22036 – mongodb new security issue CVE-2017-15535

Bug 22036 - mongodb new security issue CVE-2017-15535

Summary: mongodb new security issue CVE-2017-15535

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Joseph Wang
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-11-15 23:23 CET by David Walser
Modified:	2019-01-01 04:31 CET (History)
CC List:	0 users

See Also:
Source RPM:	mongodb-3.4.9-1.mga7.src.rpm
CVE:
Status comment:	Fixed upstream in 3.4.10

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2017-11-15 23:23:10 CET

openSUSE has issued an advisory today (November 15):
https://lists.opensuse.org/opensuse-updates/2017-11/msg00046.html

The issue is fixed in 3.4.10.

Mageia 5 and Mageia 6 appear to not be affected.

Comment 1 David Walser 2018-01-31 03:13:03 CET

Fedora has issued an advisory for this today (January 30):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SIXFNESNALBTYWE4AHI65UGUOPA5EOUD/

David Walser 2018-02-02 18:40:00 CET

Status comment: (none) => Fixed upstream in 3.4.10

David Walser 2018-10-16 00:33:28 CEST

Depends on: (none) => 23695

Comment 2 Rémi Verschelde 2018-11-19 20:52:45 CET

Shouldn't depend on bug 23695 if I don't mess up :)

Depends on: 23695 => (none)

Comment 3 David Walser 2019-01-01 04:31:15 CET

Updated in Cauldron by Joseph Wang, currently at 4.1.6.

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.