[CLSA-2026:1783341139] Fix CVE(s): CVE-2026-8199
Type:
security
Severity:
Low
Release date:
2026-07-06 12:32:36 UTC
Description:
* SECURITY UPDATE: Denial of service via $bit* match expression with an oversized BinData bitmask - debian/patches/CVE-2026-8199.patch: limit the number of intermediate bit positions a $bitTest expression (bitsAllSet, bitsAllClear, bitsAnySet, bitsAnyClear) accumulates from a BinData mask via the new internalQueryMaxBitTestIntermediatePositions server parameter in BitTestMatchExpression - CVE-2026-8199
CVEs fixed:
Updated packages:
  • mongodb44_4.4.29-1+tuxcare.els11_amd64.deb
    sha:56ebd816c8db4341e1b03d8b1c0c07e0d3b6a691
  • mongodb44-mongos_4.4.29-1+tuxcare.els11_amd64.deb
    sha:ac6e705cc9a34ac3f87be2ed5a4eac195a199bbd
  • mongodb44-server_4.4.29-1+tuxcare.els11_amd64.deb
    sha:d166812a576261e398d3d51d22950189ec3caa96
  • mongodb44-shell_4.4.29-1+tuxcare.els11_amd64.deb
    sha:9493d09d2a6e51077327b414562fdca925fde679
  • mongodb44_4.4.29-1+tuxcare.els11_arm64.deb
    sha:72d9aa5eb9070b9e0b6a111550a38990e54e7772
  • mongodb44-mongos_4.4.29-1+tuxcare.els11_arm64.deb
    sha:aa756022490714e2b52d2a5dd4d01f0e382289d0
  • mongodb44-server_4.4.29-1+tuxcare.els11_arm64.deb
    sha:1d80b0bbe1373f870378c64fbe25b531ef78366f
  • mongodb44-shell_4.4.29-1+tuxcare.els11_arm64.deb
    sha:a1ddb3b6e10aa82091d4dadaf8e73d0e675e742d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.