[SECURITY] Fedora 17 Update: mongodb-2.2.3-4.fc17
updates at fedoraproject.org
updates at fedoraproject.org
Sun Apr 7 00:43:31 UTC 2013
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-4531
2013-03-29 00:54:12
--------------------------------------------------------------------------------
Name : mongodb
Product : Fedora 17
Version : 2.2.3
Release : 4.fc17
URL : http://www.mongodb.org
Summary : High-performance, schema-free document-oriented database
Description :
Mongo (from "humongous") is a high-performance, open source, schema-free
document-oriented database. MongoDB is written in C++ and offers the following
features:
* Collection oriented storage: easy storage of object/JSON-style data
* Dynamic queries
* Full index support, including on inner objects and embedded arrays
* Query profiling
* Replication and fail-over support
* Efficient storage of binary data including large objects (e.g. photos
and videos)
* Auto-sharding for cloud-level scalability (currently in early alpha)
* Commercial Support Available
A key goal of MongoDB is to bridge the gap between key/value stores (which are
fast and highly scalable) and traditional RDBMS systems (which are deep in
functionality).
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2013-1892
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 27 2013 Troy Dawson <tdawson at redhat.com> - 2.2.3-4
- Fix for CVE-2013-1892
* Sun Feb 10 2013 Denis Arnaud <denis.arnaud_fedora at m4x.org> - 2.2.3-3
- Rebuild for Boost-1.53.0
* Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora at m4x.org> - 2.2.3-2
- Rebuild for Boost-1.53.0
* Tue Feb 5 2013 Troy Dawson <tdawson at redhat.com> - 2.2.3-1
- Update to version 2.2.3
* Mon Jan 7 2013 Troy Dawson <tdawson at redhat.com> - 2.2.2-2
- remove duplicate headers (#886064)
* Wed Dec 5 2012 Troy Dawson <tdawson at redhat.com> - 2.2.2-1
- Updated to version 2.2.2
* Tue Nov 27 2012 Troy Dawson <tdawson at redhat.com> - 2.2.1-3
- Add ssl build option
- Using the reserved mongod UID for the useradd
- mongod man page in server package (#880351)
- added optional MONGODB_OPTIONS to init script
* Wed Oct 31 2012 Nathaniel McCallum <nathaniel at natemccallum.com> - 2.2.1-2
- Make sure build and install flags are the same
- Actually remove the js patch file
* Wed Oct 31 2012 Nathaniel McCallum <nathaniel at natemccallum.com> - 2.2.1-1
- Remove fork fix patch (fixed upstream)
- Remove pcre patch (fixed upstream)
- Remove mozjs patch (now using v8 upstream)
- Update to 2.2.1
* Tue Oct 2 2012 Troy Dawson <tdawson at redhat.com> - 2.2.0-6
- full flag patch to get 32 bit builds to work
* Tue Oct 2 2012 Troy Dawson <tdawson at redhat.com> - 2.2.0-5
- shared libraries patch
- Fix up minor %files issues
* Fri Sep 28 2012 Troy Dawson <tdawson at redhat.com> - 2.2.0-4
- Fix spec files problems
* Fri Sep 28 2012 Troy Dawson <tdawson at redhat.com> - 2.2.0-3
- Updated patch to use system libraries
- Update init script to use a pidfile
* Thu Sep 27 2012 Troy Dawson <tdawson at redhat.com> - 2.2.0-2
- Added patch to use system libraries
* Wed Sep 19 2012 Troy Dawson <tdawson at redhat.com> - 2.2.0-1
- Updated to 2.2.0
- Updated patches that were still needed
- use v8 instead of spider_monkey due to bundled library issues
* Tue Aug 21 2012 Nathaniel McCallum <nathaniel at natemccallum.com> - 2.0.7-1
- Update to 2.0.7
- Don't patch for boost-filesystem version 3 on EL6
* Mon Aug 13 2012 Nathaniel McCallum <nathaniel at natemccallum.com> - 2.0.6-3
- Remove EL5 support
- Add patch to use boost-filesystem version 3
* Wed Aug 1 2012 Nathaniel McCallum <nathaniel at natemccallum.com> - 2.0.6-2
- Don't apply fix-xtime patch on EL5
* Wed Aug 1 2012 Nathaniel McCallum <nathaniel at natemccallum.com> - 2.0.6-1
- Update to 2.0.6
- Update no-term patch
- Add fix-xtime patch for new boost
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Apr 17 2012 Nathaniel McCallum <nathaniel at natemccallum.com> - 2.0.4-1
- Update to 2.0.4
- Remove oldpython patch (fixed upstream)
- Remove snappy patch (fixed upstream)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #928193 - CVE-2013-1892 MongoDB: Server Side JavaScript Includes allow Remote Code Execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=928193
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mongodb' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list