Date: Tue, 7 Oct 2025 06:21:53 GMT From: Fernando =?utf-8?Q?Apestegu=C3=ADa?= <fernape@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 06fc096ebd97 - main - security/vuxml: Fix mongodb entries Message-ID: <202510070621.5976Lrx7038970@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by fernape: URL: https://cgit.FreeBSD.org/ports/commit/?id=06fc096ebd971cfb2461755fb6ee2a92ad66cba2 commit 06fc096ebd971cfb2461755fb6ee2a92ad66cba2 Author: Fernando ApesteguĂa <fernape@FreeBSD.org> AuthorDate: 2025-10-07 06:19:40 +0000 Commit: Fernando ApesteguĂa <fernape@FreeBSD.org> CommitDate: 2025-10-07 06:21:45 +0000 security/vuxml: Fix mongodb entries Remove entry that only affects 8.1.x which we don't still have in the repo. Modify an entry removing the 8.1.x entry from the affected packages Reported by: ronald-lists@klop.ws Fixes: 7ec6fda16269 --- security/vuxml/vuln/2025.xml | 35 +---------------------------------- 1 file changed, 1 insertion(+), 34 deletions(-) diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 68f0dfd0ba24..8ee309e4336d 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -45,10 +45,6 @@ <name>mongodb70</name> <range><lt>7.0.22</lt></range> </package> - <package> - <name>mongodb80</name> - <range><lt>8.1.2</lt></range> - </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; @@ -70,6 +66,7 @@ <dates> <discovery>2025-09-05</discovery> <entry>2025-10-06</entry> + <modified>2025-10-07</modified> </dates> </vuln> @@ -147,36 +144,6 @@ </dates> </vuln> - <vuln vid="92880bca-a2c9-11f0-8402-b42e991fc52e"> - <topic>mongodb -- Certain Queries May Cause MongoDB Server to Crash</topic> - <affects> - <package> - <name>mongodb80</name> - <range><lt>8.1.0</lt></range> - </package> - </affects> - <description> - <body xmlns="http://www.w3.org/1999/xhtml">; - <p>cna@mongodb.com reports:</p> - <blockquote cite="https://jira.mongodb.org/browse/SERVER-102693">; - <p>An authorized user can issue queries with duplicate _id fields, - that leads to unexpected behavior in MongoDB Server, which may - result to crash. This issue can only be triggered by authorized - users and cause Denial of Service. This issue affects MongoDB - Server v8.1 version 8.1.0.</p> - </blockquote> - </body> - </description> - <references> - <cvename>CVE-2025-7259</cvename> - <url>https://nvd.nist.gov/vuln/detail/CVE-2025-7259</url>; - </references> - <dates> - <discovery>2025-07-07</discovery> - <entry>2025-10-06</entry> - </dates> - </vuln> - <vuln vid="a9dc3c61-a20f-11f0-91d8-b42e991fc52e"> <topic>mongodb -- MongoDB Server access to non-initialized memory</topic> <affects>home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202510070621.5976Lrx7038970>