[AUTO-CHERRYPICK] Valkey: Fix CVE-2024-31449 CVE-2024-21228 CVE-2024-31227 by upgrading Valkey to 8.0.1 - branch 3.0-dev (#11032)

Co-authored-by: SeanDougherty <sdougherty@microsoft.com>
2024-11-12 15:00:59 -05:00 · 2024-11-12 15:00:59 -05:00 · a9360df977
--- a/SPECS/valkey/valkey.signatures.json
+++ b/SPECS/valkey/valkey.signatures.json
@ -1,5 +1,5 @@
 {
 "Signatures": {
-  "valkey-8.0.0.tar.gz": "f87fef2ba81ae4bce891b874fba58cfde2d19370a3bcac20f0e17498b33c33c0"
+  "valkey-8.0.1.tar.gz": "1e1d6dfbed2f932a87afbc7402be050a73974a9b19a9116897e537a6638e5e1d"
 }
 }
--- a/SPECS/valkey/valkey.spec
+++ b/SPECS/valkey/valkey.spec
@ -1,7 +1,7 @@
 Summary:        advanced key-value store
 Name:           valkey
-Version:        8.0.0
-Release:        2%{?dist}
+Version:        8.0.1
+Release:        1%{?dist}
 License:        BSD
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@ -84,6 +84,9 @@ exit 0
 %config(noreplace) %attr(0640, %{name}, %{name}) %{_sysconfdir}/valkey.conf

 %changelog
+* Mon Nov 04 2024 Sean Dougherty <sdougherty@microsoft.com> - 8.0.1-1
+- Version bump to address CVE-2024-31449 CVE-2024-31228 and CVE-2024-31227.
+
 * Tue Oct 29 2024 Rohit Rawat <rohitrawat@microsoft.com> - 8.0.0-2
 - Add patch to remove flaky mem defrag test.

--- a/cgmanifest.json
+++ b/cgmanifest.json
@ -29306,8 +29306,8 @@
        "type": "other",
        "other": {
          "name": "valkey",
-          "version": "8.0.0",
-          "downloadUrl": "https://github.com/valkey-io/valkey/archive/refs/tags/8.0.0.tar.gz"
+          "version": "8.0.1",
+          "downloadUrl": "https://github.com/valkey-io/valkey/archive/refs/tags/8.0.1.tar.gz"
        }
      }
    },