[CLSA-2026:1783075314] Fix CVE(s): CVE-2026-11933, CVE-2026-8202
Type:
security
Severity:
Important
Release date:
2026-07-03 10:42:21 UTC
Description:
* SECURITY UPDATE: Use-after-free via non-owned BSON in bsonObjToArray - debian/patches/CVE-2026-11933.patch: ensure owned BSON in bsonObjToArray before array conversion in src/mongo/scripting/mozjs/bson.cpp - CVE-2026-11933
Updated packages:
  • mongodb5_5.0.31-1+tuxcare.els9_amd64.deb
    sha:e0b95bd47c234fd71e390b201152401a0314814a
  • mongodb5-mongos_5.0.31-1+tuxcare.els9_amd64.deb
    sha:e5a8615720912bd0d759fa6dd12beb29485a9bb1
  • mongodb5-server_5.0.31-1+tuxcare.els9_amd64.deb
    sha:c88587df4ceeaa2d49e9fdadab5ead5856f4bbfd
  • mongodb5-shell_5.0.31-1+tuxcare.els9_amd64.deb
    sha:a9e089b169bddc90c04631c79fed8fb73f8f2437
  • mongodb5_5.0.31-1+tuxcare.els9_arm64.deb
    sha:e1e6330ba4fc5c0519b7e50c789eb4474f265c92
  • mongodb5-mongos_5.0.31-1+tuxcare.els9_arm64.deb
    sha:5e15f35c1bd87b12ad4b9d0f71f3126c9eeb750e
  • mongodb5-server_5.0.31-1+tuxcare.els9_arm64.deb
    sha:1cb0509963a1791a3f9a824351429a99d6b9088d
  • mongodb5-shell_5.0.31-1+tuxcare.els9_arm64.deb
    sha:ce17be258eba3c679c769f62dd483ff0b11e2485
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.