Skip to content

Incorporate Redis CVE for CVE-2025-27151#2146

Merged
madolson merged 2 commits into
valkey-io:unstablefrom
madolson:redis_cve_pull
May 28, 2025
Merged

Incorporate Redis CVE for CVE-2025-27151#2146
madolson merged 2 commits into
valkey-io:unstablefrom
madolson:redis_cve_pull

Conversation

@madolson

Copy link
Copy Markdown
Member

Resolves #2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
@madolson madolson added the release-notes This issue should get a line item in the release notes label May 28, 2025
@madolson madolson changed the title Incorporate Redis CVE Incorporate Redis CVE for CVE-2025-27151 May 28, 2025
@madolson madolson requested a review from PingXie May 28, 2025 17:34
Comment thread src/valkey-check-aof.c Outdated
@codecov

codecov Bot commented May 28, 2025

Copy link
Copy Markdown

Codecov Report

Attention: Patch coverage is 33.33333% with 2 lines in your changes missing coverage. Please review.

Project coverage is 71.31%. Comparing base (ff71358) to head (7a95027).
Report is 5 commits behind head on unstable.

Files with missing lines Patch % Lines
src/valkey-check-aof.c 33.33% 2 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff            @@
##           unstable    #2146   +/-   ##
=========================================
  Coverage     71.31%   71.31%           
=========================================
  Files           122      122           
  Lines         66144    66155   +11     
=========================================
+ Hits          47170    47179    +9     
- Misses        18974    18976    +2     
Files with missing lines Coverage Δ
src/valkey-check-aof.c 74.07% <33.33%> (-0.42%) ⬇️

... and 13 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Co-authored-by: Ping Xie <pingxie@outlook.com>
Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
@madolson madolson merged commit 73696bf into valkey-io:unstable May 28, 2025
51 checks passed
@github-project-automation github-project-automation Bot moved this to To be backported in Valkey 7.2 May 28, 2025
@github-project-automation github-project-automation Bot moved this to To be backported in Valkey 8.1 May 28, 2025
@github-project-automation github-project-automation Bot moved this to To be backported in Valkey 8.0 May 28, 2025
hpatro pushed a commit to hpatro/valkey that referenced this pull request Jun 4, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
hpatro pushed a commit to hpatro/valkey that referenced this pull request Jun 4, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
Signed-off-by: Harkrishn Patro <harkrisp@amazon.com>
hpatro pushed a commit that referenced this pull request Jun 9, 2025
Resolves #2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
Signed-off-by: Harkrishn Patro <harkrisp@amazon.com>
hpatro pushed a commit that referenced this pull request Jun 11, 2025
Resolves #2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
Signed-off-by: Harkrishn Patro <harkrisp@amazon.com>
@hpatro hpatro moved this from To be backported to 8.1.2 in Valkey 8.1 Jun 11, 2025
chzhoo pushed a commit to chzhoo/valkey that referenced this pull request Jun 12, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
Signed-off-by: chzhoo <czawyx@163.com>
vitarb pushed a commit to vitarb/valkey that referenced this pull request Jun 12, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
(cherry picked from commit 73696bf)
@vitarb vitarb mentioned this pull request Jun 13, 2025
vitarb pushed a commit to vitarb/valkey that referenced this pull request Jun 13, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
(cherry picked from commit 73696bf)
shanwan1 pushed a commit to shanwan1/valkey that referenced this pull request Jun 13, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
Signed-off-by: shanwan1 <shanwan1@intel.com>
@ranshid ranshid moved this from To be backported to In Progress in Valkey 7.2 Jun 18, 2025
ranshid pushed a commit to ranshid/valkey that referenced this pull request Jun 18, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
ranshid pushed a commit to ranshid/valkey that referenced this pull request Jun 22, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
ranshid pushed a commit that referenced this pull request Jul 7, 2025
Resolves #2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
zuiderkwast pushed a commit to vitarb/valkey that referenced this pull request Aug 15, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
(cherry picked from commit 73696bf)
zuiderkwast pushed a commit to vitarb/valkey that referenced this pull request Aug 15, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
(cherry picked from commit 73696bf)
Signed-off-by: Viktor Söderqvist <viktor.soderqvist@est.tech>
@zuiderkwast zuiderkwast moved this from To be backported to 8.0.5 in Valkey 8.0 Aug 18, 2025
zuiderkwast pushed a commit to vitarb/valkey that referenced this pull request Aug 21, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
(cherry picked from commit 73696bf)
Signed-off-by: Viktor Söderqvist <viktor.soderqvist@est.tech>
zuiderkwast pushed a commit that referenced this pull request Aug 22, 2025
Resolves #2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
(cherry picked from commit 73696bf)
Signed-off-by: Viktor Söderqvist <viktor.soderqvist@est.tech>
sarthakaggarwal97 pushed a commit to sarthakaggarwal97/valkey that referenced this pull request Sep 16, 2025
Resolves valkey-io#2145

Incorporate the CVE patch that was sent to us by Redis Ltd.

---------

Signed-off-by: Madelyn Olson <madelyneolson@gmail.com>
Co-authored-by: Ping Xie <pingxie@outlook.com>
(cherry picked from commit 73696bf)
Signed-off-by: Viktor Söderqvist <viktor.soderqvist@est.tech>
@zuiderkwast zuiderkwast moved this from In Progress to To be backported in Valkey 7.2 Sep 23, 2025
@rainsupreme rainsupreme moved this from To be backported to 7.2.10 in Valkey 7.2 Sep 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

release-notes This issue should get a line item in the release notes

Projects

Status: 7.2.10
Status: 8.0.5
Status: 8.1.2

Development

Successfully merging this pull request may close these issues.

CVE-2025-27151

6 participants