Release date:
2026-07-15 15:44:29 UTC
Description:
* SECURITY UPDATE: Incomplete authorization check for the profile command
misclassifies a filter-altering request as read-only
- debian/patches/CVE-2026-25609.patch: consider 'filter' in the profile
command authorization check so that a {profile: -1, filter: ...} request
requires enableProfiler instead of only find on system.profile
- CVE-2026-25609
Updated packages:
-
mongodb44_4.4.29-1+tuxcare.els12_amd64.deb
sha:6ba55a2ac4f6c02ac6447eff5a0f73617bccca43
-
mongodb44-mongos_4.4.29-1+tuxcare.els12_amd64.deb
sha:be7c7bd9e01e32edb472a4d0db7474f6b566a167
-
mongodb44-server_4.4.29-1+tuxcare.els12_amd64.deb
sha:eba93a3b50581f066442dacd433f69b06f558c59
-
mongodb44-shell_4.4.29-1+tuxcare.els12_amd64.deb
sha:41db854d577dda889797cbff71ffd77c435602f6
-
mongodb44_4.4.29-1+tuxcare.els12_arm64.deb
sha:13c684eb4b2a134246b6bb663ddcb7f0cb74d13f
-
mongodb44-mongos_4.4.29-1+tuxcare.els12_arm64.deb
sha:1629962de2b70d459647f883222e8a1e0475213a
-
mongodb44-server_4.4.29-1+tuxcare.els12_arm64.deb
sha:9f274c043be81d1d67c3673d4b90b6b3725ee6c9
-
mongodb44-shell_4.4.29-1+tuxcare.els12_arm64.deb
sha:ff75414d0af993403918c1b70d1753b3d5a1ad5c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.