Release date:
2026-07-10 16:52:28 UTC
Description:
* SECURITY UPDATE: Information disclosure via uninitialized MD5 hash
state returned by filemd5 with partialOk
- debian/patches/CVE-2026-4147.patch: Zero-initialize the md5_state_t
struct in md5_init() in src/mongo/util/md5.cpp so the padding of the
md5state returned by filemd5 partialOk is not leaked
- CVE-2026-4147
Updated packages:
-
mongodb6_6.0.26-1+tuxcare.els14_amd64.deb
sha:0c445100b71856602ec360e8107576d074ab6833
-
mongodb6-mongos_6.0.26-1+tuxcare.els14_amd64.deb
sha:80441c31fc22d496048000679e10619fd2b2f64b
-
mongodb6-server_6.0.26-1+tuxcare.els14_amd64.deb
sha:db475a39cb46dbf11fc7d83e9503575c421af2de
-
mongodb6-shell_6.0.26-1+tuxcare.els14_amd64.deb
sha:f94da8bdcd5d831c3ff5b59f3319ab4893617d7e
-
mongodb6_6.0.26-1+tuxcare.els14_arm64.deb
sha:89dc1626137f5f48bf4d45c9836c84879e9b0669
-
mongodb6-mongos_6.0.26-1+tuxcare.els14_arm64.deb
sha:8c4dd06a9608ca4b9a9940176a7a6cf96a421460
-
mongodb6-server_6.0.26-1+tuxcare.els14_arm64.deb
sha:510a0d1195e50506669ce6b541142ca699413498
-
mongodb6-shell_6.0.26-1+tuxcare.els14_arm64.deb
sha:95156588a278e11db2b2d564db174136548b8b83
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.