Bug 22036

Summary: mongodb new security issue CVE-2017-15535
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Joseph Wang <joequant>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: mongodb-3.4.9-1.mga7.src.rpm CVE:
Status comment: Fixed upstream in 3.4.10

Description David Walser 2017-11-15 23:23:10 CET 
openSUSE has issued an advisory today (November 15):
https://lists.opensuse.org/opensuse-updates/2017-11/msg00046.html

The issue is fixed in 3.4.10.

Mageia 5 and Mageia 6 appear to not be affected.
Comment 1 David Walser 2018-01-31 03:13:03 CET 
Fedora has issued an advisory for this today (January 30):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SIXFNESNALBTYWE4AHI65UGUOPA5EOUD/
David Walser 2018-02-02 18:40:00 CET

Status comment: (none) => Fixed upstream in 3.4.10

David Walser 2018-10-16 00:33:28 CEST

Depends on: (none) => 23695

Comment 2 RĂ©mi Verschelde 2018-11-19 20:52:45 CET 
Shouldn't depend on bug 23695 if I don't mess up :)

Depends on: 23695 => (none)

Comment 3 David Walser 2019-01-01 04:31:15 CET 
Updated in Cauldron by Joseph Wang, currently at 4.1.6.

Resolution: (none) => FIXED
Status: NEW => RESOLVED