-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3832-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès June 17, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : pymongo Version : 3.7.1-1.1+deb10u1 CVE ID : CVE-2024-5629 An out-of-bounds read in the 'bson' module allowed deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory. For Debian 10 buster, this problem has been fixed in version 3.7.1-1.1+deb10u1. We recommend that you upgrade your pymongo packages. For the detailed security status of pymongo please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pymongo Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmZwIYsRHHJvdWNhQGRl Ymlhbi5vcmcACgkQADoaLapBCF+DpBAAghm8McmZjTlWyOKExpE8u0tGdyvkctO1 952YPy/RxqQWfYNcutJ0Nsimqj/8AbUJy6/E4t5tD+tLSU5+7PGxbBBtgsyGaG7a UVVlhAtuLm4qquONmZbW4bUR8vO4PFTOnWcCyBLmqigsiHoOZotQUm2EqbWgLHxo 63raFYaox3q/ZRl5UrTrtAGpP3iYBLKLPEZeS+Ay8e8Ug+IfqrNuakT9DFAOGTiJ cPjTrCmOnJ16+2dn4E/zhAMq4jBMcCLvT9042gKot7Hi5lmuyWdYNwATKlkau1y7 ghP5FxAMnxwJyTBi9zqPPBfyE+F8JdYHrbAlEwzDuLB75Gc7tjWfzQ0l29nn9hfa kiBky/uo39YZ3FC7hTA8mqK14gtjDB0JVD4I7+jEsOxX6+uJsadxamvHiZNkaxA/ oVyZ8Z06SS7JGU1uEKdj9bCqH/cz5FAADA5a705RuXgujP0jkczs86HAxCDJnSNX KQ2xQXJyiRiKikMadm1PUsjEx4eM73rBrIVlSvwam+LQi1SYWTgQ2NkwHRFF3pAx wMZdMFANhqszol7A7rebrQFivlL0m9ZNxw4EApM+uopw6AIEUEhGk2HPtX5wST+w bKHsOM2kXkB2iKa6V8LAfIANxY8+g+nbm5aFu+FgvCo9gL7VQx01NzOtRVIr3ML1 gK3/YoOlZds= =Ip7j -----END PGP SIGNATURE-----
