Rebase to 8.1.7

Resolves: RHEL-177033
2026-05-19 14:25:49 +02:00 · 2026-05-19 14:25:49 +02:00 · 8ef6c57d7d
commit 8ef6c57d7d
parent a086484c38
4 changed files with 6 additions and 38 deletions
--- a/.gitignore
+++ b/.gitignore
@ -6,3 +6,4 @@
 /valkey-8.0.6.tar.gz
 /valkey-8.0.7.tar.gz
 /valkey-8.1.6.tar.gz
+/valkey-8.1.7.tar.gz
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (valkey-8.1.6.tar.gz) = c991e8019637842305c394b25253f609e0ea02ebd53b71e6730ce0107e9957c04e3e7ae8e6779cfd698434c477c255f5e3beb27ebc24a280a7a6e5a640333e25
+SHA512 (valkey-8.1.7.tar.gz) = b4fc78e7315c04229b50e088884f3ce42985317a12baf43dd7afcad00956e85912eb01824ba2e8566b07e8378d3a4d5c5085e17c90018fdd5101d77f04801041
--- a/valkey-cve-2025-27151.patch
+++ b/valkey-cve-2025-27151.patch
@ -1,34 +0,0 @@
-From 73696bf6e2cf754acc3ec24eaf9ca6b879bfc5d7 Mon Sep 17 00:00:00 2001
-From: Madelyn Olson <madelyneolson@gmail.com>
-Date: Thu, 29 May 2025 00:06:23 +0100
-Subject: [PATCH] Incorporate Redis CVE for CVE-2025-27151 (#2146)
-
-Resolves https://github.com/valkey-io/valkey/issues/2145
-
-Incorporate the CVE patch that was sent to us by Redis Ltd.
-
---------
-
-Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
-Co-authored-by: Ping Xie <pingxie@outlook.com>
---
- src/valkey-check-aof.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/valkey-check-aof.c b/src/valkey-check-aof.c
-index ed0eb2b49d..a6e4b97c6d 100644
--- a/src/valkey-check-aof.c
-+++ b/src/valkey-check-aof.c
-@@ -556,6 +556,12 @@ int redis_check_aof_main(int argc, char **argv) {
-         goto invalid_args;
-     }
- 
-+    /* Check if filepath is longer than PATH_MAX */
-+    if (strnlen(filepath, PATH_MAX + 1) > PATH_MAX) {
-+        printf("Error: filepath is too long (exceeds PATH_MAX)\n");
-+        goto invalid_args;
-+    }
-+
-     /* In the glibc implementation dirname may modify their argument. */
-     memcpy(temp_filepath, filepath, strlen(filepath) + 1);
-     dirpath = dirname(temp_filepath);
--- a/valkey.spec
+++ b/valkey.spec
@ -2,7 +2,7 @@
 %bcond_with tests

 Name:              valkey
-Version:           8.1.6
+Version:           8.1.7
 Release:           1%{?dist}
 Summary:           A persistent key-value database
 # valkey: BSD-3-Clause
@ -20,7 +20,6 @@ Source4:           %{name}.sysusers
 Source5:           %{name}.tmpfiles
 Source9:           migrate_redis_to_valkey.sh

-Patch1:            valkey-cve-2025-27151.patch
 # Fix default paths in configuration files for RPM layout
 Patch2:            %{name}-conf.patch
 # Workaround to https://github.com/valkey-io/valkey/issues/2678
@ -123,7 +122,6 @@ BuildArch:         noarch

 %prep
 %setup -qn %{name}-%{version}
-%patch -P1 -p1
 %patch -P2 -p1 -b.rpm
 %patch -P3 -p1 -b .loadmod
 %patch -P4 -p1 -b .bindnow
@ -300,6 +298,9 @@ taskset -c 1 ./runtest --clients 50 --skiptest "Active defrag - AOF loading"


 %changelog
+* Tue May 19 2026 Petr Khartskhaev <pkhartsk@redhat.com> - 8.1.7-1
+- Rebase to 8.1.7 for CVE-2026-23479 CVE-2026-25243 CVE-2026-23631
+
 * Wed Mar 04 2026 Lukas Javorsky <ljavorsk@redhat.com> - 8.1.6-1
 - Rebase to version 8.1
 - fix CONFIG REWRITE breaks configuration