-
mongodb (1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.3) focal-security; urgency=medium
* SECURITY UPDATE: message decompressor to incorrectly allocate memory (LP: #1933520)
- d/p/CVE-2019-20925-SERVER-43751-Recompute-compressor-manager-message-pa.patch:
An unauthenticated client can trigger denial of service by
issuing specially crafted wire protocol messages,
which cause the message decompressor to incorrectly allocate memory
- CVE-2019-20925
-- Heather Lemon <email address hidden> Thu, 26 Aug 2021 14:36:35 +0000
-
mongodb (1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2) focal-security; urgency=medium
[Heather Lemon]
* SECURITY UPDATE: account session reuse leads to unauthorized access (LP: #1934518)
- d/p/CVE-2019-2386-SERVER-38984-Validate-unique-User-ID-on-UserCache-hi.patch:
Attach ID to users.
After user deletion in MongoDB Server the improper invalidation of
authorization sessions allows an authenticated user's session to
persist and become conflated with new accounts
- CVE-2019-2386
[Alex Murray]
* Refresh
d/p/CVE-2019-2386-SERVER-38984-Validate-unique-User-ID-on-UserCache-hi.patch
with the version from the 3.4 upstream branch that is still licensed
under the AGPL.
-- Alex Murray <email address hidden> Mon, 23 Aug 2021 17:01:06 +0930
-
mongodb (1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5) focal; urgency=medium
* Drop optional python-regex build-dep, which is now gone from the
archive.
* Use python2 for scons.
* Disable -Werror.
* Drop python-pymongo resmoke test build-dep, no longer available.
* Add missing cxxabi.h include.
-- Dimitri John Ledkov <email address hidden> Tue, 14 Apr 2020 08:29:46 +0100
-
mongodb (1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu4) focal; urgency=medium
* No-change rebuild for libgcc-s1 package name change.
-- Matthias Klose <email address hidden> Mon, 23 Mar 2020 08:58:38 +0100
-
mongodb (1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu3) focal; urgency=medium
* No change rebuild against new boost1.71 ABI
-- Dimitri John Ledkov <email address hidden> Mon, 03 Feb 2020 21:06:47 +0000
-
mongodb (1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu2) disco; urgency=medium
* No change rebuild against libyaml-cpp0.6
-- Christopher James Halse Rogers <email address hidden> Tue, 11 Dec 2018 16:09:19 +1100