[CLSA-2026:1780500514] Fix CVE(s): CVE-2026-6914
Type:
security
Severity:
Important
Release date:
2026-06-03 15:28:47 UTC
Description:
* SECURITY UPDATE: DoS via malformed BSON MD5 checksum computation - debian/patches/CVE-2026-6914.patch: fix binDataClean() bounds check for ByteArrayDeprecated type and guard md5_append against zero-length data - CVE-2026-6914
CVEs fixed:
Updated packages:
  • mongodb42_4.2.25-1+tuxcare.els11_amd64.deb
    sha:b96d2abb7502476851344732bc67e43d301c5dd0
  • mongodb42-mongos_4.2.25-1+tuxcare.els11_amd64.deb
    sha:80d4e14ce0a8acc0a1484dc9045188729d83c738
  • mongodb42-server_4.2.25-1+tuxcare.els11_amd64.deb
    sha:a031d64dbcb013db8d0e29e32b5bfdfa184f8ed1
  • mongodb42-shell_4.2.25-1+tuxcare.els11_amd64.deb
    sha:50e3c6fd70240d5d8d4cff47d0efc01d6be728b8
  • mongodb42_4.2.25-1+tuxcare.els11_arm64.deb
    sha:c045196b1a89c7b4655ac127aa79f3d15aa843d7
  • mongodb42-mongos_4.2.25-1+tuxcare.els11_arm64.deb
    sha:780ae077098d32f8bc29869be22711b773cee80a
  • mongodb42-server_4.2.25-1+tuxcare.els11_arm64.deb
    sha:7273a818824b0fe0f1636796ba35cacaccb0a5aa
  • mongodb42-shell_4.2.25-1+tuxcare.els11_arm64.deb
    sha:dead8b7cb8e3a96c886004fdfef7ba180e943008
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.