package/mongodb: security bump to version 4.2.18 (49bbf644) · Commits · Infra Solutions / Reference Design / platsw / buildroot

Commit 49bbf644 authored Jan 25, 2022 by Fabrice Fontaine Committed by Thomas Petazzoni Jan 26, 2022

package/mongodb: security bump to version 4.2.18

Fix CVE-2021-20330: An attacker with basic CRUD permissions on a
replicated collection can run the applyOps command with specially
malformed oplog entries, resulting in a potential denial of service on
secondaries. This issue affects MongoDB Server v4.0 versions prior to
4.0.25; MongoDB Server v4.2 versions prior to 4.2.14; MongoDB Server
v4.4 versions prior to 4.4.6.

Drop third patch (already in version)

https://docs.mongodb.com/master/release-notes/4.2/



Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

parent 5312db2b

Hide whitespace changes

Inline Side-by-side

Please register or to comment