[Git][security-tracker-team/security-tracker][master] Reserve DLA-4438-1 for mongo-c-driver

[Roberto C. Sánchez (@roberto)]

Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
98e9bba3 by Roberto C. Sánchez at 2026-01-14T11:39:23-05:00
Reserve DLA-4438-1 for mongo-c-driver

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22845,7 +22845,6 @@ CVE-2025-12119 (A mongoc_bulk_operation_t may read invalid memory if large optio
 	- mongo-c-driver 2.1.2-1
 	[trixie] - mongo-c-driver 1.30.4-1+deb13u1
 	[bookworm] - mongo-c-driver 1.23.1-1+deb12u2
-	[bullseye] - mongo-c-driver <postponed> (Minor issue)
 	NOTE: https://github.com/mongodb/mongo-c-driver/pull/2132
 CVE-2025-12057 (The WavePlayer WordPress plugin before 3.8.0 does not have authorizati ...)
 	NOT-FOR-US: WordPress plugin


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[14 Jan 2026] DLA-4438-1 mongo-c-driver - security update
+	{CVE-2025-12119}
+	[bullseye] - mongo-c-driver 1.17.6-1+deb11u2
 [14 Jan 2026] DLA-4437-1 gnupg2 - security update
 	{CVE-2025-68973}
 	[bullseye] - gnupg2 2.2.27-2+deb11u3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98e9bba3f94de12df2d5b14f448349ecc02513a0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98e9bba3f94de12df2d5b14f448349ecc02513a0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260114/1fc9cb2a/attachment-0001.htm>