oss-sec mailing list archives
Re: CVE Request - MongoDB <=2.4.4 uninitialized object
From: Moritz Muehlenhoff <jmm () debian org>
Date: Tue, 23 Jul 2013 08:35:50 +0200
On Thu, Jul 18, 2013 at 08:14:39AM -0400, Dan Pasette wrote:
We already requested CVE-2013-2132 for this and it was fixed in version 2.4.5. We announced it on mongodb-announce and have it listed in our alerts page here: http://www.mongodb.org/about/alerts/
http://www.mongodb.org/about/alerts/ now lists CVE-2013-3969 for SERVER-9878. So CVE-2013-4142 should be rejected, then. Cheers, Moritz
Current thread:
- CVE Request - MongoDB <=2.4.4 uninitialized object Florian (Jul 17)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Kurt Seifried (Jul 17)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Dan Pasette (Jul 18)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Moritz Muehlenhoff (Jul 18)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Kurt Seifried (Jul 18)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Kurt Seifried (Jul 26)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Andreas Nilsson (Jul 30)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Dan Pasette (Jul 18)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Moritz Muehlenhoff (Jul 22)
- Re: CVE Request - MongoDB <=2.4.4 uninitialized object Kurt Seifried (Jul 17)
- Re: CVE Request - LibModPlug <=0.8.8.4 multiple heap overflow Kurt Seifried (Aug 07)
- Re: CVE Request - LibModPlug <=0.8.8.4 multiple heap overflow Florian (Aug 07)
- Re: CVE Request - LibModPlug <=0.8.8.4 multiple heap overflow Kurt Seifried (Aug 09)
- Re: CVE Request - LibModPlug <=0.8.8.4 multiple heap overflow Raphael Geissert (Aug 12)