[CLSA-2026:1776079275] Fix CVE(s): CVE-2025-3085

Type:

security

Severity:

Critical

Release date:

2026-04-13 11:21:19 UTC

Description:

   * SECURITY UPDATE: CRL validation only checked leaf certificate
     - debian/patches/CVE-2025-3085.patch: add X509_V_FLAG_CRL_CHECK_ALL flag
       in _setupCRL() to validate entire certificate chain against CRL, not
       just the leaf certificate. Simplify CRL import log message.
     - CVE-2025-3085

Updated packages:

mongodb42_4.2.25-1+tuxcare.els4_amd64.deb
sha:106c909b2c4efc09dd44e9925d53248872bbf343
mongodb42-mongos_4.2.25-1+tuxcare.els4_amd64.deb
sha:bd5756bb8c3fed3f10eca49d6fdef92899f8e81a
mongodb42-server_4.2.25-1+tuxcare.els4_amd64.deb
sha:ad0a6412739d3e581876d1766376c58495a4526d
mongodb42-shell_4.2.25-1+tuxcare.els4_amd64.deb
sha:783ce74b2804f657df323b2dd7ea810e14d6127d
mongodb42_4.2.25-1+tuxcare.els4_arm64.deb
sha:fce703f86271ede96d21cd5619f68aa83cb36b99
mongodb42-mongos_4.2.25-1+tuxcare.els4_arm64.deb
sha:3add2ae2f3caa0057c3ef94f37ff59b61a2b75e7
mongodb42-server_4.2.25-1+tuxcare.els4_arm64.deb
sha:f0f579977100e4cc473d63c5b5494ee546ba7d56
mongodb42-shell_4.2.25-1+tuxcare.els4_arm64.deb
sha:5e89b0fbf5317de05a302c2b902d18d510412f31

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.