-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Apr 2025 16:28:00 -0400
Source: mongo-c-driver
Binary: libbson-1.0-0 libbson-1.0-0-dbgsym libbson-dev libmongoc-1.0-0 libmongoc-1.0-0-dbgsym libmongoc-dev
Architecture: armhf
Version: 1.23.1-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-05) <buildd_arm64-arm-ubc-05@buildd.debian.org>
Changed-By: Roberto C. Sanchez <roberto@connexer.com>
Description:
 libbson-1.0-0 - Library to parse and generate BSON documents - runtime files
 libbson-dev - Library to parse and generate BSON documents - dev files
 libmongoc-1.0-0 - MongoDB C client library - runtime files
 libmongoc-dev - MongoDB C client library - dev files
Changes:
 mongo-c-driver (1.23.1-1+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-0437: When calling bson_utf8_validate on some inputs a loop
     with an exit condition that cannot be reached may occur, i.e. an infinite
     loop.
   * Fix CVE-2024-6381: The bson_strfreev function in the MongoDB C driver
     library may be susceptible to an integer overflow where the function will
     try to free memory at a negative offset. This may result in memory
     corruption.
   * Fix CVE-2024-6383: The bson_string_append function in MongoDB C Driver may
     be vulnerable to a buffer overflow where the function might attempt to
     allocate too small of buffer and may lead to memory corruption of
     neighbouring heap memory.
   * Fix CVE-2025-0755: The various bson_append functions in the MongoDB C
     driver library may be susceptible to buffer overflow when performing
     operations that could result in a final BSON document which exceeds the
     maximum allowable size (INT32_MAX), resulting in a segmentation fault and
     possible application crash.
Checksums-Sha1:
 5feeb5c4c967a36e08eb0c8b992619b347a47d92 224344 libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_armhf.deb
 e8c810706a6cc4c7cc102d6995187ee4dd10de18 70352 libbson-1.0-0_1.23.1-1+deb12u1_armhf.deb
 4cee2c87336e78ff3c919da7a1a2d0b69445b9c8 123648 libbson-dev_1.23.1-1+deb12u1_armhf.deb
 2de625064fe87cc810e4518d5df9d5250c2d74e7 1210196 libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_armhf.deb
 6e2ffa891f8923227977f63f9e5f3eb715765d44 276932 libmongoc-1.0-0_1.23.1-1+deb12u1_armhf.deb
 c9422bfcf31cefdf895234fbc8744649cfae2c41 348972 libmongoc-dev_1.23.1-1+deb12u1_armhf.deb
 471df23f0b79d21d0df502570941bc6cce632d14 10026 mongo-c-driver_1.23.1-1+deb12u1_armhf-buildd.buildinfo
Checksums-Sha256:
 db22d30be9294b3825efe4a1878a66df66faa890c00ba0f1ee9e270217d9c0c7 224344 libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_armhf.deb
 7c559053d3472131b6c3cda82a63dbcaaa6fcdea4d768946584a358cb96d1720 70352 libbson-1.0-0_1.23.1-1+deb12u1_armhf.deb
 f9f687f78f8f276eb2fa2891938c5a9a76980a23c1229afbf0a9fdfca2cbde1f 123648 libbson-dev_1.23.1-1+deb12u1_armhf.deb
 7574e6040e04747752ab0c48561006e951a2d1ba45effac5e39ad8657fed5c5f 1210196 libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_armhf.deb
 ab608b34e661a5359219271d8e6ceeba9366c3a0763ca248b9a372c12dd32dba 276932 libmongoc-1.0-0_1.23.1-1+deb12u1_armhf.deb
 2188f3abd2983a9f5c52d9c9be68b0f6fc6b7a376133a8fc891a6e5f2ee32361 348972 libmongoc-dev_1.23.1-1+deb12u1_armhf.deb
 b3cc4c2f2bcee17466a35cc39ce806a0c36ae8471b7128d92a108929714713c9 10026 mongo-c-driver_1.23.1-1+deb12u1_armhf-buildd.buildinfo
Files:
 830c8abd0aa1907f0650c7a47848127e 224344 debug optional libbson-1.0-0-dbgsym_1.23.1-1+deb12u1_armhf.deb
 83c4d72ac96700799a6fade66d80e3d6 70352 libs optional libbson-1.0-0_1.23.1-1+deb12u1_armhf.deb
 40471e3dc70f30da0a03b1e64e07c5bc 123648 libdevel optional libbson-dev_1.23.1-1+deb12u1_armhf.deb
 d42d536a2962437de212c6b616d169fe 1210196 debug optional libmongoc-1.0-0-dbgsym_1.23.1-1+deb12u1_armhf.deb
 417238824e9881af5ae7126dabb119e7 276932 libs optional libmongoc-1.0-0_1.23.1-1+deb12u1_armhf.deb
 e660538831599eb435d7f8027c9910fa 348972 libdevel optional libmongoc-dev_1.23.1-1+deb12u1_armhf.deb
 4583fd8adb2a5b40d75aaf9ac3688a5f 10026 libs optional mongo-c-driver_1.23.1-1+deb12u1_armhf-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmbvtGd+QaAE2Bi5fsFgOvjtRcdMFAmgNLu8ACgkQsFgOvjtR
cdOXkA//VPSHdmcX+tR0cGwqWmdsazYVrVw4852fiT9OLx7Esu51HwZUOEmwXSyL
RUeJLmEXRFsQC2vrqTXBXdiKuS3cYbb1sbQauDqztmcTHwIvD5EYCqk5R0QV4yxN
ag1cye55jIeQwkABbjmlOZ4bNkOM0CgyGN9kEzM1hLvh4qYRVwHgD6F3IdhbamTR
qJ61G1ZURfraSRs4GSM/nIaK4pGsoR2P9YZLIu5eqQqixF3YapjGZv1PU4Z1ubWE
QLzz/ZvxUqU+SCLtopNw30tRegQ4tV3qgfoktE77tfWlq2Hpf6ce9Qb/c1IqXv/P
4z65+kTgMMLWjs1oD1bmxx4Aa4Ai4+93b0ri7yI+6/k+GCq3XyFg74GKU10USBf6
NyM3a0H/r/ptsqqSYDKok99gdfHFeAVdriRHfRDO7jQReNEBRL01qkxD0ocfZtLz
/FDQlgp/z+D7TayWErCHJl74Y5+spBbRg4kaK+1I17nVt8d4E27e88IUvh7tXQD9
HntNblzxO1hNTHakvl09Tf0982ZcB6Ma4qjVx8erPTFYSyoP/W4UWXwPBHFKSwXf
Qnf7EsDv8HEBAtLzgOgkk9lmlknIFMj0aRWfX/bWMotXLyxxaM+PyJStaSVRfUdT
H+qRjfyDHdsz1qcG5awwlg61fLcQtl42K/yMfWo/06NLDEC0xZQ=
=LKOH
-----END PGP SIGNATURE-----