github aerospike/aerospike-server v7.2.0.19

latest release: v7.2.0.20
4 hours ago

Aerospike Server Community Edition 7.2.0.19

Security fixes

AER-6907

(UDF) CVE-2026-55702, CVE-2026-55757, CVE-2026-PENDING Fix path traversal in UDF filename handling. See security bulletin AS-2026-001 for additional details.

Editions affected: Enterprise, Federal & Community

AER-6909

(CDT) CVE-2026-PENDING Fix integer overflow in msgpack size calculator that accepts truncated structures. See security bulletin AS-2026-002 for additional details.

Editions affected: Enterprise, Federal & Community

AER-6910

(BATCH) CVE-2026-55755 Fix heap buffer overflow from missing op size validation in batch writes. See security bulletin AS-2026-003 for additional details.

Editions affected: Enterprise, Federal & Community

AER-6911

(CDT) CVE-2026-55754 Fix integer overflow in msgpack parse and compactify that accepts truncated structures. See security bulletin AS-2026-004 for additional details.

Editions affected: Enterprise, Federal & Community

AER-6914

(UDF) CVE-2026-55756 Fix Lua sandbox escape that allows arbitrary command execution. See security bulletin AS-2026-005 for additional details.

Editions affected: Enterprise, Federal & Community

Bug fixes

AER-6908

(KVS) Remove sprig root color check that slowed flash index warm restart.

Editions affected: Enterprise, Federal & Community

Improvements

AER-6917

(LOGGING) Log sender UID and PID on SIGTERM.

Editions affected: Enterprise, Federal & Community

Known issues

Known issues for 7.2.0.19

Don't miss a new aerospike-server release

NewReleases is sending notifications on new releases.