Bug#704053: unblock: mongodb/2.0.6-1.1

To: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>, <704053@bugs.debian.org>
Subject: Bug#704053: unblock: mongodb/2.0.6-1.1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 27 Mar 2013 13:30:57 +0000
Message-id: <[🔎] 8a81eda7c04b84da069c2a83965811de@mail.adsl.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 704053@bugs.debian.org
In-reply-to: <[🔎] 20130327125322.13923.19576.reportbug@localhost.localdomain>
References: <[🔎] 20130327125322.13923.19576.reportbug@localhost.localdomain>

Control: tags -1 + moreinfo

On 27.03.2013 12:53, John Paul Adrian Glaubitz wrote:

Please unblock package mongodb for t-p-u

Upstream has fixed a critical remote vulnerability, see
CVE-2013-1892 [1]. I have extracted the patches to fix the issue
from upstream and uploaded 2.0.6-1.1 into t-p-u since there
is already a newer upstream version of mongodb in unstable.

It would be good if that had been discussed /before/ it was uploaded.:(

As far as I can tell, the package in unstable is still vulnerable. Isthere a plan for getting that fixed?


Regards,

Adam

Reply to:

Follow-Ups:
- Bug#704053: unblock: mongodb/2.0.6-1.1
  - From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>

References:
- Bug#704053: unblock: mongodb/2.0.6-1.1
  - From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>

Prev by Date: Processed: Re: Bug#704053: unblock: mongodb/2.0.6-1.1
Next by Date: Bug#704053: unblock: mongodb/2.0.6-1.1
Previous by thread: Processed: Re: Bug#704053: unblock: mongodb/2.0.6-1.1
Next by thread: Bug#704053: unblock: mongodb/2.0.6-1.1
Index(es):
- Date
- Thread