Denial of Service in mongoDB
ID: | FEDORA-2017-913288e9a9 |
Distribution: | Fedora |
Plattformen: | Fedora 27 |
Datum: | Di, 30. Januar 2018, 23:12 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15535 |
Applikationen: | mongoDB |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-913288e9a9 2018-01-30 17:59:49.776002 -------------------------------------------------------------------------------- Name : mongodb Product : Fedora 27 Version : 3.4.10 Release : 1.fc27 URL : http://www.mongodb.org Summary : High-performance, schema-free document-oriented database Description : Mongo (from "humongous") is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the following features: * Collection oriented storage: easy storage of object/JSON-style data * Dynamic queries * Full index support, including on inner objects and embedded arrays * Query profiling * Replication and fail-over support * Efficient storage of binary data including large objects (e.g. photos and videos) * Auto-sharding for cloud-level scalability (currently in early alpha) * Commercial Support Available A key goal of MongoDB is to bridge the gap between key/value stores (which are fast and highly scalable) and traditional RDBMS systems (which are deep in functionality). -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-15535 Update to latest minor release 3.4.10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1516183 - CVE-2017-15535 mongodb: Invalid wire protocol compression https://bugzilla.redhat.com/show_bug.cgi?id=1516183 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade mongodb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |