Thanks, we've diagnosed the bug and we're tracking the fix in
https://jira.mongodb.org/browse/CDRIVER-2269 . We'll release the fix
in libbson 1.8.0 next week.
On Sat, Sep 9, 2017 at 11:36 AM, Salvatore Bonaccorso wrote:
> Some debugging information:
>
> ===
Some debugging information:
=
==7414==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61900980
at pc 0x555759b3 bp 0x7fffd9b0 sp 0x7fffd9a8
READ of size 1 at 0x61900980 thread T0
#0 0x555759b2 i
Source: libbson
Version: 1.7.0-1
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for libbson.
CVE-2017-14227[0]:
| In MongoDB libbson 1.7.0, the bson_iter_codewscope function in
| bson-iter.c miscalculates a bson_utf8_validate length argument, which
| al
3 matches
Mail list logo
