UbuntuUpdates.org

Package "mongodb"

Name: mongodb

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • object/document-oriented database (managed server package)

Latest version: 1:3.6.3-0ubuntu1.4
Release: bionic (18.04)
Level: updates
Repository: universe

Links



Other versions of "mongodb" in Bionic

Repository Area Version
base universe 1:3.6.3-0ubuntu1
security universe 1:3.6.3-0ubuntu1.4
proposed universe 1:3.6.3-0ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:3.6.3-0ubuntu1.4 2021-10-04 19:06:16 UTC

  mongodb (1:3.6.3-0ubuntu1.4) bionic-security; urgency=medium

  * d/p/CVE-2019-20925-SERVER-43751-Recompute-compressor-manager-message-pa.patch
    Recompute compressor manager message parameters. (LP: #1933520)

 -- Heather Lemon <email address hidden> Tue, 03 Aug 2021 20:57:49 +0000

Source diff to previous version
1933520 message decompressor to incorrectly allocate memory
CVE-2019-20925 An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to

Version: 1:3.6.3-0ubuntu1.3 2021-08-26 03:06:19 UTC

  mongodb (1:3.6.3-0ubuntu1.3) bionic-security; urgency=medium

  [Heather Lemon]
  * SECURITY UPDATE: account session reuse leads to unauthorized access (LP: #1934518)
    - d/p/CVE-2019-2386-SERVER-38984-Validate-unique-User-ID-on-UserCache-hi.patch:
      Attach ID to users.
      After user deletion in MongoDB Server the improper invalidation of
      authorization sessions allows an authenticated user's session to
      persist and become conflated with new accounts
    - CVE-2019-2386

  [Alex Murray]
  * Refresh
    d/p/CVE-2019-2386-SERVER-38984-Validate-unique-User-ID-on-UserCache-hi.patch
    with the version from the 3.4 upstream branch that is still licensed
    under the AGPL.

 -- Alex Murray <email address hidden> Fri, 06 Aug 2021 12:08:41 +0930

Source diff to previous version
1934518 improper invalidation of authorization sessions

Version: 1:3.6.3-0ubuntu1.1 2019-04-09 20:06:21 UTC

  mongodb (1:3.6.3-0ubuntu1.1) bionic; urgency=medium

  * d/p/SERVER-36951-applyOps-createIndexes-without-uuid.patch: fix restoring
    of a database backup when applyOps has a createIndexes command without a
    UUID. (LP: #1821391)

 -- Andreas Hasenack <email address hidden> Fri, 22 Mar 2019 16:11:02 -0300

1821391 mongorestore fails with createIndexes command in oplog



About   -   Send Feedback to @ubuntu_updates