Release date:
2026-07-10 12:46:48 UTC
Description:
* SECURITY UPDATE: Use-after-free in bsonObjToArray due to unowned BSON
before array conversion
- debian/patches/CVE-2026-11933.patch: Call getOwned() on the BSON
object in bsonObjToArray before converting it to a JS array
- CVE-2026-11933
Updated packages:
-
mongodb6_6.0.26-1+tuxcare.els11_amd64.deb
sha:87ffa3bdb21418e515a46055d326a4ae79bb20c9
-
mongodb6-mongos_6.0.26-1+tuxcare.els11_amd64.deb
sha:35f907c3c3088b2a8acca8d5a0161a872875793f
-
mongodb6-server_6.0.26-1+tuxcare.els11_amd64.deb
sha:d1c779ff4074210d81b3bf2927acc444a6e5ec52
-
mongodb6-shell_6.0.26-1+tuxcare.els11_amd64.deb
sha:8e19a056ad6517bcda02286dd7ee65a94b0bb048
-
mongodb6_6.0.26-1+tuxcare.els11_arm64.deb
sha:47db7fcb7b1112ce73974573fa89f1f8c37789a9
-
mongodb6-mongos_6.0.26-1+tuxcare.els11_arm64.deb
sha:162463ff7f06c6aaf74f135cd91809490887c753
-
mongodb6-server_6.0.26-1+tuxcare.els11_arm64.deb
sha:639bc2c79058e8b3a9735080db954a66ccdc175e
-
mongodb6-shell_6.0.26-1+tuxcare.els11_arm64.deb
sha:a52faec7a0a7abc746f5637231d2e17d66849242
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.