Release date:
2026-07-09 10:04:45 UTC
Description:
* SECURITY UPDATE: Use-after-free in bsonObjToArray due to unowned BSON
before array conversion
- debian/patches/CVE-2026-11933.patch: Call getOwned() on the BSON
object in bsonObjToArray before converting it to a JS array
- CVE-2026-11933
Updated packages:
-
mongodb6_6.0.26-1+tuxcare.els11_amd64.deb
sha:354fa2dcd2e84a4fa19ee710240f41cefb7f44de
-
mongodb6-mongos_6.0.26-1+tuxcare.els11_amd64.deb
sha:92dba8603a7afd1905fb9ad6203e32422ab0cf9e
-
mongodb6-server_6.0.26-1+tuxcare.els11_amd64.deb
sha:95e241b5bb032f1bf017536dbac517c368bccdcb
-
mongodb6-shell_6.0.26-1+tuxcare.els11_amd64.deb
sha:924781596776203d22bb1b7e72a44342f28dd7cb
-
mongodb6_6.0.26-1+tuxcare.els11_arm64.deb
sha:97c666664aa372ba7c3e275a350fc1483c70562c
-
mongodb6-mongos_6.0.26-1+tuxcare.els11_arm64.deb
sha:6715bc71d727e808ce345cff0e9cfc0fb9c8d875
-
mongodb6-server_6.0.26-1+tuxcare.els11_arm64.deb
sha:b235dc9579da787caed40c07b4c1cb2b12f57d52
-
mongodb6-shell_6.0.26-1+tuxcare.els11_arm64.deb
sha:78ac2787b2a575c635ba82201f6782bc7972577e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.