in both redis and valkey, and set it as the
runtime dependency of hiredis.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 8.0.2:
Security fixes:
- (CVE-2024-46981) Lua script commands may lead to remote code
execution.
- (CVE-2024-51741) Denial-of-service due to malformed ACL
selectors.
Bug fixes:
- Fix an uncommon crash when using TLS with dual channel
replication.
- Make sure repl_down_since is correctly reset when dual channel
replication fails.
- Fix a performance regression where a replica does not properly
initialize the database size when loading a snapshot during
replication.
- Make sure the last accessed time is correctly updated when using
the TOUCH command with the CLIENT NO-TOUCH option.
- Fix a bug where total_net_repl_output_bytes may report the wrong.
- Fix a bug where used_memory_scripts may report the wrong value.
- Fix a bug where server might crash when using active defrag when
scripts are evicted from the script cache.
- Fix a bug where extra memory would be used when storing strings
in the inline protocol.
- Fix a bug where the SORT command may throw a cross slot error.
- Fix a bug where the RANDOMKEY command may omit returning keys in
cluster mode.
- Send the correct error message when FUNCTION KIlL is used to kill
an ongoing script.
- Fix a potential memory corruption when databases are emptied,
such as through FLUSHDB, when during active defrag is running.
Behavior changes
- Revert an unintended breaking change when sending an unsubuscribe
command when a client is not subscribed to any channels.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade valkey to version 8.0.1:
- Fix a build issue with RDMA when using additional make parameters
- Fix an issue where CLUSTER SLOTS might return the wrong tcp or
tls port when called from inside a script or from a module
- Fix a crash when CLUSTER SLOTS or CLUSTER SHARDS is called from
inside a script or from a module
- Fix a build issue on systems where <threads.h> is unavailable
- Fix an issue with the default sentinel.conf being invalid
- Build binary releases with systemd support
- Avoid .c, .d and .o files from being copied to the binary tar.gz
releases
- (CVE-2024-31449) Lua library commands may lead to stack overflow
and potential RCE
- (CVE-2024-31227) Potential Denial-of-service due to malformed ACL
selectors
- (CVE-2024-31228) Potential Denial-of-service due to unbounded
pattern matching
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
Valkey is an open source, in-memory data store. Release 8.0.0 is
fully compatible with Redis OSS 7.2.4 and brings:
- Added full client info to SHUTDOWN and CLUSTER FAILOVER logs for
better traceability of requests.
- Resolved issues in replicationSetPrimary where the primary node's
IP/port updates were not correctly handled in the cluster gossip
section.
- Fixed AOF base suffix during rewrites when modifying the
aof-use-rdb-preamble setting, ensuring correct suffix caching to
prevent inconsistencies.
- Addressed rare crashes in async IO threads with TLS by preventing
concurrent read and write job overlap.
- Prevented AOF from being incorrectly disabled after loading RDB
data, ensuring proper re-enabling of AOF.
- Triggered a save of the cluster configuration file before
shutdown to prevent inconsistencies caused by unsaved node
configuration changes.
- Fixed timing issue in CLUSTER SETSLOT to ensure replicas handle
migration correctly when receiving the command before the gossip
update.
- Optimized the handling of temporary set objects in SUNION and
SDIFF commands, resulting in a 41% performance improvement for
SUNION and 27% for SDIFF.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
