A vulnerability in MongoDB can lead to a Denial of Service condition.
|Package||dev-db/mongodb on all architectures|
|Affected versions||< 2.4.13|
|Unaffected versions||>= 2.4.13|
MongoDB (from “humongous”) is a scalable, high-performance, open source, schema-free, document-oriented database.
MongoDB’s ‘mongod’ server fails to validate some cases of malformed BSON.
A remote attacker could send a specially crafted BSON request possibly resulting in a Denial of Service condition.
There is no known workaround at this time.
All MongoDB users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mongodb-2.4.13"
November 20, 2016
November 20, 2016: 1