[Buildroot] [git commit branch/2020.02.x] package/mongodb: security bump to version 4.0.19
Peter Korsgaard
peter at korsgaard.com
Wed Jul 22 08:11:39 UTC 2020
commit: https://git.buildroot.net/buildroot/commit/?id=5c6cdcf4a56ec122b6fb5f3f49e8fe31ed26f189
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2020.02.x
Fixes the following security vulnerabilities:
- CVE-2020-7921: (4.0.15) Improper serialization of internal state in the
authorization subsystem in MongoDB Server's authorization subsystem
permits a user with valid credentials to bypass IP whitelisting protection
mechanisms following administrative action.
Plus a number of other bugfixes. For details, see the release notes:
https://docs.mongodb.com/manual/release-notes/4.0/
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/mongodb/mongodb.hash | 2 +-
package/mongodb/mongodb.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/mongodb/mongodb.hash b/package/mongodb/mongodb.hash
index f08ffffe3b..ba2181a1f7 100644
--- a/package/mongodb/mongodb.hash
+++ b/package/mongodb/mongodb.hash
@@ -1,4 +1,4 @@
# Locally computed:
-sha256 b39c5b7bb77a547804ab6f43f9b5f09add47574356b31512fd1cc641a08b4ea5 mongodb-r4.0.12.tar.gz
+sha256 fadfb81400a1b5d86d01943690064404856aaf1b050f4b56eb74811cadffdcef mongodb-r4.0.19.tar.gz
sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30 APACHE-2.0.txt
sha256 09d99ca61eb07873d5334077acba22c33e7f7d0a9fa08c92734e0ac8430d6e27 LICENSE-Community.txt
diff --git a/package/mongodb/mongodb.mk b/package/mongodb/mongodb.mk
index 22ca920e12..31ea972b8c 100644
--- a/package/mongodb/mongodb.mk
+++ b/package/mongodb/mongodb.mk
@@ -4,7 +4,7 @@
#
################################################################################
-MONGODB_VERSION_BASE = 4.0.12
+MONGODB_VERSION_BASE = 4.0.19
MONGODB_VERSION = r$(MONGODB_VERSION_BASE)
MONGODB_SITE = $(call github,mongodb,mongo,$(MONGODB_VERSION))
More information about the buildroot
mailing list