[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2026-6691/mongo-c-driver

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 28 20:17:33 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cf478b69 by Salvatore Bonaccorso at 2026-04-28T21:17:20+02:00
Add CVE-2026-6691/mongo-c-driver

- - - - -
1de3a5f8 by Salvatore Bonaccorso at 2026-04-28T21:17:23+02:00
Track CVE-2026-6691 as well for the {trixie,bookworm}-pu updates

See discussion though in #1135124 and #1135125.

- - - - -


3 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -144,6 +144,13 @@ CVE-2024-54012 (Penetration Testing engineers at Amazon discovered a vulnerabili
 	TODO: check
 CVE-2024-54011 (Penetration Testing engineers at Amazon have discovered a flaw where t ...)
 	TODO: check
+CVE-2026-6691
+	- mongo-c-driver 2.2.0-1
+	[trixie] - mongo-c-driver <no-dsa> (Minor issue)
+	[bookworm] - mongo-c-driver <no-dsa> (Minor issue)
+	NOTE: https://jira.mongodb.org/browse/CDRIVER-6134
+	NOTE: https://github.com/mongodb/mongo-c-driver/commit/b4984965877d559862e225beba09cb4e9d4a56a6 (2.2.0)
+	NOTE: https://github.com/mongodb/mongo-c-driver/commit/d9c26f49e75d3de746a690db9c81ff5b4f6e21b0 (2.2.0)
 CVE-2026-23556
 	- xen <unfixed>
 	[trixie] - xen <no-dsa> (Minor issue)


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -292,3 +292,5 @@ CVE-2026-4359
 	[bookworm] - mongo-c-driver 1.23.1-1+deb12u3
 CVE-2025-14911
 	[bookworm] - mongo-c-driver 1.23.1-1+deb12u3
+CVE-2026-6691
+	[bookworm] - mongo-c-driver 1.23.1-1+deb12u3


=====================================
data/next-point-update.txt
=====================================
@@ -338,3 +338,5 @@ CVE-2026-4359
 	[trixie] - mongo-c-driver 1.30.4-1+deb13u2
 CVE-2025-14911
 	[trixie] - mongo-c-driver 1.30.4-1+deb13u2
+CVE-2026-6691
+	[trixie] - mongo-c-driver 1.30.4-1+deb13u2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9d09901df16539cc285c14a07ffb72d069054a9c...1de3a5f88938ffbeb8c35f685d80f257f9aa48bb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9d09901df16539cc285c14a07ffb72d069054a9c...1de3a5f88938ffbeb8c35f685d80f257f9aa48bb
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260428/0d78095e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list